Implementation of custom middleware that manage tokens for authentication in laravel framework.
composer require legracieux53/jwt-laravel or composer require legracieux53/jwt-laravel:dev-master
In your controller, import AuthenticationManager class and create authenticate function like that follow.
...
use Lnl\JWT\AuthenticationManager;
...
private function authenticate ($username, $password)
{
$manager = new AuthenticationManager();
$manager->setTablePath("App\\Http\\Models"); // Set model namespace
$manager->setTable("Person"); // set model table name
$manager->setUsernameField("code_pers"); // set username field in table
$manager->setPasswordField("password"); // set password field in table
$manager->setUsername($username); //set username value
$manager->setPassword($password); // set password value
$status = $manager->login(); // perform login and get his state for checking
if ($status == AuthenticationManager::LOGIN_SUCCESS) {
return response()->json(["token" => $manager->getToken()], 200);
} else {
if ($status == AuthenticationManager::ERROR_USERNAME) {
return response()->json(["message error" => "Vérifiez votre username ou mot de passe"], 403);
}
if ($status == AuthenticationManager::ERROR_PASSWORD) {
return response()->json(["message error" => "Vérifiez votre mot de passe"], 403);
}
}
}Then use your authenticate function for login.
...
public function login (Request $request)
{
return $this->authenticate($request->code_pers, $request->password);
}
public function logout ($token)
{
$manager = new AuthenticationManager();
$manager->setToken($token); // set token must be disabled
$status = $manager->logout();
if($status == AuthenticationManager::LOGOUT_SUCCESS) {
return response()->json(["operation" => "success", "message" => "Déconnexion effectuée avec succès"], 200);
}
if($status == AuthenticationManager::LOGOUT_ERROR) {
return response()->json(["operation" => "error", "message" => "Echec de l'oppération de déconnexion"], 403);
}
}
...Now Create a middleware for checking authentication.
namespace App\Http\Middleware;
use Lnl\JWT\Token; //import The token class
use Closure;
class AuthenticationPerson
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$token = new Token();
$token->clean(); // remove all expired tokens
$token->setToken($request->token); // set token that your request has send.
$token->setAgent("Person"); // set agent of token. It used for group tokens in authentication level. Use table name by default if AuthenticationManager::setAgent($agent) has not called in authentication function
if ($token->tokenVerifyAgent() && $token->isToken() && $token->isValid()) {
$token->relance(3600); // define new time for token
return $next($request);
} else {
return response()->json(["Error Message" => "Invalid token provided"], 403);
}
}
}You can now call login and logout functions in your routes like this:
Route::post('login/person', 'PersonController@login');
/**
* Test de validité du token
*/
Route::middleware(['auth.ecole'])->group(function () {
Route::get('logout/person/{token}', 'PersonController@logout');
Route::get('test', function () {
return response()->json(["message" => "connexion RAS"], 200);
});
});