Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Laravelで簡単にSPA Webアプリ 作成!JWT認証導入

Takayuki
November 14, 2018
Technology
1
1.5k

Laravelで簡単にSPA Webアプリ 作成!JWT認証導入

Laravelで簡単にSPA Webアプリ作成!JWT認証導入

Takayuki

November 14, 2018
Tweet

More Decks by Takayuki

See All by Takayuki
地方カンファレンス主催のススメ
bumptakayuki
1
100
Laravelで敢えて試す脆弱性のある書き方
bumptakayuki
1
330
地方でのPHPエンジニア採用って実際どうなの?
bumptakayuki
0
380
沖縄観光、名物を一挙紹介!
bumptakayuki
2
400
Laravel ShiftでLaravelのバージョンアップしてみた話
bumptakayuki
1
1k
flutterでイベントアプリを作ってみた
bumptakayuki
0
89
オフショア開発の辛みと学んだ事
bumptakayuki
0
310
ChatGPTにStripeのサンプルコードを書かせてみた
bumptakayuki
1
130
ChatGPTに記事を書かせてみた
bumptakayuki
1
200

Other Decks in Technology

See All in Technology
Why we expect the Microservices
shkitayama
2
310
Code Smells @Voxxed Bucharest 24
victorrentea
2
660
少数チームで挑む: SwiftUI, TCA, KMPを用いた 新規動画配信アプリ 「ABEMA Live」の開発について
tomu28
0
240
Apple Vision Pro trial session
akkeylab
0
110
YOLO로 행복한 탑티어 개발자 되기
maryang
0
130
CloudFrontの継続的デプロイを試してみたはなし
stknohg
PRO
0
610
Introduction to GKE x LLM
soma00333
0
130
Oracle Cloud Infrastructure:2024年3月度サービス・アップデート
oracle4engineer
PRO
1
230
Tableau事例紹介 / Tableau Case Study of Eureka
kazuya_araki_tokyo
1
150
株式会社EventHub・エンジニア採用資料
eventhub
0
1.9k
Oracle Exadata Database Service on Cloud@Customer (ExaDB-C@C) - UI スクリーン・キャプチャ集
oracle4engineer
PRO
1
1.1k
The CloudCompare project by Dr. Daniel Girardeau-Montaut
kentaitakura
0
320

Featured

See All Featured
Building an army of robots
kneath
300
41k
Why You Should Never Use an ORM
jnunemaker
PRO
50
8.6k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
124
32k
Documentation Writing (for coders)
carmenintech
59
3.9k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
39
4.3k
A designer walks into a library…
pauljervisheath
199
23k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
114
18k
Embracing the Ebb and Flow
colly
78
4.1k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
24
2.3k
Code Reviewing Like a Champion
maltzj
513
39k
Practical Orchestrator
shlominoach
180
9.7k
Clear Off the Table
cherdarchuk
82
310k

Transcript

  1. LaravelͰ؆୯ʹSPA WebΞϓϦ ࡞੒ʂJWTೝূಋೖ LaravelͰ؆୯ʹSPA WebΞϓϦ ࡞੒ʂJWTೝূಋೖ גࣜձࣾϦϏϧυ / @kanbo0605

  2. 3 LaravelͰͷ࢖͍ํ Agenda 2 JWTೝূͱ͸ 1 ࣗݾ঺հ

  3. 1 ࣗݾ঺հ

  4. 4 ࣗݾ঺հ ◆໊લ ླ໦ ޹೭(Suzuki Takayuki) ◆ࣗݾ঺հ ɾ1990೥ɺਆಸ઒ݝੜ·Εɻ ɾࣾձਓʹͳ͔ͬͯΒɺϓϩάϥϛϯάΛ࢝ΊΔɻ ɾ2015೥ʹϑϧεϐʔυʹೖࣾ͠ɺ2017೥ʹϑϦʔϥϯεΛ

    ΍ͬͨޙʹ2017೥11݄ʹԭೄͰىۀɻ ◆Twitter @kanbo0605 ◆εΩϧ ɾPHP, Symfony2,CakePHP3,Laravel5, ɾJavaScript, backbone.js,Angular4,Vue.js,Nuxt.js

