128

Product support

Get help in the plugin support forum.

Categories

Attention!

After plugin installation you need to copy /plugins/vdomah/jwtauth/config/auth.php to {root}/config/auth.php, otherwise you'll got an error.

JWT Auth API

JSON Web Token Authentication for your OctoberCMS API integrated with RainLab.User

This plugin provides token based authentication to your application. Is based on the awesome package JSON Web Token Authentication for Laravel & Lumen by Sean Tymon.

Requirements

You may like my other plugins

  • Stripe for Shopaholic - Stripe payment gateway for Shopaholic
  • 2-FactorAuth - protect your front-end authentication with 2-factor protection
  • Mail Telegram - Send site mail to your Telegram account using bot
  • BlogViews - track blog posts views
  • Excel - excel import-export tools
  • Roles - manage user access based on roles system

Installation

  1. After plugin installation you need to copy /plugins/vdomah/jwtauth/config/auth.php to {root}/config/auth.php, otherwise you'll got an error.

  2. Generate JWT Authentication Secret. it will be used to sign your tokens. A helper command is provided for this: php artisan jwt:generate. You need to assign the generated value to JWT_SECRET in your .env.

Endpoints

The plugin provides 2 endpoints: /api/login and /api/signup.

/api/login

Expects 2 parameters to receive: email and password. Makes attempt to authenticate and returns token if succeeded. Also the basic user info is included in the response.

/api/signup

Expects 3 parameters to receive: email, password and password_confirmation. Tries to create a user and returns token if succeeded. The user info is included in the response.

/api/refresh

Expects 1 parameter: token. Tries to refresh the token and return the new token.

/api/invalidate

Expects 1 parameter: token. Tries to invalidate the given token - this can be used as an extra precaution to log the user out

How to use this in another plugin?

Simply add ->middleware('\Tymon\JWTAuth\Middleware\GetUserFromToken') to the end of the route in the plugin's routes.php

eg:

Route::post('test', function (\Request $request) {
   return response()->json(('The test was successful'));
})->middleware('\Tymon\JWTAuth\Middleware\GetUserFromToken');

Then when making the request set the header "Authorization" to "Bearer {yourToken}"

How to define own set of user attributes in response?

For sign up and sign in add corresponding methods getAuthApiSignupAttributes or/and getAuthApiSigninAttributes to User model by extending it in your plugin's boot method:

    User::extend(function($model) {
        $model->addDynamicMethod('getAuthApiSignupAttributes', function () use ($model) {
            return [
                'my-attr' => $model->my_attr,
            ];
        });
    });
  • Found the plugin useful on 8 Feb, 2020

    Great plugin, thank you!

    It would be amazing if the data could be updated.

  • Found the plugin useful on 12 Dec, 2019

    Nice plugin!! Thank you

  • author

    Replied on 12 Dec, 2019

    Glad you you like it!

  • Found the plugin useful on 19 Aug, 2019

    Is the best option for Auth API OC. I use it in my projects with vuejs and work great!

    Thanks for your work!!!

  • author

    Replied on 12 Dec, 2019

    Thanks for review!

  • Found the plugin useful on 27 Jul, 2019

    A good plugin, installed and ready 50% of the API. thanks to the developer)))

  • author

    Replied on 27 Jul, 2019

    Thanks for review and for helping with Authorization header issue!

  • Found the plugin useful on 27 Feb, 2018

    Hi, It's nice plugin. But I've got an error with ReflectionException says that jwt.auth does not exists. I tried to call middleware() in routes.php of other plugin (ahmadfatoni.apigenerator). It could be lack of basic knowledge of Laravel or October cause I'm very new to them. Do you have any sugesstion so that I solve the error?

  • author

    Replied on 27 Feb, 2018

    Hi! Thanks for pointing this issue. Seems that after update to Laravel 5.5 the jwt.auth alias no longer works. But now you can use ->middleware('\Tymon\JWTAuth\Middleware\GetUserFromToken') with same result.

  • Found the plugin useful on 14 Sep, 2017

    :) Thanks Art Gek.

    https://github.com/vdomah/oc-jwtauth

    How to use this in another plugin?

    Simply add ->middleware('jwt.auth') to the end of the route in the plugin's routes.php

    eg:

    Route::post('test', function (\Request $request) { return response()->json(('The test was successful')); })->middleware('jwt.auth');

    Then when making the request set the header "Authorization" to "Bearer {yourToken}"

  • Found the plugin useful on 17 Jun, 2017

    Great plugin. Works like it should. I used it inside my login routes. And disabled the default once. Thanks Art Gek

  • author

    Replied on 18 Jun, 2017

    Glad it was useful =)

1.0.9

!!! Generate JWT Authentication Secret using php artisan jwt:generate and assign generated value to JWT_SECRET in .env

Jan 14, 2020

1.0.8

JWT Authentication Secret default value removed from config file. README updated about how to generate the secret.

Jan 14, 2020

1.0.7

Compability with OctoberCMS builds > 454 (Authenticatable trait removed)

Jul 25, 2019

1.0.6

Update README about creating route in another plugin.

Feb 27, 2018

1.0.5

/refresh and /invalidate endpoints back.

Feb 27, 2018

1.0.4

Ability to define own set of user attributes in response.

Dec 24, 2017

1.0.3

README.md updated

Dec 24, 2017

1.0.2

Compability with OctoberCMS builds > 419 (Laravel 5.5)

Dec 24, 2017

1.0.1

Custom service provider and config file added.

Jan 31, 2017

1.0.0

Initialize plugin.

Jan 29, 2017

For versions < 1.0.8

You must update plugin to the latest version and set the JWT_SECRET value in your .env to avoid security vulnerability.