/jwt-auth

Simple JSON Web Token Authentication for Laravel

Primary LanguagePHP

Simple JSON Web Token Authentication

1. Instalation

composer require aikrof/jwt-auth

2. Add service provider

Add the service provider to the providers array in the config/app.php config file:

'providers' => [
    ...
    Aikrof\JwtAuth\Providers\JwtServiceProvider::class,
    ...
],

3. Publish the config file

php artisan vendor:publish --provider="Aikrof\JwtAuth\Providers\JwtServiceProvider"

This command will be create config/jwt.php file with basics configure.

4. Migrate table

Create table where will be stored invalid tokens.

php artisan migrate

5. Generate secret and refresh keys

php artisan create:secret

This command will create JWT_SECRET_KEY and JWT_REFRESH_KEY in your .env file.

6. Configure Auth guard

Inside the config/auth.php file change:

    'defaults' => [
        'guard' => 'api',
        'passwords' => 'users',
    ],
    ...
    'guards' => [
        ...
        'api' => [
            'driver' => 'jwt',
            'provider' => 'users',
        ],
    ],

Set api guard as the default and add jwt driver to api guard

7. Update your User model

Add trait to your User model:
1)Implement the Aikrof\JwtAuth\JwtCreator
2)Then add trait use JwtCreator

namespace App;

use Illuminate\Notifications\Notifiable;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Aikrof\JwtAuth\JwtCreator;

class User extends Authenticatable
{
    use JwtCreator, Notifiable;
    
    ....
}

8. Usage

1)Set tokens time to live
1. Set token time to live

By default token time to live (ttl) is 1 week, you can change ttl in config/jwt.php file or when create new token:

Auth::user()->setTtl(2);

Example sets token time to live by 2 minutes.
setTtl() -takes parameter in minutes.

1. Set refresh token time to live

By default refresh token time to live is token ttl * 2, you can change refreshTtl in config/jwt.php file or when create new token:

Auth::user()->setRefreshTtl(4);

Example sets token time to live by 4 minutes.
setRefreshTtl() -takes parameter in minutes.

2)Create JWT token and refresh token
Auth::token();

Or with setTtl() or setRefreshTtl()

Auth::user()->setTtl(2)->setRefreshTtl()->token();

Will be returned array with this fields:

[
    'token' => '...',
    'refresh' => '...'
]
3)Get tokens time to live
1. To get token time to live in minutes
Auth::user()->getTtl();

To get token time to live in UNIX timestamp

Auth::user()->getExpTtl();
2. To get refresh token time to live in minutes
Auth::user()->getRefreshTtl();

To get refresh token time to live in UNIX timestamp

Auth::user()->getRefreshExpTtl();
4)Logout user

Log the user out - which will invalidate the current token and unset the authenticated user.

Auth::logout();
5)Refresh JWT tokens

Refresh a token, which invalidates the current one and returned new token and refresh token.

Auth::refresh();

If jwt token was invalid or have invalid data then will be returned null.