DEV Community: LeanM The latest articles on DEV Community by LeanM (@leanm). https://dev.to/leanm https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1019195%2F1b1b3ca7-56b6-4f39-a734-08c9896b85c8.png DEV Community: LeanM https://dev.to/leanm en Laravel REST API with JWT Authentication for Login and Role-based permissions LeanM Wed, 08 Feb 2023 14:13:18 +0000 https://dev.to/leanm/laravel-rest-api-with-jwt-authentication-for-login-and-role-based-permissions-2p56 https://dev.to/leanm/laravel-rest-api-with-jwt-authentication-for-login-and-role-based-permissions-2p56 <h3> <strong>Table of contents</strong> </h3> <ul> <li>Introduction</li> <li>Create basic User REST API in Laravel</li> <li>Introduce JWT-Auth Library</li> <li>Using JWT-Auth Library</li> <li>Login Demostration in Postman and React-app</li> </ul> <h3> Introduction <a></a> </h3> <p>This article describes how to make a simple user REST API with Laravel which will make use of JWT (JSON Web Token) technology for authentication. This will allow users login and obtain access to private pages in a certain web app.</p> <h3> Create basic REST API in Laravel<a></a>. </h3> <ul> <li> <strong>Create Laravel Project:</strong> Use the following command in the console to create a Laravel project:</li> </ul> <p><code>composer create-project --prefer-dist laravel/laravel projectname</code></p> <ul> <li><p><strong>Default User Model and Migration:</strong><br> The User model and User migration classes are already present in the newly created Laravel project.</p></li> <li><p><strong>Configure the Database:</strong><br> Open the .env file in the project root and update the database configuration by filling in the variables with your database information.</p></li> </ul> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fj6eaocfc9fxczgmanjsx.JPG" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fj6eaocfc9fxczgmanjsx.JPG" alt="Image description"></a></p> <h4> Modifying the User Model for Database Schema </h4> <p>To allow the user to log in with their <em>username</em> and <em>password</em>, we need to save this information in the database. To do this, modify the code in the User Model class as follows:</p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code> <span class="k">protected</span> <span class="nv">$fillable</span> <span class="o">=</span> <span class="p">[</span> <span class="s1">'username'</span><span class="p">,</span> <span class="s1">'password'</span><span class="p">,</span> <span class="p">];</span> </code></pre> </div> <ul> <li>To create a <em>Role</em> Model class and represent the roles that each user would have, run the following command in the console: <code>php artisan make:model Role</code>. Next, edit the class and add the following code to establish a One-to-Many relationship between the User and Role models:</li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight php"><code> <span class="kd">class</span> <span class="nc">Role</span> <span class="kd">extends</span> <span class="nc">Model</span> <span class="p">{</span> <span class="kn">use</span> <span class="nc">HasFactory</span><span class="p">;</span> <span class="k">protected</span> <span class="nv">$fillable</span> <span class="o">=</span> <span class="p">[</span> <span class="s1">'privilege'</span><span class="p">,</span> <span class="s1">'ref_id'</span><span class="p">,</span> <span class="s1">'user_id'</span><span class="p">,</span> <span class="p">];</span> <span class="k">public</span> <span class="k">function</span> <span class="n">user</span><span class="p">()</span> <span class="p">{</span> <span class="k">return</span> <span class="nv">$this</span><span class="o">-&gt;</span><span class="nf">belongsTo</span><span class="p">(</span><span class="s1">'App\Models\User'</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <ul> <li><p>Create a Migration for the new <em>Role</em> Model : <code>php artisan make:migration create_roles_table</code></p></li> <li><p>Modify <em>User</em> Model class by adding a method which returns the roles asociated to the User itself:</p></li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight php"><code> <span class="c1">//Outside class scope</span> <span class="kn">use</span> <span class="no">DB</span><span class="p">;</span> <span class="k">public</span> <span class="k">function</span> <span class="n">getRoleIDs</span><span class="p">()</span> <span class="p">{</span> <span class="nv">$roleIDs</span> <span class="o">=</span> <span class="no">DB</span><span class="o">::</span><span class="nf">table</span><span class="p">(</span><span class="s1">'roles'</span><span class="p">)</span><span class="o">-&gt;</span><span class="nf">where</span><span class="p">(</span><span class="s1">'user_id'</span><span class="p">,</span><span class="nv">$this</span><span class="o">-&gt;</span><span class="n">id</span><span class="p">)</span><span