Autentikasi API di Laravel Menggunakan JWT
Instalasi Laravel
$ composer create-project — prefer-dist
laravel/laravel NamaProject.
Lalu jangan lupa setting .env sesuai dengan settingan database.
Setelah install JWT Packagenya dengan mengetik perintah
$ composer require tymon/jwt-auth:dev-develop --prefer-source.
laravel/laravel NamaProject.
Lalu jangan lupa setting .env sesuai dengan settingan database.
Setelah install JWT Packagenya dengan mengetik perintah
$ composer require tymon/jwt-auth:dev-develop --prefer-source.
Instalasi Laravel
Instalasi Laravel
Lalu buka config/app.php
Lalu buka config/app.php
Di bagian Provider tambahkan 1 baris code seperti ini
Tymon\JWTAuth\Providers\LaravelServiceProvider::class,
Di Bagian Aliases tambahkan 2 baris code seperti ini
'JWTAuth' => Tymon\JWTAuth\Facades\JWTAuth::class,
'JWTFactory' => Tymon\JWTAuth\Facades\JWTFactory::class,
Tymon\JWTAuth\Providers\LaravelServiceProvider::class,
Di Bagian Aliases tambahkan 2 baris code seperti ini
'JWTAuth' => Tymon\JWTAuth\Facades\JWTAuth::class,
'JWTFactory' => Tymon\JWTAuth\Facades\JWTFactory::class,
Setelah itu publish JWT Packagenya dengan mengetik perintah
$ php artisan vendor:publish --
provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"
Lalu buat jwt-auth secretnya dengan mengetik perintah
$ php artisan jwt:secret
Setelah itu buka file Model User, lokasi filenya ada di app/User.php buatlah seperti ini:
<?php
namespace App;
use Illuminate\Notifications\Notifiable;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as
Authenticatable;
use Tymon\JWTAuth\Contracts\JWTSubject;
Setelah itu buka file Model User, lokasi filenya ada di app/User.php buatlah seperti ini:
class User extends Authenticatable implements JWTSubject
{
use Notifiable;
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name', 'email', 'password',
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password', 'remember_token',
];
public function getJWTIdentifier()
{
return $this->getKey();
}
public function getJWTCustomClaims()
{
return [];
}
}
$ php artisan vendor:publish --
provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"
Lalu buat jwt-auth secretnya dengan mengetik perintah
$ php artisan jwt:secret
Setelah itu buka file Model User, lokasi filenya ada di app/User.php buatlah seperti ini:
<?php
namespace App;
use Illuminate\Notifications\Notifiable;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as
Authenticatable;
use Tymon\JWTAuth\Contracts\JWTSubject;
Setelah itu buka file Model User, lokasi filenya ada di app/User.php buatlah seperti ini:
class User extends Authenticatable implements JWTSubject
{
use Notifiable;
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name', 'email', 'password',
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password', 'remember_token',
];
public function getJWTIdentifier()
{
return $this->getKey();
}
public function getJWTCustomClaims()
{
return [];
}
}
Setelah itu, ketikkan perintah migrasi database untuk membuat tabel dengan perintah
$ php artisan migrate
$ php artisan migrate
Lalu buat UserController untuk membuat fungsi register dan login, dengan mengetik perintah:
$ php artisan make:controller UserController
Setelah itu buka UserController di bagian folder app/Http/Controller/UserController.php dan buka isi controller seperti ini:
<?php
namespace App\Http\Controllers;
use App\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator;
use JWTAuth;
use Tymon\JWTAuth\Exceptions\JWTException;
class UserController extends Controller
{
public function login(Request $request)
{
$credentials = $request->only('email', 'password');
$ php artisan make:controller UserController
Setelah itu buka UserController di bagian folder app/Http/Controller/UserController.php dan buka isi controller seperti ini:
<?php
namespace App\Http\Controllers;
use App\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator;
use JWTAuth;
use Tymon\JWTAuth\Exceptions\JWTException;
class UserController extends Controller
{
public function login(Request $request)
{
$credentials = $request->only('email', 'password');
try {
if (! $token = JWTAuth::attempt($credentials)) {
return response()->json(['error' =>
'invalid_credentials'], 400);
}
} catch (JWTException $e) {
return response()->json(['error' =>
'could_not_create_token'], 500);
}
return response()->json(compact('token'));
}
}
return response()->json(compact('token'));
}
public function register(Request $request)
{
$validator = Validator::make($request->all(), [
'name' => 'required|string|max:255',
'email' =>
'required|string|email|max:255|unique:users',
'password' => 'required|string|min:6|confirmed',
]);
if($validator->fails()){
return response()->json($validator->errors()->toJson(),
400);
}
$user = User::create([
'name' => $request->get('name'),
'email' => $request->get('email'),
'password' => Hash::make($request->get('password')),
]);
$token = JWTAuth::fromUser($user);
return response()->json(compact('user','token'),201);
}
public function getAuthenticatedUser()
{
try {
