Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Laravelで簡単にSPA Webアプリ 作成!JWT認証導入

Takayuki
November 14, 2018
Technology
1
1.7k

Laravelで簡単にSPA Webアプリ 作成!JWT認証導入

Laravelで簡単にSPA Webアプリ作成!JWT認証導入

Takayuki

November 14, 2018
Tweet

More Decks by Takayuki

See All by Takayuki
エンジニアのキャリア論
bumptakayuki
0
130
地方カンファレンス主催のススメ
bumptakayuki
1
170
Laravelで敢えて試す脆弱性のある書き方
bumptakayuki
1
870
地方でのPHPエンジニア採用って実際どうなの?
bumptakayuki
0
570
沖縄観光、名物を一挙紹介!
bumptakayuki
2
570
Laravel ShiftでLaravelのバージョンアップしてみた話
bumptakayuki
1
2k
flutterでイベントアプリを作ってみた
bumptakayuki
0
120
オフショア開発の辛みと学んだ事
bumptakayuki
0
350
ChatGPTにStripeのサンプルコードを書かせてみた
bumptakayuki
1
180

Other Decks in Technology

See All in Technology
Visual StudioとかIDE関連小ネタ話
kosmosebi
1
320
OPENLOGI Company Profile
hr01
0
58k
AWSの生成AIサービス Amazon Bedrock入門!(2025年1月版)
minorun365
PRO
7
410
LangGraphとFlaskを用いた社内資料検索ボットの実装②Retriever構築編
aoikumadaki
0
100
SpiderPlus & Co. エンジニア向け会社紹介資料
spiderplus_cb
0
650
#TRG24 / David Cuartielles / Post Open Source
tarugoconf
0
490
Zero Data Loss Autonomous Recovery Service サービス概要
oracle4engineer
PRO
1
5k
20241218_マルチアカウント環境におけるIAM_Access_Analyzerによる権限管理.pdf
nrinetcom
PRO
3
160
最近のSfM手法まとめ - COLMAP / GLOMAPを中心に -
kwchrk
8
1.8k
プロダクト組織で取り組むアドベントカレンダー/Advent Calendar in Product Teams
mixplace
0
680
AIエージェントに脈アリかどうかを分析させてみた
sonoda_mj
2
140
WantedlyでのKotlin Multiplatformの導入と課題 / Kotlin Multiplatform Implementation and Challenges at Wantedly
kubode
0
170

Featured

See All Featured
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
7
560
The Illustrated Children's Guide to Kubernetes
chrisshort
48
49k
Build your cross-platform service in a week with App Engine
jlugia
229
18k
The World Runs on Bad Software
bkeepers
PRO
66
11k
What’s in a name? Adding method to the madness
productmarketing
PRO
22
3.2k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
172
50k
Typedesign – Prime Four
hannesfritz
40
2.5k
jQuery: Nuts, Bolts and Bling
dougneiner
62
7.6k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
365
25k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
132
33k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
232
17k

Transcript

  1. LaravelͰ؆୯ʹSPA WebΞϓϦ ࡞੒ʂJWTೝূಋೖ LaravelͰ؆୯ʹSPA WebΞϓϦ ࡞੒ʂJWTೝূಋೖ גࣜձࣾϦϏϧυ / @kanbo0605

  2. 3 LaravelͰͷ࢖͍ํ Agenda 2 JWTೝূͱ͸ 1 ࣗݾ঺հ

  3. 1 ࣗݾ঺հ

  4. 4 ࣗݾ঺հ ◆໊લ ླ໦ ޹೭(Suzuki Takayuki) ◆ࣗݾ঺հ ɾ1990೥ɺਆಸ઒ݝੜ·Εɻ ɾࣾձਓʹͳ͔ͬͯΒɺϓϩάϥϛϯάΛ࢝ΊΔɻ ɾ2015೥ʹϑϧεϐʔυʹೖࣾ͠ɺ2017೥ʹϑϦʔϥϯεΛ

    ΍ͬͨޙʹ2017೥11݄ʹԭೄͰىۀɻ ◆Twitter @kanbo0605 ◆εΩϧ ɾPHP, Symfony2,CakePHP3,Laravel5, ɾJavaScript, backbone.js,Angular4,Vue.js,Nuxt.js

