How to Create REST API in Laravel7 using JWT

  1864 views   5 months ago Laravel

Hello Artisan 

In this tutorial i am going to discuss about a pristinely incipient topic which is jwt auth laravel 6. This tutorial we will optically discern how to engender a restful api with json web token (jwt). JWT (JSON Web Token) is conventionally used to send information that can be trusted and verified utilizing a digital signature.

In this tutorial, we’ll explore the ways you can build—and test—a robust API utilizing Laravel and JWT. In early tutorial i made a tutorial about it. But this was utilizing laravel passport.

In this edification we will engender authenticate, registration and full crud system with JWT authentication with Laravel 6. We will additionally use jwt middleware laravel.

In RESTful APIs, we utilize the HTTP verbs as actions, and the endpoints are the resources acted upon. We’ll be utilizing the HTTP verbs for their semantic meaning:

  • GETretrieve resources
  • POST: create resources
  • PUT: update resources
  • DELETEdelete resources

Now let's start building a robust restful API in Laravel using JWT Authentication. JWT stands for JSON Web Tokens. I will also show you a fully functional CRUD for user products using API.

In this Laravel JWT authentication tutorial we are going to make this kind of API using JWT. You have to just follow few step to get following web services.

  • Login API
  • Register API
  • Logout API
  • Product Details API
  • Store Product API
  • Update Product API
  • Delete Product API
  • Logged in User Details API

Let's start building our Rest Api using JWT authentication.

Step 1: Install Laravel 

I am going to explain step by step from scratch so, we need to get fresh Laravel 6 application using bellow command

composer create-project --prefer-dist laravel/laravel api

Step 2: Install  tymondesigns/jwt-auth Package

Now, install the third-party jwtauth package by typing the following command.

composer require tymon/jwt-auth

It will install the package in the vendor folder and our composer.json file will be updated. Now go to the config/app.php file and add the following.

config/app.php

'providers' => [
    ....
    'Tymon\JWTAuth\Providers\JWTAuthServiceProvider',
],
'aliases' => [
    ....
    'JWTAuth' => 'Tymon\JWTAuth\Facades\JWTAuth',
    'JWTFactory' => 'Tymon\JWTAuth\Facades\JWTFactory',
],

To publish the configuration file in Laravel, you need to run following line of code

php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\JWTAuthServiceProvider"

Step 3 : Generate JWT Key

JWT tokens will be signed with an encryption key. Run the following command to generate jwt key.

php artisan jwt:generate

If you find an error like this after hit the above command.

ReflectionException : Method Tymon\JWTAuth\Commands\JWTGenerateCommand::handle() does not exist

then open JWTGenerateCommand.php file and paste this following code, Hope it will work.

vendor/tymon/src/Commands/JWTGenerateCommand.php

public function handle() { 
 $this->fire(); 
}

Step 4 : Registering Middleware

JWT auth package comes up with middlewares that we can use. Register auth.jwt middleware in 

app/Http/Kernel.php

protected $routeMiddleware = [

    'auth.jwt' => 'auth.jwt' => 'Tymon\JWTAuth\Middleware\GetUserFromToken',

];

This middleware verifies that the user is authenticated by checking the token sent with the request. If the user is not authenticated, the middleware will throw UnauthorizedHttpException exception.

Step 5 : Create Api Routes

Now we need to create our route. paste this following code to this path

routes/api.php 

Route::post('login', 'ApiController@login');
Route::post('register', 'ApiController@register');
 
Route::group(['middleware' => 'auth.jwt'], function () {
    Route::get('logout', 'ApiController@logout');
 
    Route::get('user', 'ApiController@getAuthUser');
 
    Route::get('products', 'ProductController@index');
    Route::get('products/{id}', 'ProductController@show');
    Route::post('products', 'ProductController@store');
    Route::put('products/{id}', 'ProductController@update');
    Route::delete('products/{id}', 'ProductController@destroy');
});

Step 5 : Update User Model

Now open user model and paste this following code to make changes. As we are going to make product crud system also, so we need to make a relationship between user and product.

namespace App;

use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use Notifiable;

    protected $fillable = [
        'name', 'email', 'password',
    ];

    protected $hidden = [
        'password', 'remember_token',
    ];

    public function products()
    {
        return $this->hasMany(Product::class);
    }
}

Let’s write the logic for restful API in laravel using JWT authentication. We need to validate our request data. So run below command to make a register request.

php artisan make:request RegisterAuthRequest

After running this command just open this file going following directory and paste below code.

app/Http/Requests/RegisterAuthRequest.php

namespace App\Http\Requests;

use Illuminate\Foundation\Http\FormRequest;

class RegisterAuthRequest extends FormRequest
{
    public function authorize()
    {
        return true;
    }

    public function rules()
    {
        return [
            'name' => 'required|string',
            'email' => 'required|email|unique:users',
            'password' => 'required|string|min:6|max:10'
        ];
    }
}

Step 6 : Create Controller

Now we have to create our controller. So run below command

php artisan make:controller ApiController
php artisan make:controller ProductController

