Laravel JWT Auth Laravel JWT Auth 

3 How to use JWT with Laravel Agenda 2 What is JWT Auth? 1 Self-introduction 

1 Self-introduction 

4 Self-introduction ◆ Name Suzuki Takayuki (Suzuki Takayuki) ◆ Self-introduction -Born in Kanagawa Prefecture in 1990. ɾ Become an adult and start programming. -Joined Full Speed in 2015, and started freelance in 2017, and started business in Okinawa in November 2017. ◆ Hobby Play cosplay, live music, go to marathon, watch baseball ◆ Skill ɾ PHP, Symfony2, CakePHP3, Laravel5, ɾ JavaScript, backbone.js, Angular4, Vue.js, Nuxt.js I like piccolo cosplay 

5 Self-introduction Japanese Comics like Naruto! 

6 Self-introduction We run various communities in Japan! 

2 What is JWT? 

8 What is JWT? JWT (Jyotto) is an abbreviation of JSON Web Token, which is an authentication method using a digital signature URL-safe JSON. The biggest advantage is that it has a digital signature, so it can not be tampered with. 

9 What is JWT? [Authentication flow mechanism] 1 Client sends authentication information (login ID and password). 2) The server acquires authentication information, encrypts JSON including user_id and exp (expiration date) with a secret key, and returns it as JWT. 3 The client treats the received JWT as an authentication request and accesses resources. 

1 0 What is JWT? ■ Merits of using JWT Some reasons to recommend the use of JSON web tokens are: ɾ Can be used as URL parameter or header ɾ Horizontal scale is easy ɾ Easy debugging and management ɾ There is little burden on traffic ɾ Can create original REST service ɾ With built-in expiration date function ɾ The JWT is independent https://camp.isaax.io/ja/tips-ja/jwt-json-web-token 

3 How to use JWT with Laravel 

front end login process flow API request Server side Vuex Token is returned Component Action Mutations State Plugin /login Routing Middleware Dispatch Render Commit Mutate eyJ0eXAiOiJKV1QiLCJhbGci OiJIUzI1NiJ9.eyJpc3MiOiJod HRwOlwvXC9sb2NhbGhvc3 RcL2FwaVwvdjFcL2xvZ2luIiw iaWF0IjoxNTQxMzk3NDAyLC JleHAiOjE1NDE0MDEwMDIs Im5iZiI6MTU0MTM5NzQwMi wianRpIjoiSGx1eUVXRU5Jc TdWRHZ6ZyIsInN1YiI6MSwi cHJ2IjoiMWFiMTVlMTVhNG NiODBjOWY3MTJkZTQ3OD ViMmIyMDk4ZGFlMjhjMyJ9. Qkbo7Mf4kMlTbWT- r4L6GhSUUlTUE7p7OHPdob FEXiI Token example HTML CSS JS Receive Token and set to localStorage Every time, check if Token is in localStrage. If not, redirect to login screen Each time, check localStorage and set token in Authorization header localStrage token get token On the server side Execute login process Issue a token. Access from browser, Enter user ID and password set token 

1 3 What to implement ɾ /api/login A token is issued when a password is sent with the user. ɾ /api/me returns user information. It can not be accessed without the token. 

1 4 खॱ 1. Create an authentication function 2. Install jwt-auth in composer 3. Modify the User Model 4. Fix the guard 5. Generate ApiController 6. Edit routes / api.php 

1 5 1 Create authentication function $ php artisan make:auth $ php artisan migrate Execute the following command to create an authentication function. This makes it easy to create an authentication function. 

1 6 2. Install jwt-auth in composer Perform initial setting of jwt-auth. Install jwt-auth into the Laravel project. jconfig / jwt.php is generated. Finally generate a secret key 

1 7 3. Modify the User Model Edit the Employee model to correspond to jwt-auth. 

1 8 3. Modify the User Model Edit the Employee model to correspond to jwt-auth. 

1 9 4. Fix the guard (config / auth.php) guard is a mechanism to manage authentication, by default there are web and api. Web manages login from html. On the other hand, api is, as the name suggests, a Web API login. Since we use jwt-auth, we change api to jwt. edit config / auth.php 

2 0 5. Generate ApiController Next, create a controller for the API. app / Http / Controllers / ApiController.php is generated. 

2 1 5. Generate ApiController 

2 2 6. Edit routes / api.php 

2 3 Actually move 

2 4 Actually move 

2 5 Actually move 

2 6 Actually move I will try with curl. email and password specify when the above user was registered. Then use the token to access the url you need to authenticate. Send Bearer: in Authorization header. Data is returned. 

2 7 reference https://qiita.com/tkt989/items/15b49e9ea8d31d8228ce Laravel + Jwt Auth Ͱೝূ෇͖WebAPIΛ࡞Δ https://camp.isaax.io/ja/tips-ja/jwt-json-web-token JWTɺJSON΢ΣϒτʔΫϯ 

2 8 Finally, if you want to work in Okinawa, please speak up!