  5. 2 JWTೝূͱ͸

  6. 6 SPAͷWebΞϓϦͰ ϩάΠϯػೳΛ࡞Δͷେม͡Ό ͳ͍Ͱ͔͢ʁʁ

  7. 7 JWTͱ͸ JWTʢδϣοτʣͱ͸ JSON Web Token ͷུͰɺిࢠॺ໊෇͖ͷ URL-safeͳJSONΛ࢖ͬͨೝূํ ࣜͰ͢ɻ Ұ൪ͷେ͖͍ར఺͸ిࢠॺ໊͕ͭ

    ͍͍ͯΔͷͰɺվ͟Μ͞Εͳ͍ࣄ ͕େ͖͍Ͱ͢ɻ

  8. 8 JWTͱ͸ [ೝূϑϩʔͷ࢓૊Έ] ᶃΫϥΠΞϯτ͸ɺೝূ৘ใ(ϩάΠϯIDͱύεϫʔυ)Λૹ৴͢Δɻ ᶄαʔό͸ೝূ৘ใΛऔಘͯ͠user_idͱexp(༗ޮظݶ)ΛؚΉɺJSONΛൿີ伴 Ͱ҉߸Խͯ͠JWTͱͯ͠ฦ٫͢Δɻ ᶅΫϥΠΞϯτ͸ड͚औͬͨJWTΛೝূϦΫΤετͱͯ͠ѻͬͯɺϦιʔεʹΞ ΫηεΛߦ͏ɻ

  9. 9 JWTͱ͸ ▪JWT࢖༻ͷϝϦοτ JSON΢ΣϒτʔΫϯͷ࢖༻Λਪ঑͢Δ͍͔ͭ͘ͷཧ༝͸ҎԼͷ௨ΓͰ͋Δɻ ɾURLͷύϥϝʔλʔ΍ϔομʔͱͯ͠࢖͑Δ ɾਫฏͷεέʔϧ͕༰қ ɾσόοάͱ؅ཧ͕؆୯ ɾτϥϑΟοΫର͢Δෛ୲͕গͳ͍ ɾຊདྷͷRESTαʔϏεΛ࡞੒Մೳ ɾϏϧτΠϯࣜͷ༗ޮظݶػೳ͕͍͍ͭͯΔ

    ɾJWT͕ಠཱܕͰ͋Δ͜ͱ https://camp.isaax.io/ja/tips-ja/jwt-json-web-token

  10. 3 LaravelͰͷ࢖͍ํ

  11. ϑϩϯτΤϯυ ϑϩϯτΤϯυͷϩάΠϯॲཧϑϩʔ APIϦΫΤετ αʔόαΠυ Vuex Token͕ฦ٫͞ΕΔ Component Action Mutations State

    Plugin /login Routing Middleware Dispatch Render Commit Mutate eyJ0eXAiOiJKV1QiLCJhbGci OiJIUzI1NiJ9.eyJpc3MiOiJod HRwOlwvXC9sb2NhbGhvc3 RcL2FwaVwvdjFcL2xvZ2luIiw iaWF0IjoxNTQxMzk3NDAyLC JleHAiOjE1NDE0MDEwMDIs Im5iZiI6MTU0MTM5NzQwMi wianRpIjoiSGx1eUVXRU5Jc TdWRHZ6ZyIsInN1YiI6MSwi cHJ2IjoiMWFiMTVlMTVhNG NiODBjOWY3MTJkZTQ3OD ViMmIyMDk4ZGFlMjhjMyJ9. Qkbo7Mf4kMlTbWT- r4L6GhSUUlTUE7p7OHPdob FEXiI Tokenͷྫ HTML CSS JS TokenΛड͚औͬ ͯɺlocalStorage ʹઃఆ ຖճɺToken͕ localStrageʹ͋ Δ͔νΣοΫɻ ͳ͚Ε͹ɺϩά Πϯը໘ʹϦμ ΠϨΫτ ຖճɺlocalStorage Λ֬ೝ͠ɺtokenΛ Authorizationϔο μʔʹઃఆ localStrage token tokenΛऔಘ αʔόαΠυଆͰ ϩάΠϯॲཧΛ࣮ߦ tokenΛൃߦɻ ϒϥ΢β͔ΒΞΫηε͠ɺ ϢʔβIDͱύεϫʔυΛೖྗ tokenΛઃఆ