Now open this ApiController and paste this below code

app/Http/Controllers/ApiController.php

namespace App\Http\Controllers;

use JWTAuth;
use App\User;
use Illuminate\Http\Request;
use App\Http\Requests\RegisterAuthRequest;
use Tymon\JWTAuth\Exceptions\JWTException;
use Symfony\Component\HttpFoundation\Response;

class ApiController extends Controller
{
    public $loginAfterSignUp = true;
 
    public function register(RegisterAuthRequest $request)
    {
        $user = new User();
        $user->name = $request->name;
        $user->email = $request->email;
        $user->password = bcrypt($request->password);
        $user->save();
 
        if ($this->loginAfterSignUp) {
            return $this->login($request);
        }
 
        return response()->json([
            'success' => true,
            'data' => $user
        ], Response::HTTP_OK);
    }
 
    public function login(Request $request)
    {
        $input = $request->only('email', 'password');
        $jwt_token = null;
 
        if (!$jwt_token = JWTAuth::attempt($input)) {
            return response()->json([
                'success' => false,
                'message' => 'Invalid Email or Password',
            ], Response::HTTP_UNAUTHORIZED);
        }
 
        return response()->json([
            'success' => true,
            'token' => $jwt_token,
        ]);
    }
 
    public function logout(Request $request)
    {
        $this->validate($request, [
            'token' => 'required'
        ]);
 
        try {
            JWTAuth::invalidate($request->token);
 
            return response()->json([
                'success' => true,
                'message' => 'User logged out successfully'
            ]);
        } catch (JWTException $exception) {
            return response()->json([
                'success' => false,
                'message' => 'Sorry, the user cannot be logged out'
            ], Response::HTTP_INTERNAL_SERVER_ERROR);
        }
    }
 
    public function getAuthUser(Request $request)
    {
        $this->validate($request, [
            'token' => 'required'
        ]);
 
        $user = JWTAuth::authenticate($request->token);
 
        return response()->json(['user' => $user]);
    }
}

Step 7 : Create Product Model

Now we have to create our product model and migration to test our crud with json web token (JWT). So run below command to create it

php artisan make:model Product -m

It will create a new database migration file create_products_table.php in database/migrations directory. Open it and paste this code

public function up()
    {
        Schema::create('products', function (Blueprint $table) {
            $table->increments('id');
            $table->unsignedInteger('user_id');
            $table->string('name');
            $table->integer('price');
            $table->integer('quantity');
            $table->timestamps();

            $table->foreign('user_id')
                    ->references('id')
                    ->on('users')
                    ->onDelete('cascade');
        });
  }

Now run migrate command to create product migration then open Product model

app/Product.php

namespace App;

use Illuminate\Database\Eloquent\Model;

class Product extends Model
{
    protected $fillable = [
        'name', 'price', 'quantity'
    ];
}

Now go to ProductController.php file and paste this following code Here we will do all the crud part for creating and testing rest api with jwt in laravel.

app/Http/Controllers/ProductController.php

namespace App\Http\Controllers;

use JWTAuth;
use App\Product;
use Illuminate\Http\Request;

class ProductController extends Controller
{
    protected $user;
 
    public function __construct()
    {
        $this->user = JWTAuth::parseToken()->authenticate();
    }
    public function index()
    {
        return $this->user
            ->products()
            ->get(['name', 'price', 'quantity'])
            ->toArray();
    }
    public function show($id)
    {
        $product = $this->user->products()->find($id);
    
        if (!$product) {
            return response()->json([
                'success' => false,
                'message' => 'Sorry, product with id ' . $id . ' cannot be found'
            ], 400);
        }
    
        return $product;
    }

    public function store(Request $request)
    {
        $this->validate($request, [
            'name' => 'required',
            'price' => 'required|integer',
            'quantity' => 'required|integer'
        ]);
    
        $product = new Product();
        $product->name = $request->name;
        $product->price = $request->price;
        $product->quantity = $request->quantity;
    
        if ($this->user->products()->save($product))
            return response()->json([
                'success' => true,
                'product' => $product
            ]);
        else
            return response()->json([
                'success' => false,
                'message' => 'Sorry, product could not be added'
            ], 500);
    }

    public function update(Request $request, $id)
    {
        $product = $this->user->products()->find($id);
    
        if (!$product) {
            return response()->json([
                'success' => false,
                'message' => 'Sorry, product with id ' . $id . ' cannot be found'
            ], 400);
        }
    
        $updated = $product->fill($request->all())
            ->save();
    
        if ($updated) {
            return response()->json([
                'success' => true
            ]);
        } else {
            return response()->json([
                'success' => false,
                'message' => 'Sorry, product could not be updated'
            ], 500);
        }
    }

    public function destroy($id)
    {
        $product = $this->user->products()->find($id);
    
        if (!$product) {
            return response()->json([
                'success' => false,
                'message' => 'Sorry, product with id ' . $id . ' cannot be found'
            ], 400);
        }
    
        if ($product->delete()) {
            return response()->json([
                'success' => true
            ]);
        } else {
            return response()->json([
                'success' => false,
                'message' => 'Product could not be deleted'
            ], 500);
        }
    }
}

Now everything is done. We can check it now. So run below command to start our server and take a tour to test it with postman.

php artisan serve

For testing restful API’s, i will use Postman. Let’s try to check our rest api with json web token(jwt) application.

Preview :  Register route

Preview :  Login route

Preview :  Logged in user data

Now, we will test details api, In this api you have to set three header as listed bellow:

'headers' => [
    
    'Content-Type' => 'application/json',
     
    'Accept' => 'application/json',

    'Authorization' => 'Bearer'

]

So, make sure above header, otherwise you can not get user details.

Preview : Store product route

Preview : Single product route

Preview : All product details route

Preview : Update product route

Preview : Delete product route

Preview : User logout route

Hope this tutorial will help you to learn that how to make api authentication using jwt. So in this laravel jwt authentcation tutorial, if you find any error then you can check my git repository. 

Author : Harsukh Makwana
Harsukh Makwana

Hi, My name is Harsukh Makwana. i have been work with many programming language like php, python, javascript, node, react, anguler, etc.. since last 5 year. if you have any issue or want me hire then contact me on harsukh21@gmail.com

Related Articles