DEV Community: Wendel Lopes The latest articles on DEV Community by Wendel Lopes (@wenlopes). https://dev.to/wenlopes https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F630900%2F2eacf9bf-a7a3-48b4-a062-c64324b1b65a.jpeg DEV Community: Wendel Lopes https://dev.to/wenlopes en Laravel and JWT Authentication with custom model Wendel Lopes Sun, 17 Jul 2022 18:19:48 +0000 https://dev.to/wenlopes/laravel-and-jwt-authentication-with-custom-model-4m3n https://dev.to/wenlopes/laravel-and-jwt-authentication-with-custom-model-4m3n <ul> <li>Before we start, this is the first article i write in english, so apologize for any mistakes.</li> </ul> <p>In this article, i will show you how to implement JWT authentication (using tymon/jwt-auth package) in a Laravel api, using a different model than the default (Users). At the end, a link to the repository will be available with the content of this article.</p> <p>Portuguese version: <a href="https://dev.to/wenlopes/laravel-8-e-autenticacao-jwt-tymon-jwt-auth-com-model-customizada-2l7k">https://dev.to/wenlopes/laravel-8-e-autenticacao-jwt-tymon-jwt-auth-com-model-customizada-2l7k</a></p> <p>So let's go!</p> <h2> Installation </h2> <p>Run this command to install the package<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>composer require tymon/jwt-auth </code></pre> </div> <p>Publish the lib config file in your config folder, with the command<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>php artisan vendor:publish - provider<span class="o">=</span><span class="s2">"Tymon</span><span class="se">\J</span><span class="s2">WTAuth</span><span class="se">\P</span><span class="s2">roviders</span><span class="se">\L</span><span class="s2">aravelServiceProvider"</span> </code></pre> </div> <p>Finally, let's generate the JWT secret, running the command (This command will add <strong>JWT_SECRET</strong> env in your <code>.env</code> file)<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>php artisan jwt:secret </code></pre> </div> <p>If you have questions about this step, <a href="https://jwt-auth.readthedocs.io/en/develop/laravel-installation/" rel="noopener noreferrer">this is the official link to package documentation</a></p> <h2> Model configuration </h2> <p>Now it's time to change our default model. For our example, let's use a Model called Employee.</p> <p>For this, we gonna make a migration to create a table in our database, with same name of the Model.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>php artisan make:migration create_employee_table <span class="nt">--create</span><span class="o">=</span>employee </code></pre> </div> <p>Our employee migration will have the same user migration structure that comes with the Laravel installation, but it difference will be a new column called "job_title".<br> Feel free to add new columns, but keep the "email" and "password" columns.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="nc">Schema</span><span class="o">::</span><span class="nf">create</span><span class="p">(</span><span class="s1">'employee'</span><span class="p">,</span> <span class="k">function</span> <span class="p">(</span><span class="kt">Blueprint</span> <span class="nv">$table</span><span class="p">)</span> <span class="p">{</span> <span class="nv">$table</span><span class="o">-&gt;</span><span class="nf">id</span><span class="p">();</span> <span class="nv">$table</span><span class="o">-&gt;</span><span class="nf">string</span><span class="p">(</span><span class="s1">'name'</span><span class="p">);</span> <span class="nv">$table</span><span class="o">-&gt;</span><span class="nf">string</span><span class="p">(</span><span class="s1">'email'</span><span class="p">)</span><span class="o">-&gt;</span><span class="nf">unique</span><span class="p">();</span> <span class="nv">$table</span><span class="o">-&gt;</span><span class="nf">string</span><span class="p">(</span><span class="s1">'password'</span><span class="p">);</span> <span class="nv">$table</span><span class="o">-&gt;</span><span class="nf">string</span><span class="p">(</span><span class="s1">'job_title'</span><span class="p">);</span> <span class="nv">$table</span><span class="o">-&gt;</span><span class="nf">timestamps</span><span class="p">();</span> <span class="p">});</span> </code></pre> </div> <p>Remove user migration and run<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>php artisan migrate </code></pre> </div> <p>Create the Employee model<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>php artisan make:model Employee </code></pre> </div> <p><em>Important: In Employee model, you may need to add the $table variable, because when we create a test user in database (a little later in this article), Laravel will try to find the table name in plural, and it will cause error. If you already created the table in plural (employees), ignore this step.