Skip to content

Lumen with JWT Authentication, Dingo API and CORS Support

Notifications You must be signed in to change notification settings

krisanalfa/lumen-jwt

Repository files navigation

Lumen with JWT Authentication

Basically this is a starter kit for you to integrate Lumen with JWT Authentication. If you want to Lumen + Dingo + JWT for your current application, please check here.

What's Added

[1] Added via this package.

Quick Start

  • Clone this repo or download it's release archive and extract it somewhere
  • You may delete .git folder if you get this code via git clone
  • Run composer install
  • Run php artisan jwt:generate
  • Configure your .env file for authenticating via database
  • Set the API_PREFIX parameter in your .env file (usually api).
  • Run php artisan migrate --seed

A Live PoC

  • Run a PHP built in server from your root project:
php -S localhost:8000 -t public/

Or via artisan command:

php artisan serve

To authenticate a user, make a POST request to /api/auth/login with parameter as mentioned below:

email: johndoe@example.com
password: johndoe

Request:

curl -X POST -F "email=johndoe@example.com" -F "password=johndoe" "http://localhost:8000/api/auth/login"

Response:

{
  "success": {
    "message": "token_generated",
    "token": "a_long_token_appears_here"
  }
}
  • With token provided by above request, you can check authenticated user by sending a GET request to: /api/auth/user.

Request:

curl -X GET -H "Authorization: Bearer a_long_token_appears_here" "http://localhost:8000/api/auth/user"

Response:

{
  "success": {
    "user": {
      "id": 1,
      "name": "John Doe",
      "email": "johndoe@example.com",
      "created_at": null,
      "updated_at": null
    }
  }
}
  • To refresh your token, simply send a PATCH request to /api/auth/refresh.
  • Last but not least, you can also invalidate token by sending a DELETE request to /api/auth/invalidate.
  • To list all registered routes inside your application, you may execute php artisan route:list
⇒  php artisan route:list
+--------+----------------------+---------------------+------------------------------------------+------------------+------------+
| Verb   | Path                 | NamedRoute          | Controller                               | Action           | Middleware |
+--------+----------------------+---------------------+------------------------------------------+------------------+------------+
| POST   | /api/auth/login      | api.auth.login      | App\Http\Controllers\Auth\AuthController | postLogin        |            |
| GET    | /api                 | api.index           | App\Http\Controllers\APIController       | getIndex         | jwt.auth   |
| GET    | /api/auth/user       | api.auth.user       | App\Http\Controllers\Auth\AuthController | getUser          | jwt.auth   |
| PATCH  | /api/auth/refresh    | api.auth.refresh    | App\Http\Controllers\Auth\AuthController | patchRefresh     | jwt.auth   |
| DELETE | /api/auth/invalidate | api.auth.invalidate | App\Http\Controllers\Auth\AuthController | deleteInvalidate | jwt.auth   |
+--------+----------------------+---------------------+------------------------------------------+------------------+------------+

ETC

I made a Postman collection here.

License

Laravel and Lumen is a trademark of Taylor Otwell
Sean Tymon officially holds "Laravel JWT" license

Donation

If this project help you reduce time to develop, you can give me a cup of coffee :)

paypal