Basically this is a starter kit for you to integrate Lumen with JWT Authentication.
- Lumen 5.4+.
- JWT Auth for Lumen Application. [1]
- Dingo to easily and quickly build your own API. [1]
- Lumen Generator to make development even easier and faster.
- CORS and Preflight Request support.
[1] Added via this package.
- Clone this repo or download it's release archive and extract it somewhere
- You may delete
.git
folder if you get this code viagit clone
- Run
composer install
- Run
php artisan jwt:generate
- Configure your
.env
file for authenticating via database - Set the
API_PREFIX
parameter in your .env file (usuallyapi
). - Run
php artisan migrate --seed
- Run a PHP built in server from your root project:
php -S localhost:8000 -t public/
Or via artisan command:
php artisan serve
To authenticate a user, make a POST
request to /api/auth/login
with parameter as mentioned below:
email: johndoe@example.com
password: johndoe
Request:
curl -X POST -F "email=johndoe@example.com" -F "password=johndoe" "http://localhost:8000/api/auth/login"
Response:
{
"success": {
"message": "token_generated",
"token": "a_long_token_appears_here"
}
}
- With token provided by above request, you can check authenticated user by sending a
GET
request to:/api/auth/user
.
Request:
curl -X GET -H "Authorization: Bearer a_long_token_appears_here" "http://localhost:8000/api/auth/user"
Response:
{
"success": {
"user": {
"id": 1,
"name": "John Doe",
"email": "johndoe@example.com",
"created_at": null,
"updated_at": null
}
}
}
- To refresh your token, simply send a
PATCH
request to/api/auth/refresh
. - Last but not least, you can also invalidate token by sending a
DELETE
request to/api/auth/invalidate
. - To list all registered routes inside your application, you may execute
php artisan route:list
⇒ php artisan route:list
+--------+----------------------+---------------------+------------------------------------------+------------------+------------+
| Verb | Path | NamedRoute | Controller | Action | Middleware |
+--------+----------------------+---------------------+------------------------------------------+------------------+------------+
| POST | /api/auth/login | api.auth.login | App\Http\Controllers\Auth\AuthController | postLogin | |
| GET | /api | api.index | App\Http\Controllers\APIController | getIndex | jwt.auth |
| GET | /api/auth/user | api.auth.user | App\Http\Controllers\Auth\AuthController | getUser | jwt.auth |
| PATCH | /api/auth/refresh | api.auth.refresh | App\Http\Controllers\Auth\AuthController | patchRefresh | jwt.auth |
| DELETE | /api/auth/invalidate | api.auth.invalidate | App\Http\Controllers\Auth\AuthController | deleteInvalidate | jwt.auth |
+--------+----------------------+---------------------+------------------------------------------+------------------+------------+
Laravel and Lumen is a trademark of Taylor Otwell
Sean Tymon officially holds "Laravel JWT" license