</em><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>protected <span class="nv">$table</span> <span class="o">=</span> <span class="s1">'employee'</span><span class="p">;</span> </code></pre> </div> <p>The next step is to implement JWTSubject and extends Authenticatable class (Laravel) in our Model Employee. Finally, this will be our model content.</p> <div class="ltag_gist-liquid-tag"> </div> <p>Very well, its time to configure our authentication provider. For that, you must access the <strong>config/auth.php</strong> file and add the 'employess' index in 'providers' array, containing the driver (for this example, we are using Eloquent) and its Model (employee)</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fulef6pu5dkta3gfgptmp.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fulef6pu5dkta3gfgptmp.png" alt="image" width="678" height="476"></a></p> <p>Now let's set the "api" guard as our application default. In the same file, access the "defaults" array and set the default guard to "api"</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fp8a3nu9cmc5hv0a3w3md.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fp8a3nu9cmc5hv0a3w3md.png" alt="image" width="410" height="187"></a></p> <p>We have finished our provider configuration and this should be the final content of <strong>config/auth.php</strong>.</p> <div class="ltag_gist-liquid-tag"> </div> <h2> Creating Controller and Route </h2> <p>It's time to create an auth controller to test our implementation</p> <p>Create an controller called AuthController, with same content of this <a href="https://jwt-auth.readthedocs.io/en/develop/quick-start/" rel="noopener noreferrer">link (official documentation from the package)</a> and create a route in your <code>routes/api.php</code> file<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="kn">use</span> <span class="nc">App\Http\Controllers\AuthController</span><span class="p">;</span> <span class="nc">Route</span><span class="o">::</span><span class="nf">post</span><span class="p">(</span><span class="s1">'auth/login'</span><span class="p">,</span> <span class="p">[</span><span class="nc">AuthController</span><span class="o">::</span><span class="n">class</span><span class="p">,</span> <span class="s1">'login'</span><span class="p">])</span><span class="o">-&gt;</span><span class="nf">name</span><span class="p">(</span><span class="s1">'auth.login'</span><span class="p">);</span> </code></pre> </div> <p>To test our endpoint, lets create an employee in our database and use this data to authenticate</p> <p>In the <code>DatabaseSeeder</code> file, insert this content in the <code>run</code> method<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="nc">\App\Models\Employee</span><span class="o">::</span><span class="nf">create</span><span class="p">([</span> <span class="s1">'name'</span> <span class="o">=&gt;</span> <span class="s1">'Usuário de teste'</span><span class="p">,</span> <span class="s1">'email'</span> <span class="o">=&gt;</span> <span class="s1">'usuario@teste.com.br'</span><span class="p">,</span> <span class="s1">'password'</span> <span class="o">=&gt;</span> <span class="nf">bcrypt</span><span class="p">(</span> <span class="s1">'senha123'</span> <span class="p">),</span> <span class="s1">'job_title'</span> <span class="o">=&gt;</span> <span class="s1">'Gerente administrativo'</span> <span class="p">]);</span> </code></pre> </div> <p>And run this command:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>php artisan db:seed </code></pre> </div> <p>Finally, use an API client (Postman, Insomnia...) and consume the <strong>api/auth/login</strong> login route, passing the email and password defined in the seeder. If everything work's fine, the result will be something like this:</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhk1orw0ooahox8e6n6en.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhk1orw0ooahox8e6n6en.png" alt="image" width="800" height="180"></a></p> <p>So it's done! Your authentication with an custom model is working.</p> <p>You can find the repository with this implementation through this <a href="https://github.com/WenLopes/laravel8-jwt" rel="noopener noreferrer">link</a>. In the repository, i'm using Docker as infra, with Nginx, Mysql and Laravel in version 8. Also, i implemented the <a href="https://refactoring.guru/pt-br/design-patterns/strategy" rel="noopener noreferrer">pattern Strategy</a> to return failed authentication messages and expired token response (in this case, a new valid token is returned).</p> <p>So, that's all. If you have any questions, please comment and i will respond. Thank's for your attention.