  12. 1 2 ࣮૷͢Δ΋ͷ ɾ/api/login ϢʔβʔͱύεϫʔυΛૹΔͱτʔΫϯ͕ൃߦ͞ΕΔɻ ɾ/api/me Ϣʔβʔͷ৘ใΛฦ͢ɻτʔΫϯ͕ແ͍ͱΞΫηεͰ͖ͳ͍ɻ •

  13. 1 3 खॱ ᶃೝূػೳΛ࡞੒ ᶄcomposerͰjwt-authΛΠϯετʔϧ ᶅEmployeeϞσϧΛमਖ਼ ᶆguardΛमਖ਼ ᶇApiControllerΛੜ੒ ᶈroutes/api.phpΛฤू

  14. 1 4 ᶃೝূػೳΛ࡞੒ $ php artisan make:auth $ php artisan

    migrate ԼهͷίϚϯυΛ࣮ߦ͠ɺೝূػೳΛ࡞੒͢Δɻ ͜ΕͰ؆୯ʹೝূػೳΛ࡞੒Ͱ͖·͢ɻ

  15. 1 5 ᶄcomposerͰjwt-authΛΠϯετʔϧ jwt-authͷॳظઃఆΛߦ͍·͢ɻ jwt-authΛLaravelϓϩδΣΫτʹΠϯετʔϧ͠·͢ɻ config/jwt.php͕ੜ੒͞Ε·͢ɻ ࠷ޙʹൿີ伴Λੜ੒

  16. 1 6 ᶅEmployeeϞσϧΛमਖ਼ EmployeeϞσϧΛjwt-authʹରԠͤ͞ΔͨΊɺฤू͠·͢ɻ

  17. 1 7 ᶅEmployeeϞσϧΛमਖ਼ EmployeeϞσϧΛjwt-authʹରԠͤ͞ΔͨΊɺฤू͠·͢ɻ

  18. 1 8 ᶆguardΛमਖ਼(config/auth.php) guard͸ೝূΛ؅ཧ͢Δ࢓૊ΈͰɺσϑΥϧτͰ͸ webͱapi͕͋Γ·͢ɻ
 web͸html͔ΒͷϩάΠϯΛ؅ཧ͍ͯ͠·͢ɻ
 Ұํɺapi͸໊લͷ௨ΓɺWebAPIͷϩάΠϯͰ͢ɻ jwt-authΛ࢖͏ͷͰapiΛjwtʹม͑·͢ɻ config/auth.phpΛฤू

  19. 1 9 ᶇApiControllerΛੜ੒ ࣍ʹAPIͷίϯτϩʔϥʔΛ࡞੒͠·͢ɻ app/Http/Controllers/ApiController.php͕ੜ੒͞Ε·͢ɻ

  20. 2 0 ᶇApiControllerΛੜ੒

  21. 2 1 ᶈroutes/api.phpΛฤू

  22. 2 2 ࣮ࡍʹಈ͔͢

  23. 2 3 ࣮ࡍʹಈ͔͢

  24. 2 4 ࣮ࡍʹಈ͔͢

  25. 2 5 ࣮ࡍʹಈ͔͢ curlͰࢼͯ͠Έ·͢ɻ emailͱpassword͸্ͷϢʔβʔΛొ࿥ͨ͠ͱ͖ͷΛࢦఆ͠·͢ɻ ͦͯ͠τʔΫϯΛ࢖ͬͯೝূ͕ඞཁͳurlʹΞΫηεͯ͠Έ·͢ɻ AuthorizationϔομʔʹBearer: <token>Λ෇͚ͯૹ৴͠·͢ɻ σʔλ͕ฦ͖ͬͯ·ͨ͠ɻ

  26. 2 6 ࢀߟ https://qiita.com/tkt989/items/15b49e9ea8d31d8228ce Laravel + Jwt Auth Ͱೝূ෇͖WebAPIΛ࡞Δ https://camp.isaax.io/ja/tips-ja/jwt-json-web-token

    JWTɺJSON΢ΣϒτʔΫϯ

  27. 2 7 ࠂ஌ phpΧϯϑΝϨϯεԭೄ։࠵͠·͢ʂʂʂ 2019೥10݄த