  5. 2 JWTೝূͱ͸

  6. 6 SPAͷWebΞϓϦͰ ϩάΠϯػೳΛ࡞Δͷେม͡Ό ͳ͍Ͱ͔͢ʁʁ

  7. 7 JWTͱ͸ JWTʢδϣοτʣͱ͸ JSON Web Token ͷུͰɺిࢠॺ໊෇͖ͷ URL-safeͳJSONΛ࢖ͬͨೝূํ ࣜͰ͢ɻ Ұ൪ͷେ͖͍ར఺͸ిࢠॺ໊͕ͭ

    ͍͍ͯΔͷͰɺվ͟Μ͞Εͳ͍ࣄ ͕େ͖͍Ͱ͢ɻ

  8. 8 JWTͱ͸ [ೝূϑϩʔͷ࢓૊Έ] ᶃΫϥΠΞϯτ͸ɺೝূ৘ใ(ϩάΠϯIDͱύεϫʔυ)Λૹ৴͢Δɻ ᶄαʔό͸ೝূ৘ใΛऔಘͯ͠user_idͱexp(༗ޮظݶ)ΛؚΉɺJSONΛൿີ伴 Ͱ҉߸Խͯ͠JWTͱͯ͠ฦ٫͢Δɻ ᶅΫϥΠΞϯτ͸ड͚औͬͨJWTΛೝূϦΫΤετͱͯ͠ѻͬͯɺϦιʔεʹΞ ΫηεΛߦ͏ɻ

  9. 9 JWTͱ͸ ▪JWT࢖༻ͷϝϦοτ JSON΢ΣϒτʔΫϯͷ࢖༻Λਪ঑͢Δ͍͔ͭ͘ͷཧ༝͸ҎԼͷ௨ΓͰ͋Δɻ ɾURLͷύϥϝʔλʔ΍ϔομʔͱͯ͠࢖͑Δ ɾਫฏͷεέʔϧ͕༰қ ɾσόοάͱ؅ཧ͕؆୯ ɾτϥϑΟοΫର͢Δෛ୲͕গͳ͍ ɾຊདྷͷRESTαʔϏεΛ࡞੒Մೳ ɾϏϧτΠϯࣜͷ༗ޮظݶػೳ͕͍͍ͭͯΔ

    ɾJWT͕ಠཱܕͰ͋Δ͜ͱ https://camp.isaax.io/ja/tips-ja/jwt-json-web-token

  10. 3 LaravelͰͷ࢖͍ํ

  11. ϑϩϯτΤϯυ ϑϩϯτΤϯυͷϩάΠϯॲཧϑϩʔ APIϦΫΤετ αʔόαΠυ Vuex Token͕ฦ٫͞ΕΔ Component Action Mutations State

    Plugin /login Routing Middleware Dispatch Render Commit Mutate eyJ0eXAiOiJKV1QiLCJhbGci OiJIUzI1NiJ9.eyJpc3MiOiJod HRwOlwvXC9sb2NhbGhvc3 RcL2FwaVwvdjFcL2xvZ2luIiw iaWF0IjoxNTQxMzk3NDAyLC JleHAiOjE1NDE0MDEwMDIs Im5iZiI6MTU0MTM5NzQwMi wianRpIjoiSGx1eUVXRU5Jc TdWRHZ6ZyIsInN1YiI6MSwi cHJ2IjoiMWFiMTVlMTVhNG NiODBjOWY3MTJkZTQ3OD ViMmIyMDk4ZGFlMjhjMyJ9. Qkbo7Mf4kMlTbWT- r4L6GhSUUlTUE7p7OHPdob FEXiI Tokenͷྫ HTML CSS JS TokenΛड͚औͬ ͯɺlocalStorage ʹઃఆ ຖճɺToken͕ localStrageʹ͋ Δ͔νΣοΫɻ ͳ͚Ε͹ɺϩά Πϯը໘ʹϦμ ΠϨΫτ ຖճɺlocalStorage Λ֬ೝ͠ɺtokenΛ Authorizationϔο μʔʹઃఆ localStrage token tokenΛऔಘ αʔόαΠυଆͰ ϩάΠϯॲཧΛ࣮ߦ tokenΛൃߦɻ ϒϥ΢β͔ΒΞΫηε͠ɺ ϢʔβIDͱύεϫʔυΛೖྗ tokenΛઃఆ