class="o">-&gt;</span><span class="nf">pluck</span><span class="p">(</span><span class="s1">'ref_id'</span><span class="p">);</span> <span class="k">return</span> <span class="nv">$roleIDs</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <ul> <li>Modify the up function in <em>User</em> and <em>Role</em> Migration classes to configure the schema of the database:</li> </ul> <p><strong>User Migration</strong></p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code> <span class="k">public</span> <span class="k">function</span> <span class="n">up</span><span class="p">()</span> <span class="p">{</span> <span class="nc">Schema</span><span class="o">::</span><span class="nf">create</span><span class="p">(</span><span class="s1">'users'</span><span class="p">,</span> <span class="k">function</span> <span class="p">(</span><span class="kt">Blueprint</span> <span class="nv">$table</span><span class="p">)</span> <span class="p">{</span> <span class="nv">$table</span><span class="o">-&gt;</span><span class="nf">id</span><span class="p">();</span> <span class="nv">$table</span><span class="o">-&gt;</span><span class="nf">string</span><span class="p">(</span><span class="s1">'username'</span><span class="p">)</span><span class="o">-&gt;</span><span class="nf">unique</span><span class="p">();</span> <span class="nv">$table</span><span class="o">-&gt;</span><span class="nf">string</span><span class="p">(</span><span class="s1">'password'</span><span class="p">);</span> <span class="nv">$table</span><span class="o">-&gt;</span><span class="nf">timestamps</span><span class="p">();</span> <span class="p">});</span> <span class="p">}</span> </code></pre> </div> <p><strong>Role Migration</strong></p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code> <span class="k">public</span> <span class="k">function</span> <span class="n">up</span><span class="p">()</span> <span class="p">{</span> <span class="nc">Schema</span><span class="o">::</span><span class="nf">create</span><span class="p">(</span><span class="s1">'roles'</span><span class="p">,</span> <span class="k">function</span> <span class="p">(</span><span class="kt">Blueprint</span> <span class="nv">$table</span><span class="p">)</span> <span class="p">{</span> <span class="nv">$table</span><span class="o">-&gt;</span><span class="nf">id</span><span class="p">();</span> <span class="nv">$table</span><span class="o">-&gt;</span><span class="nf">string</span><span class="p">(</span><span class="s1">'privilege'</span><span class="p">);</span> <span class="nv">$table</span><span class="o">-&gt;</span><span class="nf">integer</span><span class="p">(</span><span class="s1">'ref_id'</span><span class="p">)</span><span class="o">-&gt;</span><span class="nf">unsigned</span><span class="p">();</span> <span class="nv">$table</span><span class="o">-&gt;</span><span class="nf">bigInteger</span><span class="p">(</span><span class="s1">'user_id'</span><span class="p">)</span><span class="o">-&gt;</span><span class="nf">unsigned</span><span class="p">();</span> <span class="nv">$table</span><span class="o">-&gt;</span><span class="nf">timestamps</span><span class="p">();</span> <span class="p">});</span> <span class="p">}</span> </code></pre> </div> <h3> Introduce JWT-Auth Library <a></a> </h3> <ul> <li><p>To install the JWT-Auth library, use the following command in the console: <code>composer require tymon/jwt-auth</code></p></li> <li><p>To add the library as a service provider, open the app.php file in the config folder and add the following key to the providers array: <code>Tymon\JWTAuth\Providers\LaravelServiceProvider::class</code></p></li> <li><p>Run the following command to publish the configuration : <br> <code>php artisan vendor:publish <br> --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"</code></p></li> </ul> <h4> Configure JWT-Auth </h4> <ul> <li><p>Generate a secret key that will be used to sign our tokens, by running the following command: <code>php artisan jwt:secret</code></p></li> <li><p>Open <em>auth.php</em> file located in <em>config</em> folder</p></li> <li><p>Modify the <em>defaults</em> array to look like this:</p></li> </ul> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F93l81r2ccx00ov9mwfni.JPG" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F93l81r2ccx00ov9mwfni.JPG" alt="Image description"></a></p> <ul> <li>Modify the <em>guards</em> array to looks like this:</li> </ul> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2For2vyyv73weo01omk7db.JPG" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2For2vyyv73weo01omk7db.JPG" alt="Image description"></a></p> <h3> Using JWT-Auth Library <a></a> </h3> <h4> Configure User Model </h4> <ul> <li>Import JWTSubject in <em>User</em> Model class and make this class implement JWTSubject:</li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight php"><code> <span