Laravel JWT Auth English Version

Transcript

1. Laravel JWT Auth Laravel JWT Auth

2. 3 How to use JWT with Laravel Agenda 2 What

   is JWT Auth? 1 Self-introduction

3. 1 Self-introduction

4. 4 Self-introduction ◆ Name Suzuki Takayuki (Suzuki Takayuki) ◆ Self-introduction

   -Born in Kanagawa Prefecture in 1990. ɾ Become an adult and start programming. -Joined Full Speed in 2015, and started freelance in 2017, and started business in Okinawa in November 2017. ◆ Hobby Play cosplay, live music, go to marathon, watch baseball ◆ Skill ɾ PHP, Symfony2, CakePHP3, Laravel5, ɾ JavaScript, backbone.js, Angular4, Vue.js, Nuxt.js I like piccolo cosplay

5. 5 Self-introduction Japanese Comics like Naruto!

6. 6 Self-introduction We run various communities in Japan!

7. 2 What is JWT?

8. 8 What is JWT? JWT (Jyotto) is an abbreviation of

   JSON Web Token, which is an authentication method using a digital signature URL-safe JSON. The biggest advantage is that it has a digital signature, so it can not be tampered with.

9. 9 What is JWT? [Authentication flow mechanism] 1 Client sends

   authentication information (login ID and password). 2) The server acquires authentication information, encrypts JSON including user_id and exp (expiration date) with a secret key, and returns it as JWT. 3 The client treats the received JWT as an authentication request and accesses resources.

10. 1 0 What is JWT? ▪ Merits of using JWT

    Some reasons to recommend the use of JSON web tokens are: ɾ Can be used as URL parameter or header ɾ Horizontal scale is easy ɾ Easy debugging and management ɾ There is little burden on traffic ɾ Can create original REST service ɾ With built-in expiration date function ɾ The JWT is independent https://camp.isaax.io/ja/tips-ja/jwt-json-web-token

11. 3 How to use JWT with Laravel

12. front end login process flow API request Server side Vuex

    Token is returned Component Action Mutations State Plugin /login Routing Middleware Dispatch Render Commit Mutate eyJ0eXAiOiJKV1QiLCJhbGci OiJIUzI1NiJ9.eyJpc3MiOiJod HRwOlwvXC9sb2NhbGhvc3 RcL2FwaVwvdjFcL2xvZ2luIiw iaWF0IjoxNTQxMzk3NDAyLC JleHAiOjE1NDE0MDEwMDIs Im5iZiI6MTU0MTM5NzQwMi wianRpIjoiSGx1eUVXRU5Jc TdWRHZ6ZyIsInN1YiI6MSwi cHJ2IjoiMWFiMTVlMTVhNG NiODBjOWY3MTJkZTQ3OD ViMmIyMDk4ZGFlMjhjMyJ9. Qkbo7Mf4kMlTbWT- r4L6GhSUUlTUE7p7OHPdob FEXiI Token example HTML CSS JS Receive Token and set to localStorage Every time, check if Token is in localStrage. If not, redirect to login screen Each time, check localStorage and set token in Authorization header localStrage token get token On the server side Execute login process Issue a token. Access from browser, Enter user ID and password set token

13. 1 3 What to implement ɾ /api/login A token is

    issued when a password is sent with the user. ɾ /api/me returns user information. It can not be accessed without the token.

14. 1 4 खॱ 1. Create an authentication function 2. Install

    jwt-auth in composer 3. Modify the User Model 4. Fix the guard 5. Generate ApiController 6. Edit routes / api.php

15. 1 5 1 Create authentication function $ php artisan make:auth

    $ php artisan migrate Execute the following command to create an authentication function. This makes it easy to create an authentication function.

16. 1 6 2. Install jwt-auth in composer Perform initial setting

    of jwt-auth. Install jwt-auth into the Laravel project. jconfig / jwt.php is generated. Finally generate a secret key

17. 1 7 3. Modify the User Model Edit the Employee

    model to correspond to jwt-auth.

18. 1 8 3. Modify the User Model Edit the Employee

    model to correspond to jwt-auth.

19. 1 9 4. Fix the guard (config / auth.php) guard

    is a mechanism to manage authentication, by default there are web and api. Web manages login from html. On the other hand, api is, as the name suggests, a Web API login. Since we use jwt-auth, we change api to jwt. edit config / auth.php

20. 2 0 5. Generate ApiController Next, create a controller for

    the API. app / Http / Controllers / ApiController.php is generated.

21. 2 1 5. Generate ApiController

22. 2 2 6. Edit routes / api.php

23. 2 3 Actually move

24. 2 4 Actually move

25. 2 5 Actually move

26. 2 6 Actually move I will try with curl. email

    and password specify when the above user was registered. Then use the token to access the url you need to authenticate. Send Bearer: <token> in Authorization header. Data is returned.

27. 2 7 reference https://qiita.com/tkt989/items/15b49e9ea8d31d8228ce Laravel + Jwt Auth Ͱೝূ෇͖WebAPIΛ࡞Δ https://camp.isaax.io/ja/tips-ja/jwt-json-web-token

    JWTɺJSON΢ΣϒτʔΫϯ

28. 2 8 Finally, if you want to work in Okinawa,

    please speak up!