</p> laravel jwt authentication php Laravel 8 e Autenticação JWT (tymon/jwt-auth) com Model customizada Wendel Lopes Fri, 14 May 2021 23:16:02 +0000 https://dev.to/wenlopes/laravel-8-e-autenticacao-jwt-tymon-jwt-auth-com-model-customizada-2l7k https://dev.to/wenlopes/laravel-8-e-autenticacao-jwt-tymon-jwt-auth-com-model-customizada-2l7k <p>Nesse artigo vou mostrar como implementar autenticação JWT (utilizando o pacote <strong>tymon/jwt-auth</strong>) em uma API com Laravel 8, utilizando uma Model diferente da padrão (Users). Ao final do texto, vou disponibilizar o link para o repositório contendo a implementação dos passos deste artigo :)</p> <p>Então vamos lá!</p> <h2> Instalação </h2> <p>Execute o comando para instalar o pacote<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>composer require tymon/jwt-auth </code></pre> </div> <p>Publique o arquivo de configuração da biblioteca para sua pasta config, com o comando<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>php artisan vendor:publish - provider<span class="o">=</span><span class="s2">"Tymon</span><span class="se">\J</span><span class="s2">WTAuth</span><span class="se">\P</span><span class="s2">roviders</span><span class="se">\L</span><span class="s2">aravelServiceProvider"</span> </code></pre> </div> <p>Por fim, vamos gerar o JWT secret, utilizando o comando<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>php artisan jwt:secret </code></pre> </div> <p>Esse comando vai adicionar a variável JWT_SECRET no seu arquivo <code>.env</code></p> <p>Em caso de qualquer dúvida sobre o <br> processo de instalação, <a href="https://jwt-auth.readthedocs.io/en/develop/laravel-installation/" rel="noopener noreferrer">acesse o link oficial do pacote</a> com instruções para a instalação.</p> <h2> Configuração da Model </h2> <p>Como dito anteriormente, vamos utilizar uma Model diferente da Users para armazenar os dados de usuários. Em nosso caso, vamos criar uma nova Model chamada Employee. </p> <p>Para isso, vamos criar uma migration para criar uma tabela no nosso banco de dados com o mesmo nome da Model:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>php artisan make:migration create_employee_table <span class="nt">--create</span><span class="o">=</span>employee </code></pre> </div> <p>Nossa migration vai ter a mesma estrutura da migration de users que vem como padrão na instalação do Laravel, onde a única diferença será um campo a mais chamado "job_title". Fique a vontade para adicionar novas colunas, mas certifique-se que as colunas "email" e "password" serão criadas.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="nc">Schema</span><span class="o">::</span><span class="nf">create</span><span class="p">(</span><span class="s1">'employee'</span><span class="p">,</span> <span class="k">function</span> <span class="p">(</span><span class="kt">Blueprint</span> <span class="nv">$table</span><span class="p">)</span> <span class="p">{</span> <span class="nv">$table</span><span class="o">-&gt;</span><span class="nf">id</span><span class="p">();</span> <span class="nv">$table</span><span class="o">-&gt;</span><span class="nf">string</span><span class="p">(</span><span class="s1">'name'</span><span class="p">);</span> <span class="nv">$table</span><span class="o">-&gt;</span><span class="nf">string</span><span class="p">(</span><span class="s1">'email'</span><span class="p">)</span><span class="o">-&gt;</span><span class="nf">unique</span><span class="p">();</span> <span class="nv">$table</span><span class="o">-&gt;</span><span class="nf">string</span><span class="p">(</span><span class="s1">'password'</span><span class="p">);</span> <span class="nv">$table</span><span class="o">-&gt;</span><span class="nf">string</span><span class="p">(</span><span class="s1">'job_title'</span><span class="p">);</span> <span class="nv">$table</span><span class="o">-&gt;</span><span class="nf">timestamps</span><span class="p">();</span> <span class="p">});</span> </code></pre> </div> <p>Remova a migration para criação da tabela de users e rode as migrations<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>php artisan migrate </code></pre> </div> <p>Crie a Model Employee<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>php artisan make:model Employee </code></pre> </div> <p><em>Obs: Adicione a variável $table na model, para passar o nome da tabela no singular, pois no momento de realizar a criação de usuário de teste (um pouco mais a frente nesse mesmo artigo), o Laravel vai por padrão tentar localizar a tabela no plural e vai ocasionar erro. Se você criou a tabela no plural (employees), pule o passo abaixo</em><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>protected <span class="nv">$table</span> <span class="o">=</span> <span class="s1">'employee'</span><span class="p">;</span> </code></pre> </div> <p>Após a criação de nossa Model, vamos implementar a classe JWTSubject, implementando seus métodos. Além disso, vamos extender a classe Authenticatable do Laravel. No final, esse será o conteúdo de nossa Model</p> <div class="ltag_gist-liquid-tag"> </div> <p>Muito bem, agora que temos nossa Model devidamente criada e configurada, é hora de configurarmos nosso provider de autenticação. Para isso, acesse o arquivo config/auth.php e vamos adicionar o novo índice 'employess' no array 'providers', contendo o driver (em nosso caso, vamos utilizar o Eloquent) e a model desejada.