  12. 1 2 ࣮૷͢Δ΋ͷ ɾ/api/login ϢʔβʔͱύεϫʔυΛૹΔͱτʔΫϯ͕ൃߦ͞ΕΔɻ ɾ/api/me Ϣʔβʔͷ৘ใΛฦ͢ɻτʔΫϯ͕ແ͍ͱΞΫηεͰ͖ͳ͍ɻ •

  13. 1 3 खॱ ᶃೝূػೳΛ࡞੒ ᶄcomposerͰjwt-authΛΠϯετʔϧ ᶅEmployeeϞσϧΛमਖ਼ ᶆguardΛमਖ਼ ᶇApiControllerΛੜ੒ ᶈroutes/api.phpΛฤू

  14. 1 4 ᶃೝূػೳΛ࡞੒ $ php artisan make:auth $ php artisan

    migrate ԼهͷίϚϯυΛ࣮ߦ͠ɺೝূػೳΛ࡞੒͢Δɻ ͜ΕͰ؆୯ʹೝূػೳΛ࡞੒Ͱ͖·͢ɻ

  15. 1 5 ᶄcomposerͰjwt-authΛΠϯετʔϧ jwt-authͷॳظઃఆΛߦ͍·͢ɻ jwt-authΛLaravelϓϩδΣΫτʹΠϯετʔϧ͠·͢ɻ config/jwt.php͕ੜ੒͞Ε·͢ɻ ࠷ޙʹൿີ伴Λੜ੒

  16. 1 6 ᶅEmployeeϞσϧΛमਖ਼ EmployeeϞσϧΛjwt-authʹରԠͤ͞ΔͨΊɺฤू͠·͢ɻ

  17. 1 7 ᶅEmployeeϞσϧΛमਖ਼ EmployeeϞσϧΛjwt-authʹରԠͤ͞ΔͨΊɺฤू͠·͢ɻ

  18. 1 8 ᶆguardΛमਖ਼(config/auth.php) guard͸ೝূΛ؅ཧ͢Δ࢓૊ΈͰɺσϑΥϧτͰ͸ webͱapi͕͋Γ·͢ɻ
 web͸html͔ΒͷϩάΠϯΛ؅ཧ͍ͯ͠·͢ɻ
 Ұํɺapi͸໊લͷ௨ΓɺWebAPIͷϩάΠϯͰ͢ɻ jwt-authΛ࢖͏ͷͰapiΛjwtʹม͑·͢ɻ config/auth.phpΛฤू

  19. 1 9 ᶇApiControllerΛੜ੒ ࣍ʹAPIͷίϯτϩʔϥʔΛ࡞੒͠·͢ɻ app/Http/Controllers/ApiController.php͕ੜ੒͞Ε·͢ɻ

  20. 2 0 ᶇApiControllerΛੜ੒

  21. 2 1 ᶈroutes/api.phpΛฤू

  22. 2 2 ࣮ࡍʹಈ͔͢

  23. 2 3 ࣮ࡍʹಈ͔͢

  24. 2 4 ࣮ࡍʹಈ͔͢

  25. 2 5 ࣮ࡍʹಈ͔͢ curlͰࢼͯ͠Έ·͢ɻ emailͱpassword͸্ͷϢʔβʔΛొ࿥ͨ͠ͱ͖ͷΛࢦఆ͠·͢ɻ ͦͯ͠τʔΫϯΛ࢖ͬͯೝূ͕ඞཁͳurlʹΞΫηεͯ͠Έ·͢ɻ AuthorizationϔομʔʹBearer: <token>Λ෇͚ͯૹ৴͠·͢ɻ σʔλ͕ฦ͖ͬͯ·ͨ͠ɻ

  26. 2 6 ࢀߟ https://qiita.com/tkt989/items/15b49e9ea8d31d8228ce Laravel + Jwt Auth Ͱೝূ෇͖WebAPIΛ࡞Δ https://camp.isaax.io/ja/tips-ja/jwt-json-web-token

    JWTɺJSON΢ΣϒτʔΫϯ

  27. 2 7 ࠂ஌ phpΧϯϑΝϨϯεԭೄ։࠵͠·͢ʂʂʂ 2019೥10݄த