PHP code example of iqbalatma / laravel-jwt-authentication
1. Go to this page and download the library: Download iqbalatma/laravel-jwt-authentication library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
iqbalatma / laravel-jwt-authentication example snippets
/*
|--------------------------------------------------------------------------
| JWT Sign in Algorithm
|--------------------------------------------------------------------------
|
| Algorithm for sign jwt token. This token is using encoder and decoder from
| https://github.com/firebase/php-jwt
|
*/
'algo' => env('JWT_ALGO', 'HS256'),
/*
|--------------------------------------------------------------------------
| JWT Private Key
|--------------------------------------------------------------------------
|
| This private key use for first priority of encoding and decoding jwt (signing)
| so if this key (private key) and (public key) exists, jwt will sign using
| this key pairs as first priority. If this key pairs does not exist, sign jwt will
| using jwt secret. If secret does not exist it will throw an error
|
*/
"jwt_private_key" => env("JWT_PRIVATE_KEY", null),
/*
|--------------------------------------------------------------------------
| JWT Public Key
|--------------------------------------------------------------------------
|
| This public key is part of key pairs for signing jwt token.
|
*/
"jwt_public_key" => env("JWT_PUBLIC_KEY", null),
/*
|--------------------------------------------------------------------------
| JWT Passphrase
|--------------------------------------------------------------------------
|
| This is passphrase use to get jwt private key that translate the key
| using this passphrase
|
*/
"jwt_passphrase" => env("JWT_PASSPHRASE", null),
/*
|--------------------------------------------------------------------------
| Secret
|--------------------------------------------------------------------------
|
| This is secret that used for encoding jwt. This secret use to validate signature
| Do not expose this jwt secret
|
*/
'secret' => env('JWT_SECRET', null),
/*
|--------------------------------------------------------------------------
| Access Token TTL
|--------------------------------------------------------------------------
|
| This is TTL (Time To Life) for access token. When token is expired, the token
| is already invalid. Access token using to access protected resource.
| Middleware that can accept this token is auth.jwt:access
|
*/
'access_token_ttl' => env('JWT_TTL', 60 * 60),
/*
|--------------------------------------------------------------------------
| Refresh Token TTL
|--------------------------------------------------------------------------
|
| This is TTL (Time To Life) for refresh token. When token is expired, the token
| is already invalid. Refresh token using to regenerate access token and refresh token
| and revoke previous access token and refresh token.
| Middleware that can accept this token is auth.jwt:refresh
|
*/
'refresh_token_ttl' => env('JWT_REFRESH_TTL', 60 * 60 * 24 * 7),
use Iqbalatma\LaravelJwtAuthentication\Interfaces\JWTSubject;
class User extends Authenticatable implements JWTSubject
{
public function getJWTIdentifier(): string|int
{
return $this->getKey();
}
public function getJWTCustomClaims(): array
{
return [];
}
}
use Illuminate\Support\Facades\Route;
//jwt middleware that need refresh token
Route::post("refresh-token", function (){
//do refresh logic here
})->middleware("auth.jwt:refresh");
//jwt middleware that need access token
Route::middleware("auth.jwt")->group(function () {
Route::get("user", function () {
return response()->json([
"success" => true,
"user" => Auth::user()
]);
});
// and others route
});
use Illuminate\Support\Facades\Auth;
$credentials = [
"email" => "[email protected]",
"password" => "admin"
];
#this attempt method will return boolean when user validation success
Auth::attempt($credentials);
#passing true on second parameter to get return array of access_token and refresh_token
Auth::attempt($credentials, true);
use Illuminate\Support\Facades\Auth;
Auth::logout();
use Illuminate\Support\Facades\Auth;
Auth::refreshToken(Auth::user());
use Illuminate\Support\Facades\Auth;
use App\Models\User;
$user = User::find(1);
Auth::login($user);
use Illuminate\Support\Facades\Auth;
use App\Models\User;
$credentials = [
"email" => "[email protected]",
"password" => "admin"
];
Auth::attempt($credentials);
Auth::getAccessToken();
Auth::getRefreshToken();
use Iqbalatma\LaravelJwtAuthentication\Services\IssuedTokenService;
#use to get all issued token
IssuedTokenService::getAllToken();
#use to get all issued refresh token
IssuedTokenService::getAllTokenRefresh()
#use to get all issued access token
IssuedTokenService::getAllTokenAccess();
#use to revoke refresh token by user agent string name
IssuedTokenService::revokeTokenRefreshByUserAgent('user-agent-name');
#use to revoke access token by user agent string name
IssuedTokenService::revokeTokenAccessByUserAgent('user-agent-name');
#use to revoke both access and refresh token by user agent string name
IssuedTokenService::revokeTokenByUserAgent('user-agent-name');
#use to revoke all token
IssuedTokenService::revokeAllToken();
#use to revoke all token but current token
IssuedTokenService::revokeAllTokenOnOtherUserAgent();