class="kn">use</span> <span class="nc">Tymon\JWTAuth\Contracts\JWTSubject</span><span class="p">;</span> <span class="kd">class</span> <span class="nc">User</span> <span class="kd">extends</span> <span class="nc">Authenticatable</span> <span class="kd">implements</span> <span class="nc">JWTSubject</span> </code></pre> </div> <ul> <li>Add these two methods: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight php"><code> <span class="k">public</span> <span class="k">function</span> <span class="n">getJWTIdentifier</span><span class="p">()</span> <span class="p">{</span> <span class="k">return</span> <span class="nv">$this</span><span class="o">-&gt;</span><span class="nf">getKey</span><span class="p">();</span> <span class="p">}</span> </code></pre> </div> <p>To obtain the identifier that will be stored in the JWT.</p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code> <span class="k">public</span> <span class="k">function</span> <span class="n">getJWTCustomClaims</span><span class="p">()</span> <span class="p">{</span> <span class="k">return</span> <span class="p">[];</span> <span class="p">}</span> </code></pre> </div> <p>This method returns a key value array, containing any custom claims to be added to the JWT.</p> <ul> <li>Migrate the DataBase schemas with this command: <code>php artisan migrate</code> </li> </ul> <h4> API Set-up </h4> <ul> <li><p>Make a <em>AuthController</em> Controller class with the command: <code>php artisan make:controller AuthController</code></p></li> <li><p>Here is a simple base code that can be put into the <em>AuthController</em> class to have login and register API endpoints:</p></li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight php"><code> <span class="kn">namespace</span> <span class="nn">App\Http\Controllers</span><span class="p">;</span> <span class="kn">use</span> <span class="nc">Illuminate\Support\Facades\Auth</span><span class="p">;</span> <span class="kn">use</span> <span class="nc">App\Http\Controllers\Controller</span><span class="p">;</span> <span class="kd">class</span> <span class="nc">AuthController</span> <span class="kd">extends</span> <span class="nc">Controller</span> <span class="p">{</span> <span class="cd">/** * Create a new AuthController instance. * * @return void */</span> <span class="k">public</span> <span class="k">function</span> <span class="n">__construct</span><span class="p">()</span> <span class="p">{</span> <span class="nv">$this</span><span class="o">-&gt;</span><span class="nf">middleware</span><span class="p">(</span><span class="s1">'auth:api'</span><span class="p">,</span> <span class="p">[</span><span class="s1">'except'</span> <span class="o">=&gt;</span> <span class="p">[</span><span class="s1">'login'</span><span class="p">,</span><span class="s1">'register'</span><span class="p">]]);</span> <span class="p">}</span> <span class="cd">/** * Get a JWT via given credentials. * * @return \Illuminate\Http\JsonResponse */</span> <span class="k">public</span> <span class="k">function</span> <span class="n">login</span><span class="p">()</span> <span class="p">{</span> <span class="nv">$credentials</span> <span class="o">=</span> <span class="nf">request</span><span class="p">([</span><span class="s1">'username'</span><span class="p">,</span> <span class="s1">'password'</span><span class="p">]);</span> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="nf">auth</span><span class="p">()</span><span class="o">-&gt;</span><span class="nf">attempt</span><span class="p">(</span><span class="nv">$credentials</span><span class="p">))</span> <span class="p">{</span> <span class="k">return</span> <span class="nf">response</span><span class="p">()</span><span class="o">-&gt;</span><span class="nf">json</span><span class="p">([</span><span class="s1">'errors'</span> <span class="o">=&gt;</span> <span class="s1">'Invalid username and Password'</span><span class="p">],</span> <span class="mi">401</span><span class="p">);</span> <span class="p">}</span> <span class="nv">$token</span> <span class="o">=</span> <span class="nf">auth</span><span class="p">(</span><span class="s1">'api'</span><span class="p">)</span><span class="o">-&gt;</span><span class="nf">claims</span><span class="p">([</span><span class="s1">'roles'</span> <span class="o">=&gt;</span> <span class="nf">auth</span><span class="p">(</span><span class="s1">'api'</span><span class="p">)</span><span class="o">-&gt;</span><span class="nf">user</span><span class="p">()</span><span class="o">-&gt;</span><span class="nf">getRoleIDs</span><span class="p">()])</span><span class="o">-&gt;</span><span class="nf">attempt</span><span class="p">(</span><span class="nv">$credentials</span><span class="p">);</span> <span class="k">return</span> <span class="nv">$this</span><span class="o">-&gt;</span><span class="nf">respondWithToken</span><span class="p">(</span><span