Laravelでjson web token試してみました - もがき系プログラマの日常

はじめに

こんばんは。

今回も前回同様、作業した備忘録です。

今回試したのは LaravelでのJWTです。

こちらの jwt-auth というライブラリです。

設定自体はめちゃめちゃ簡単です。

公式のドキュメントに書いているとおりで、ほぼ迷うことはありません。

本題

1. インストール

$ composer require tymon/jwt-auth

2. 設定

# configファイル生成
$ php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"


# secret key作成
$ php artisan jwt:secret

# auth設定
# vi config/auth.php
# multi-authだとこんな感じ？

...

'guards' => [
    'admin' => [
        'driver'   => 'jwt',
        'provider' => 'admin',
        'hash'     => true,
    ],
    'customer' => [
        'driver'   => 'jwt',
        'provider' => 'customer',
        'hash'     => true,
    ],
],


'providers' => [
    'admin' => [
        'driver' => 'eloquent',
        'model'  => App\Models\AdminUser::class,
    ],
    'customer' => [
        'driver' => 'eloquent',
        'model'  => App\Models\Customer::class,
    ],
],

3. routing設定

<?php

Route::group(['middleware' => ['auth:admin']], function () {
    Route::get('/staff', 'StaffController@list')->name('StaffList');
    Route::get('/auth/refresh', 'AuthController@refresh')->name('AuthenticateRefresh');
});

Route::post('/auth/login', 'AuthController@login')->name('Authenticate');
Route::delete('/auth/logout', 'AuthController@logout')->name('AuthenticateLogout');

4. Controller設定

<?php

declare(strict_types=1);

namespace App\Http\Controllers\Admin;

use App\Http\Controllers\Controller;
use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;

class AuthController extends Controller
{
    /**
     * Login Action.
     * @throws UnauthorizedHttpException
     * @return \Illuminate\Http\JsonResponse
     */
    public function login(): \Illuminate\Http\JsonResponse
    {
        $requestData = request(['email', 'password']);
        $credentials = [
            'mailaddAddress' => $requestData['email'],
            'password'       => $requestData['password'],
        ];

        if (!$token = auth()->attempt($credentials)) {
            throw new UnauthorizedHttpException('Invalid credentials', '認証失敗');
        }

        return $this->respondWithToken((string) $token);
    }

    /**
     * Logout Action.
     * @return \Illuminate\Http\JsonResponse
     */
    public function logout(): \Illuminate\Http\JsonResponse
    {
        auth()->logout();
        return response()->json('OK');
    }

    /**
     * RefreshToken.
     * @return \Illuminate\Http\JsonResponse
     */
    public function refresh(): \Illuminate\Http\JsonResponse
    {
        return response()->json([
            'accessToken' => auth()->refresh(),
            'expiresIn'   => auth()->factory()->getTTL() * 60,
        ]);
    }

    /**
     * Get the token array structure.
     *
     * @param string $token
     * @return \Illuminate\Http\JsonResponse
     */
    protected function respondWithToken(string $token): \Illuminate\Http\JsonResponse
    {
        $adminUser = auth()->user();
        return response()->json([
            'accessToken' => $token,
            'firstName'   => $adminUser->firstName,
            'lastName'    => $adminUser->lastName,
            'id'          => $adminUser->id,
            'mailAddress' => $adminUser->mailAddress,
            'expiresIn'   => auth()->factory()->getTTL() * 60,
        ]);
    }
}

5. Model設定

<?php

declare(strict_types=1);

namespace App\Models;

use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Tymon\JWTAuth\Contracts\JWTSubject;

class AdminUser extends Authenticatable implements JWTSubject
{
    use Notifiable;

    protected $table = 'admin_users';

    /**
     * Get the identifier that will be stored in the subject claim of the JWT.
     *
     * @return mixed
     */
    public function getJWTIdentifier()
    {
        return $this->getKey();
    }

    /**
     * Return a key value array, containing any custom claims to be added to the JWT.
     *
     * @return array
     */
    public function getJWTCustomClaims(): array
    {
        return [];
    }
}