Starting: 1st of Every Month 
+91 8409492687 
Contact@DevOpsSchool.com
JWT (JSON WEB TOKEN)
JSON Web Token (JWT) is an open standard that allows two parties to securely send data and information as JSON objects. This information can be verified and trusted because it is digitally signed. It is a Token format standardized by the IETF organization.
JWT authentication has added the wider adoption of stateless API services. It makes it convenient to authorise and verify clients accessing API resources. It is a critical part of the authentication system in javascript powered applications.
To Install JWT in your Laravel Project, Just Follow the Below Steps :-
Step 1. Install via composer
Run the following command to pull in the latest version:
composer require tymon/jwt-authStep 2. Add service provider ( Laravel 5.4 or below )
Add the service provider to the providers array in the config/app.php config file as follows:
| 'providers' => [ | |
| ... | |
| Tymon\JWTAuth\Providers\LaravelServiceProvider::class, | |
| ] |
by Step 3. Publish the config
Run the following command to publish the package config file:
php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"You should now have a config/jwt.php file that allows you to configure the basics of this package.
Step 4. Generate secret key
I have included a helper command to generate a key for you:
php artisan jwt:secretThis will update your .env file with something like JWT_SECRET=foobar
It is the key that will be used to sign your tokens. How that happens exactly will depend on the algorithm that you choose to use.
Step 5. Bootstrap file changes.
Add the following snippet to the bootstrap/app.php file under the providers section as follows:
// Add this line
$app->register(App\Providers\AuthServiceProvider::class);Step 6. Re-Generate secret key
I have included a helper command to generate a key for you:
php artisan jwt:secretThis will update your .env file with something like JWT_SECRET=foobar
It is the key that will be used to sign your tokens. How that happens exactly will depend on the algorithm that you choose to use.
Step 7. Update your User model
Firstly you need to implement the Tymon\JWTAuth\Contracts\JWTSubject contract on your User model, which requires that you implement the 2 methods getJWTIdentifier() and getJWTCustomClaims().
The example below should give you an idea of how this could look. Obviously you should make any changes, as necessary, to suit your own needs.
| <?php | |
| namespace App; | |
| use Tymon\JWTAuth\Contracts\JWTSubject; | |
| use Illuminate\Notifications\Notifiable; | |
| use Illuminate\Foundation\Auth\User as Authenticatable; | |
| class User extends Authenticatable implements JWTSubject | |
| { | |
| use Notifiable; | |
| // Rest omitted for brevity | |
| /** | |
| * Get the identifier that will be stored in the subject claim of the JWT. | |
| * | |
| * @return mixed | |
| */ | |
| public function getJWTIdentifier() | |
| { | |
| return $this->getKey(); | |
| } | |
| /** | |
| * Return a key value array, containing any custom claims to be added to the JWT. | |
| * | |
| * @return array | |
| */ | |
| public function getJWTCustomClaims() | |
| { | |
| return []; | |
| } | |
| } |
Step 8. Configure Auth guard
Note: This will only work if you are using Laravel 5.2 and above.
Inside the config/auth.php file you will need to make a few changes to configure Laravel to use the jwt guard to power your application authentication.
Make the following changes to the file:
| 'defaults' => [ | |
| 'guard' => 'api', | |
| 'passwords' => 'users', | |
| ], | |
| ... | |
| 'guards' => [ | |
| 'api' => [ | |
| 'driver' => 'jwt', | |
| 'provider' => 'users', | |
| ], | |
| ], |
Here we are telling the api guard to use the jwt driver, and we are setting the api guard as the default.
We can now use Laravelβs built in Auth system, with jwt-auth doing the work behind the scenes!
Step 9. Add some basic authentication routes
First letβs add some routes in routes/api.php as follows:
| Route::group([ | |
| 'middleware' => 'api', | |
| 'prefix' => 'auth' | |
| ], function ($router) { | |
| Route::post('login', 'AuthController@login'); | |
| Route::post('logout', 'AuthController@logout'); | |
| Route::post('refresh', 'AuthController@refresh'); | |
| Route::post('me', 'AuthController@me'); | |
| }); |
Step 10. Create the AuthController
Then create the AuthController, either manually or by running the artisan command:
php artisan make:controller AuthControllerThen add the following:
| <?php | |
| namespace App\Http\Controllers; | |
| use Illuminate\Support\Facades\Auth; | |
| use App\Http\Controllers\Controller; | |
| class AuthController extends Controller | |
| { | |
| /** | |
| * Create a new AuthController instance. | |
| * | |
| * @return void | |
| */ | |
| public function __construct() | |
| { | |
| $this->middleware('auth:api', ['except' => ['login']]); | |
| } | |
| /** | |
| * Get a JWT via given credentials. | |
| * | |
| * @return \Illuminate\Http\JsonResponse | |
| */ | |
| public function login() | |
| { | |
| $credentials = request(['email', 'password']); | |
| if (! $token = auth()->attempt($credentials)) { | |
| return response()->json(['error' => 'Unauthorized'], 401); | |
| } | |
| return $this->respondWithToken($token); | |
| } | |
| /** | |
| * Get the authenticated User. | |
| * | |
| * @return \Illuminate\Http\JsonResponse | |
| */ | |
| public function me() | |
| { | |
| return response()->json(auth()->user()); | |
| } | |
| /** | |
| * Log the user out (Invalidate the token). | |
| * | |
| * @return \Illuminate\Http\JsonResponse | |
| */ | |
| public function logout() | |
| { | |
| auth()->logout(); | |
| return response()->json(['message' => 'Successfully logged out']); | |
| } | |
| /** | |
| * Refresh a token. | |
| * | |
| * @return \Illuminate\Http\JsonResponse | |
| */ | |
| public function refresh() | |
| { | |
| return $this->respondWithToken(auth()->refresh()); | |
| } | |
| /** | |
| * Get the token array structure. | |
| * | |
| * @param string $token | |
| * | |
| * @return \Illuminate\Http\JsonResponse | |
| */ | |
| protected function respondWithToken($token) | |
| { | |
| return response()->json([ | |
| 'access_token' => $token, | |
| 'token_type' => 'bearer', | |
| 'expires_in' => auth()->factory()->getTTL() * 60 | |
| ]); | |
| } | |
| } |
All Done.
Now you can test API Login/Register with Postman.
Keep Coding 
With MotoShare.in, you can book a bike instantly, enjoy doorstep delivery, and ride without worries. Perfect for travelers, professionals, and adventure enthusiasts looking for a seamless mobility solution.