if (! $user = JWTAuth::parseToken()->authenticate()) {
return response()->json(['user_not_found'], 404);
}
} catch (Tymon\JWTAuth\Exceptions\TokenExpiredException
$e) {
$user = User::create([
'name' => $request->get('name'),
'email' => $request->get('email'),
'password' => Hash::make($request->get('password')),
]);
$token = JWTAuth::fromUser($user);
return response()->json(compact('user','token'),201);
}
public function getAuthenticatedUser()
{
try {
if (! $user = JWTAuth::parseToken()->authenticate()) {
return response()->json(['user_not_found'], 404);
}
} catch (Tymon\JWTAuth\Exceptions\TokenExpiredException
$e) {
return response()->json(['token_expired'], $e-
>getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\TokenInvalidException
$e) {
return response()->json(['token_invalid'], $e-
>getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\JWTException $e) {
return response()->json(['token_absent'], $e-
>getStatusCode());
>getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\JWTException $e) {
return response()->json(['token_absent'], $e-
>getStatusCode());
}
return response()->json(compact('user'));
}
}
Setelah itu buat BookController untuk mengecek mengimplementasikan JWT Auth yang kita buat tadi dengan mengetik perintah”
return response()->json(compact('user'));
}
}
Setelah itu buat BookController untuk mengecek mengimplementasikan JWT Auth yang kita buat tadi dengan mengetik perintah”
$ php artisan make:controller BookController
Setelah itu isi BookControllernya di folder
app/Http/Controller/BookController.php
<?php
Setelah itu isi BookControllernya di folder
app/Http/Controller/BookController.php
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Auth;
class BookController extends Controller
{
public function book() {
$data = "Data All Book";
return response()->json($data, 200);
}
public function bookAuth() {
$data = "Welcome " . Auth::user()->name;
return response()->json($data, 200);
}
}
Baca Juga : Format Data Pada REST API
use Auth;
class BookController extends Controller
{
public function book() {
$data = "Data All Book";
return response()->json($data, 200);
}
public function bookAuth() {
$data = "Welcome " . Auth::user()->name;
return response()->json($data, 200);
}
}
Baca Juga : Format Data Pada REST API
Setelah itu buat JwtMiddleware dengan mengetik perintah
$ php artisan make:middleware JwtMiddleware
Setelah itu edit app/Http/Middleware/JwtMiddleware.php seperti di bawah ini:
<?php
namespace App\Http\Middleware;
use Closure;
use JWTAuth;
use Exception;
use Tymon\JWTAuth\Http\Middleware\BaseMiddleware;
use JWTAuth;
use Exception;
use Tymon\JWTAuth\Http\Middleware\BaseMiddleware;
class JwtMiddleware extends BaseMiddleware
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
try {
$user = JWTAuth::parseToken()->authenticate();
} catch (Exception $e) {
if ($e instanceof
\Tymon\JWTAuth\Exceptions\TokenInvalidException){
return response()->json(['status' => 'Token is Invalid']);
}else if ($e instanceof
\Tymon\JWTAuth\Exceptions\TokenExpiredException){
return response()->json(['status' => 'Token is Expired']);
}else{
return response()->json(['status' => 'Authorization Token not
found']);
}
}
return $next($request);
}
}
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
try {
$user = JWTAuth::parseToken()->authenticate();
} catch (Exception $e) {
if ($e instanceof
\Tymon\JWTAuth\Exceptions\TokenInvalidException){
return response()->json(['status' => 'Token is Invalid']);
}else if ($e instanceof
\Tymon\JWTAuth\Exceptions\TokenExpiredException){
return response()->json(['status' => 'Token is Expired']);
}else{
return response()->json(['status' => 'Authorization Token not
found']);
}
}
return $next($request);
}
}
Setelah itu edit Kernel.php di app/http/Kernel.php di bagian $routeMiddleware tambahkan sebaris code berikut:
'jwt.verify' =>
\App\Http\Middleware\JwtMiddleware::class,
Lalu buat routing di routes/api.php
Route::post('register', 'UserController@register');
Route::post('login', 'UserController@login');
Route::get('book', 'BookController@book');
'jwt.verify' =>
\App\Http\Middleware\JwtMiddleware::class,
Lalu buat routing di routes/api.php
Route::post('register', 'UserController@register');
Route::post('login', 'UserController@login');
Route::get('book', 'BookController@book');
Route::get('bookall', 'BookController@bookAuth')-
>middleware('jwt.verify');
Route::get('user',
'UserController@getAuthenticatedUser')-
>middleware('jwt.verify')
>middleware('jwt.verify');
Route::get('user',
'UserController@getAuthenticatedUser')-
>middleware('jwt.verify')
Setelah itu ketik perintah
$ php artisan serve
Lalu cek di postman
Buka 2 link berikut ini dengan postman (jangan melakukan login terlebih dahulu)
localhost:8000/api/book
$ php artisan serve
Lalu cek di postman
Buka 2 link berikut ini dengan postman (jangan melakukan login terlebih dahulu)
localhost:8000/api/book
localhost:8000/api/bookall
Lalu lakukan registrasi dan login untuk mencoba akses
localhost:8000/api/bookall dengan link registrasi
localhost:8000/api/register
