ociomercado/laravel-jwt

A simple Laravel package that implements a Provider, Middleware and Facade for JWT using lcobucci/jwt library to generate and check the tokens.

laravel-jwt

A simple Laravel package that implements a Provider, Middleware and Facade for JWT using lcobucci/jwt library to generate and check the tokens., _(*1)

Dependencies

This library requires: * PHP 5.5+ * OpenSSL Extension, _(*2)

Installation

Using composer:, _(*3)

composer require ociomercado/laravel-jwt

Configuration

Provider

You need to update your config/app.php file and add the following code in the providers section:, _(*4)

  'providers' => [
    // Other providers

      OcioMercado\LaravelJWT\JWTServiceProvider::class,

    // Other providers
  ]

Alias

Also, you need to add the following in the aliases section:, _(*5)

  'aliases' => [
    // Other aliases

      'JWT' => OcioMercado\LaravelJWT\Facades\JWTFacade::class,

    // Other aliases
  ]

Config file

Then you need to publish the configuration file so you customize the options:, _(*6)

php artisan vendor:publish

This will create the config file jwt.php in the /config folder. Don't forget to check it out and change the options as you need., _(*7)

Using the library

Protecting routes

Now you can use the JWT middleware to protect your routes:, _(*8)

  Route::get('/user', function (Request $request) {
    return 'Route secured!';
  })->middleware('JWT');

The middleware checks if the request has a Authorization header or the parameter token sent via GET or POST., _(*9)

The JWT class

  /**
   * Creates and signs a new JWT.
   *
   * It signs the token with the configured type of key in the jwt.php file.
   *
   * @param string $jti A unique identifier for the token.
   * @param mixed[] $customClaims Optional data to append to the token.
   *
   * @return Lcobucci\JWT\Token
   */
  public function createToken($jti = null, $customClaims = null)

  /**
   * Validates and verifies a JWT.
   *
   * It verfies the token with the configured type of key in the jwt.php file.
   *
   * @return Lcobucci\JWT\Token Returns the token.
   *
   * @throws TokenNotFoundException When the token is not found.
   * @throws InvalidTokenException When the token is not valid.
   * @throws InvalidTokenSignException When the token sign is not valid.
   */
  public function verifyToken($token)

  /**
   * Gets the JWT string from the request headers or from the GET parameter.
   *
   * @return string Returns the token string.
   *
   * @throws TokenNotFoundException When the token is not found.
   */
  public function getTokenString()

  /**
   * Parses the JWT string.
   *
   * @return Lcobucci\JWT\Token Returns the token.
   *
   * @throws TokenNotFoundException When the token is not found.
   * @throws InvalidTokenException When the token is not valid.
   */
  public function parseTokenString()

  /**
   * Checks if the JWT has expired.
   *
   * @throws TokenNotFoundException When the token is not found.
   * @throws InvalidTokenException When the token is not valid.
   * @throws TokenExpiredException When the token has expired.
   */
  public function tokenExpired()

  /**
   * Checks if the JWT can be refreshed.
   *
   * @return boolean Returns true is the token can be refreshed, otherwise it returns false.
   *
   * @throws TokenNotFoundException When the token is not found.
   * @throws InvalidTokenException When the token is not valid.
   */
  public function isRefreshableToken()

  /**
   * Gets the JWT object.
   *
   * @return Lcobucci\JWT\Token Returns the token.
   *
   * @throws TokenNotFoundException When the token is not found.
   * @throws InvalidTokenException When the token is not valid.
   */
  public function getToken()