class="nv">$token</span><span class="p">);</span> <span class="p">}</span> <span class="k">public</span> <span class="k">function</span> <span class="n">register</span><span class="p">(</span><span class="kt">Request</span> <span class="nv">$request</span><span class="p">)</span> <span class="p">{</span> <span class="nv">$validator</span> <span class="o">=</span> <span class="nc">Validator</span><span class="o">::</span><span class="nf">make</span><span class="p">(</span><span class="nv">$request</span><span class="o">-&gt;</span><span class="nf">all</span><span class="p">(),</span> <span class="p">[</span> <span class="s1">'username'</span> <span class="o">=&gt;</span> <span class="s1">'required'</span><span class="p">,</span> <span class="s1">'password'</span> <span class="o">=&gt;</span> <span class="s1">'required|string|min:4'</span><span class="p">,</span> <span class="p">]);</span> <span class="k">if</span><span class="p">(</span><span class="nv">$validator</span><span class="o">-&gt;</span><span class="nf">fails</span><span class="p">()){</span> <span class="k">return</span> <span class="nf">response</span><span class="p">()</span><span class="o">-&gt;</span><span class="nf">json</span><span class="p">(</span><span class="nv">$validator</span><span class="o">-&gt;</span><span class="nf">errors</span><span class="p">()</span><span class="o">-&gt;</span><span class="nf">toJson</span><span class="p">(),</span><span class="mi">400</span><span class="p">);</span> <span class="p">}</span> <span class="nv">$user</span> <span class="o">=</span> <span class="nc">User</span><span class="o">::</span><span class="nf">create</span><span class="p">(</span><span class="nb">array_merge</span><span class="p">(</span> <span class="nv">$validator</span><span class="o">-&gt;</span><span class="nf">validate</span><span class="p">(),</span> <span class="p">[</span><span class="s1">'password'</span> <span class="o">=&gt;</span> <span class="nf">bcrypt</span><span class="p">(</span><span class="nv">$request</span><span class="o">-&gt;</span><span class="n">password</span><span class="p">),]</span> <span class="p">));</span> <span class="nv">$role</span> <span class="o">=</span> <span class="nc">Role</span><span class="o">::</span><span class="nf">create</span><span class="p">([</span> <span class="s1">'privilege'</span> <span class="o">=&gt;</span> <span class="s1">'user'</span><span class="p">,</span> <span class="s1">'ref_id'</span> <span class="o">=&gt;</span> <span class="mi">2001</span><span class="p">,</span> <span class="s1">'user_id'</span> <span class="o">=&gt;</span> <span class="nv">$user</span><span class="o">-&gt;</span><span class="n">id</span><span class="p">,</span> <span class="p">]);</span> <span class="k">return</span> <span class="nf">response</span><span class="p">()</span><span class="o">-&gt;</span><span class="nf">json</span><span class="p">([</span> <span class="s1">'message'</span> <span class="o">=&gt;</span> <span class="s1">'¡Successfully registered user!'</span><span class="p">,</span> <span class="s1">'user'</span> <span class="o">=&gt;</span> <span class="nv">$user</span><span class="p">,</span> <span class="s1">'privilege'</span> <span class="o">=&gt;</span> <span class="nv">$role</span><span class="o">-&gt;</span><span class="n">privilege</span><span class="p">,</span> <span class="p">],</span> <span class="mi">201</span><span class="p">);</span> <span class="p">}</span> <span class="cd">/** * Get the token array structure. * * @param string $token * * @return \Illuminate\Http\JsonResponse */</span> <span class="k">protected</span> <span class="k">function</span> <span class="n">respondWithToken</span><span class="p">(</span><span class="nv">$token</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nf">response</span><span class="p">()</span><span class="o">-&gt;</span><span class="nf">json</span><span class="p">([</span> <span class="s1">'access_token'</span> <span class="o">=&gt;</span> <span class="nv">$token</span><span class="p">,</span> <span class="s1">'token_type'</span> <span class="o">=&gt;</span> <span class="s1">'bearer'</span><span class="p">,</span> <span class="s1">'expires_in'</span> <span class="o">=&gt;</span> <span class="nf">auth</span><span class="p">()</span><span class="o">-&gt;</span><span class="nf">factory</span><span class="p">()</span><span class="o">-&gt;</span><span class="nf">getTTL</span><span class="p">()</span> <span class="o">*</span> <span class="mi">60</span> <span class="p">]);</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Note that in the login method, when the login is valid, it puts the roles associated with the user into custom claims within the token.