A Json Web Token Guard adaptor for the Laravel Framework.
The goal is for a dropin replacement to the session guard which is shipped by default, most existing middleware which relies on Auth:: should work.
composer require lidbetter/jw-token-guard
- Add the following to
config/app.phpin the providers array
Lidbetter\JWTokenGuard\JWTokenGuardServiceProvider::class,
- In
config/auth.phpchange your api driver tojwt- should look something like
...
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'jwt',
'provider' => 'users',
],
],
... -
In
app/Http/Controllers/Auth/AuthController.phpreplace:
use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;
with: use Lidbetter\JWTokenGuard\Traits\AuthenticatesAndRegistersUsersAndJWT;
Don't forget to swap the use statment inside the class too. This will make the post login method return a token, if credentials are valid.
- Optional but advisable, add the middleware to set the default auth driver to the JWT implementation
in
app/Http/Kernel.phpadd the middle ware to the api route, should now look something like:
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
],
'api' => [
'throttle:60,1',
\Lidbetter\JWTokenGuard\Middleware\StartJTWGuard::class,
],
];You should now be able to use Auth::check, Auth::guest(), Auth::user() etc. anywhere inside your app and if accessed via a route protected via the api middle group get the JWTGuard and the default guard if you access non api grouped middleware routes.