Bloby / laravel-jwt-auth by Bloby

A simple Laravel interface for authenticating by JWT.
26
0
1
auth laravel jwt
Github Link
Packagist Link
Package Data
Maintainer Username: Bloby
Package Create Date: 2017-08-15
Package Last Update: 2017-08-31
Language: PHP
License: MIT
Last Refreshed: 2024-11-23 03:02:17
Package Statistics
Total Downloads: 26
Monthly Downloads: 0
Daily Downloads: 0
Total Stars: 0
Total Watchers: 1
Total Forks: 0
Total Open Issues: 0

laravel-jwt-auth

NOTE: This package is no longer in active development. Feel free to fork and extend it as needed.

A simple Laravel interface for interacting with the JWT auth API.

Installation

To install the package, simply add the following to your Laravel installation's composer.json file:

"require": {
	"laravel/framework": "5.*",
	"blob/laravel-jwt-auth": "dev-master"
},

Run composer update to pull in the files.

Then, add the following Service Provider to your providers array in your config/app.php file:

'providers' => [
	...
    JWTAuth\Providers\JWTAuthServiceProvider::class,
    JWTAuth\Providers\JWTEventServiceProvider::class,
];

Then, add the following Facade to your aliases array in your config/app.php file:

'aliases' => [
    ...
    'JWTAuth' => JWTAuth\Facades\JWTAuth::class,
];

Then, add the following Middleware to your routeMiddleware array in your app/Http/Kernel.php file:

protected $routeMiddleware = [
    ...
    'jwt.auth' => \JWTAuth\Http\Middleware\JWTAuth::class,
    'jwt.auth.acl' => \JWTAuth\Http\Middleware\JWTAuthAcl::class,
];

From the command-line run: php artisan vendor:publish --provider="JWTAuth\Providers\JWTAuthServiceProvider"

Configuration

Open config/jwt.php and configure the api endpoint and credentials:

return [
    'username' => 'email',
    'secret' => 'secret_change_me',//32 length
    'token_header' => 'Authorization',
    //post, get, ...
    'token_name' => 'token',
    //ex: example.com
    'iss' => 'iss_change_me',
    //ex: my_app_name
    'aud' => 'aud_change_me',
    //token expiration
    'expiration' => 3600,//sec
    'store' => 'file',
    //count of attempt fails by credentials
    'attempts' => 5,
    //block user on *min, if count of attempts not remain
    'attempts_exp' => 60, //min
];

Usage

Authenticate by credentials

try
{
    $credentials = $request->only(['email', 'password']);
    
    if (!JWTAuth::attempt($credentials)) {
        return response()->json(['reason' => 'user_not_found', 'message' => 'User with provided credentials not found.'], 404);
    }
}
catch (AttemptException $e)
{
    return response()->json(['reason' => 'attempt_locked', 'message' => $e->getMessage()], $e->getStatusCode());
}
catch (TokenUnavailableException $e)
{
    return response()->json(['reason' => 'token_unavailable', 'message' => $e->getMessage()], $e->getStatusCode());
}
catch (TokenExpiredException $e)
{
    return response()->json(['reason' => 'token_expired', 'message' => $e->getMessage()], $e->getStatusCode());
}
catch (TokenInvalidException $e)
{
    return response()->json(['reason' => 'token_invalid', 'message' => $e->getMessage()], $e->getStatusCode());
}
catch (JWTException $e)
{
    return response()->json(['reason' => 'token_not_provided', 'message' => $e->getMessage()], $e->getStatusCode());
}

Authenticate by token

try
{
    JWTAuth::validateToken(JWTAuth::getToken());
    
    if (!JWTAuth::attempt()) {
        return response()->json(['reason' => 'user_not_found', 'message' => 'User with provided credentials not found.'], 404);
    }
}
catch (AttemptException $e)
{
    return response()->json(['reason' => 'attempt_locked', 'message' => $e->getMessage()], $e->getStatusCode());
}
catch (TokenUnavailableException $e)
{
    return response()->json(['reason' => 'token_unavailable', 'message' => $e->getMessage()], $e->getStatusCode());
}
catch (TokenExpiredException $e)
{
    return response()->json(['reason' => 'token_expired', 'message' => $e->getMessage()], $e->getStatusCode());
}
catch (TokenInvalidException $e)
{
    return response()->json(['reason' => 'token_invalid', 'message' => $e->getMessage()], $e->getStatusCode());
}
catch (JWTException $e)
{
    return response()->json(['reason' => 'token_not_provided', 'message' => $e->getMessage()], $e->getStatusCode());
}

Get user will be return \App\User object after calling attempt() method.

$user = JWTAuth::user();

Create and get new token. Where $user is instance of \App\User.

$tokenObject = JWTAuth::createToken($user);

Get token object from string.

$tokenObject = JWTAuth::parseToken($token);

Method getToken() will search token in headers or request data.

Get token as string

$tokenString = (string)JWTAuth::getToken();

Get token as object (\Lcobucci\JWT\Token)

$tokenObject = JWTAuth::getToken();

Mark token as unavailable. Where $token is instance of \Lcobucci\JWT\Token.

JWTAuth::forgetToken($token);

Validate token. Where $token is instance of \Lcobucci\JWT\Token

try
{
    JWTAuth::validateToken($token)
}
catch(
/**
 * @throws \JWTAuth\Exceptions\TokenExpiredException
 * @throws \JWTAuth\Exceptions\TokenInvalidException
 * @throws \JWTAuth\Exceptions\TokenUnavailableException
 */
)
{
}

Set username field name instead config default email

JWTAuth::setUsername('login');

Get current username field name

$username = JWTAuth::username();

Get user (\App\User) by credentials

$user = JWTAuth::retrieveByCredentials($credentials);

Get user (\App\User) by token (\Lcobucci\JWT\Token)

$user = JWTAuth::retrieveByJWT($token);

Login user. Where $user is instance of \App\User

login($user);