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fulef6pu5dkta3gfgptmp.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fulef6pu5dkta3gfgptmp.png" alt="image" width="678" height="476"></a></p> <p>Em seguida, no mesmo arquivo, vamos acessar o array "guards" e no array "api", vamos setar o driver "jwt" e o provider "employees" que acabamos de criar.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffrt7ynfngrduztgqdm4o.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffrt7ynfngrduztgqdm4o.png" alt="image" width="520" height="482"></a></p> <p>Por fim, vamos setar o guard "api" como o padrão de nossa aplicação. No mesmo arquivo, acesse o array "defaults" e defina o guard padrão como "api"</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fp8a3nu9cmc5hv0a3w3md.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fp8a3nu9cmc5hv0a3w3md.png" alt="image" width="410" height="187"></a></p> <p>Feito isso, concluímos a configuração do nosso provider e o conteúdo final do arquivo config/auth.php será esse</p> <div class="ltag_gist-liquid-tag"> </div> <h2> Criando o controller e rota </h2> <p>Muito bem, agora que criamos e configuramos nossa Model, vamos criar o controller de autenticação para testar nossa implementação.</p> <p>Crie o controller AuthController, com o mesmo conteúdo apresentado nesse <a href="https://jwt-auth.readthedocs.io/en/develop/quick-start/" rel="noopener noreferrer">link do site oficial do pacote</a> e em seguida, crie a rota para realizar o login no arquivo <code>routes/api.php</code></p> <p><em>Obs: Não se esqueça que a partir da versão 8 do Laravel, o controller deve ser importado no arquivo de rotas</em><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="kn">use</span> <span class="nc">App\Http\Controllers\AuthController</span><span class="p">;</span> <span class="nc">Route</span><span class="o">::</span><span class="nf">post</span><span class="p">(</span><span class="s1">'auth/login'</span><span class="p">,</span> <span class="p">[</span><span class="nc">AuthController</span><span class="o">::</span><span class="n">class</span><span class="p">,</span> <span class="s1">'login'</span><span class="p">])</span><span class="o">-&gt;</span><span class="nf">name</span><span class="p">(</span><span class="s1">'auth.login'</span><span class="p">);</span> </code></pre> </div> <p>Para testar nosso endpoint, vamos criar um registro na tabela employee e utilizar os dados para autenticar.</p> <p>No arquivo <code>DatabaseSeeder</code> , insira o seguinte conteúdo dentro do método <code>run</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="nc">\App\Models\Employee</span><span class="o">::</span><span class="nf">create</span><span class="p">([</span> <span class="s1">'name'</span> <span class="o">=&gt;</span> <span class="s1">'Usuário de teste'</span><span class="p">,</span> <span class="s1">'email'</span> <span class="o">=&gt;</span> <span class="s1">'usuario@teste.com.br'</span><span class="p">,</span> <span class="s1">'password'</span> <span class="o">=&gt;</span> <span class="nf">bcrypt</span><span class="p">(</span> <span class="s1">'senha123'</span> <span class="p">),</span> <span class="s1">'job_title'</span> <span class="o">=&gt;</span> <span class="s1">'Gerente administrativo'</span> <span class="p">]);</span> </code></pre> </div> <p>E na sequência execute o comando:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>php artisan db:seed </code></pre> </div> <p>Por fim, utilize seu API client de preferência e consuma a rota de login <strong>api/auth/login</strong>, informando o email e senha criado na seeder. Se tudo ocorreu bem, o resultado será como o abaixo:</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhk1orw0ooahox8e6n6en.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhk1orw0ooahox8e6n6en.png" alt="image" width="800" height="180"></a></p> <p>E pronto, sua autenticação com model customizada está funcionando.</p> <p>Como disse anteriormente, você pode baixar o projeto com essa implementação através do meu repositório no Github (link abaixo). Nesse repositório, estou utilizando Docker para infraestrutura, contendo Nginx, Mysql e o Laravel em sua versão 8. Além disso, implementei o <a href="https://refactoring.guru/pt-br/design-patterns/strategy" rel="noopener noreferrer">pattern Strategy</a> para retornar mensagens em casos de erro de autenticação e/ou token expirado, onde no segundo caso, um novo token atualizado é retornado (estou preparando um novo artigo para abordar esse tema :).</p> <p><a href="https://github.com/WenLopes/laravel8-jwt" rel="noopener noreferrer">Clique aqui e acesse o repositório</a></p> <p>Então é isso pessoal, em caso de dúvidas, deixe nos comentários. Obrigado e até a próxima</p> laravel php jwt auth