</p> <ul> <li>Configure API Routes:</li> </ul> <p>Open the <em>api.php</em> file in <em>routes</em> folder and add the login API route with these lines of code: </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code> <p><span class="nc">Route</span><span class="o">::</span><span class="nf">group</span><span class="p">([</span><br> <span class="s1">'middleware'</span> <span class="o">=&gt;</span> <span class="p">[</span><span class="s1">'api'</span><span class="p">],</span><br> <span class="s1">'prefix'</span> <span class="o">=&gt;</span> <span class="s1">'auth'</span><br> <span class="p">],</span> <span class="k">function</span> <span class="p">(</span><span class="nv">$router</span><span class="p">)</span> <span class="p">{</span><br> <span class="nc">Route</span><span class="o">::</span><span class="nf">post</span><span class="p">(</span><span class="s1">'login'</span><span class="p">,</span> <span class="p">[</span><span class="nc">App\Http\Controllers\AuthController</span><span class="o">::</span><span class="n">class</span><span class="p">,</span> <span class="s1">'login'</span><span class="p">]);</span><br> <span class="nc">Route</span><span class="o">::</span><span class="nf">post</span><span class="p">(</span><span class="s1">'register'</span><span class="p">,</span> <span class="p">[</span><span class="nc">App\Http\Controllers\AuthController</span><span class="o">::</span><span class="n">class</span><span class="p">,</span> <span class="s1">'register'</span><span class="p">]);</span><br> <span class="p">});</span></p> </code></pre> </div> <h3> <br> <br> <br> Login Demostration in Postman and React app <a></a><br> </h3> <h4> Postman Test </h4> <ul> <li><p>Run your DataBase.</p></li> <li><p>Use the following command to run the Laravel server to test the API: <code>php artisan serve</code></p></li> <li><p>In Postman, make a POST HTTP request to this route <code>http://127.0.0.1:8000/api/auth/register</code> (in case you specified a different port, change it with the one you are using) with a request body containing a username and password, like this:</p></li> </ul> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvq5l2sr0qazeedtcf6gf.JPG" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvq5l2sr0qazeedtcf6gf.JPG" alt="Image description"></a></p> <ul> <li>Login with the new user that was created with a POST HTTP request to the route <code>http://127.0.0.1:8000/api/auth/login</code>, by specifying the previously registered username and password in the request body.</li> </ul> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fboyph31psoaw9nevaq6y.JPG" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fboyph31psoaw9nevaq6y.JPG" alt="Image description"></a></p> <ul> <li>As you can see, if your credentials are valid, you receive a JSON Web Token (JWT) in response that encodes the roles associated with the user. This token can be used to make authenticated requests to your application.</li> </ul> <h4> Test with React app </h4> <p>This is a simple React app where there is an Admin page that is accessible only to users with the "Admin" role. Therefore, you need to log in with a user that has this role.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcx9t0zmnzf7xn5md4sde.JPG" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcx9t0zmnzf7xn5md4sde.JPG" alt="Image description"></a></p> <p>When the login occurs, the token is saved and the role is decoded to determine if the logged-in user can access to the private Admin page.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fzt3ybanlhylaavg54osk.JPG" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fzt3ybanlhylaavg54osk.JPG" alt="Image description"></a></p> <p>When someone trying to access the Admin page, the saved authentication information is checked to determine if the user has the Admin role.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flabdq9p7ju27moi6kzf8.JPG" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flabdq9p7ju27moi6kzf8.JPG" alt="Image description"></a></p> <p>Now let's try to log in to the page with the user "Test" that we created in Postman testing who does not have the "Admin" role:</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fq4ze0pdend5jdcgv05lm.JPG" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fq4ze0pdend5jdcgv05lm.JPG" alt="Image description"></a></p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffjfwywb5ipl6j6ttfe7j.JPG" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffjfwywb5ipl6j6ttfe7j.JPG" alt="Image description"></a></p> <p>We can see that upon logging in, attempting to access the <em>Admin-Panel</em> results in a redirect to the Unauthorized page as the JSON Web Token associated with the <em>Test</em> user session does not contain the necessary role.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3iikwlivq5v2hgd238wf.JPG" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3iikwlivq5v2hgd238wf.JPG" alt="Image description"></a></p> <h4> Authors: </h4> <p><code>Acttis, Julian Xavier.<br> Moran, Cristian Leandro.</code></p> laravel jwt authentication