├── public ├── favicon.ico ├── robots.txt ├── .htaccess ├── web.config └── index.php ├── app ├── Listeners │ └── .gitkeep ├── Policies │ └── .gitkeep ├── Events │ └── Event.php ├── Http │ ├── Requests │ │ └── Request.php │ ├── Middleware │ │ ├── EncryptCookies.php │ │ ├── VerifyCsrfToken.php │ │ ├── RedirectIfAuthenticated.php │ │ ├── Authenticate.php │ │ └── JWTAuthenticated.php │ ├── Controllers │ │ ├── Controller.php │ │ ├── Auth │ │ │ ├── PasswordController.php │ │ │ └── AuthController.php │ │ ├── HomeController.php │ │ ├── AuthController.php │ │ └── UserController.php │ ├── routes.php │ └── Kernel.php ├── Providers │ ├── AppServiceProvider.php │ ├── AuthServiceProvider.php │ ├── EventServiceProvider.php │ └── RouteServiceProvider.php ├── User.php ├── Jobs │ └── Job.php ├── Console │ ├── Commands │ │ └── Inspire.php │ └── Kernel.php └── Exceptions │ └── Handler.php ├── database ├── seeds │ ├── .gitkeep │ └── DatabaseSeeder.php ├── migrations │ ├── .gitkeep │ ├── 2014_10_12_100000_create_password_resets_table.php │ └── 2014_10_12_000000_create_users_table.php ├── .gitignore └── factories │ └── ModelFactory.php ├── resources ├── views │ ├── vendor │ │ └── .gitkeep │ ├── home │ │ └── showRoutes.blade.php │ ├── welcome.blade.php │ └── errors │ │ └── 503.blade.php ├── assets │ └── sass │ │ └── app.scss └── lang │ └── en │ ├── pagination.php │ ├── auth.php │ ├── passwords.php │ └── validation.php ├── storage ├── app │ └── .gitignore ├── logs │ └── .gitignore └── framework │ ├── cache │ └── .gitignore │ ├── views │ └── .gitignore │ ├── sessions │ └── .gitignore │ └── .gitignore ├── bootstrap ├── cache │ └── .gitignore ├── autoload.php └── app.php ├── .gitattributes ├── .gitignore ├── package.json ├── .env.example ├── tests ├── ExampleTest.php └── TestCase.php ├── gulpfile.js ├── server.php ├── phpunit.xml ├── config ├── compile.php ├── services.php ├── view.php ├── broadcasting.php ├── cache.php ├── queue.php ├── filesystems.php ├── auth.php ├── mail.php ├── database.php ├── session.php ├── jwt.php └── app.php ├── composer.json ├── artisan └── readme.md /public/favicon.ico: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /app/Listeners/.gitkeep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /app/Policies/.gitkeep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /database/seeds/.gitkeep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /database/migrations/.gitkeep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /database/.gitignore: -------------------------------------------------------------------------------- 1 | *.sqlite 2 | -------------------------------------------------------------------------------- /resources/views/vendor/.gitkeep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /storage/app/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore -------------------------------------------------------------------------------- /bootstrap/cache/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /storage/logs/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /public/robots.txt: -------------------------------------------------------------------------------- 1 | User-agent: * 2 | Disallow: 3 | -------------------------------------------------------------------------------- /storage/framework/cache/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore -------------------------------------------------------------------------------- /storage/framework/views/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /storage/framework/sessions/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | * text=auto 2 | *.css linguist-vendored 3 | *.less linguist-vendored 4 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | /vendor 2 | /node_modules 3 | Homestead.yaml 4 | Homestead.json 5 | .env 6 | /.idea 7 | -------------------------------------------------------------------------------- /resources/assets/sass/app.scss: -------------------------------------------------------------------------------- 1 | // @import "node_modules/bootstrap-sass/assets/stylesheets/bootstrap"; 2 | 3 | -------------------------------------------------------------------------------- /app/Events/Event.php: -------------------------------------------------------------------------------- 1 | call(UserTableSeeder::class); 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /app/Http/Middleware/EncryptCookies.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | Options -MultiViews 4 | 5 | 6 | RewriteEngine On 7 | 8 | # Redirect Trailing Slashes If Not A Folder... 9 | RewriteCond %{REQUEST_FILENAME} !-d 10 | RewriteRule ^(.*)/$ /$1 [L,R=301] 11 | 12 | # Handle Front Controller... 13 | RewriteCond %{REQUEST_FILENAME} !-d 14 | RewriteCond %{REQUEST_FILENAME} !-f 15 | RewriteRule ^ index.php [L] 16 | 17 | -------------------------------------------------------------------------------- /tests/ExampleTest.php: -------------------------------------------------------------------------------- 1 | visit('/') 17 | ->see('Laravel 5'); 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /app/Providers/AppServiceProvider.php: -------------------------------------------------------------------------------- 1 | '« Previous', 17 | 'next' => 'Next »', 18 | 19 | ]; 20 | -------------------------------------------------------------------------------- /tests/TestCase.php: -------------------------------------------------------------------------------- 1 | make(Illuminate\Contracts\Console\Kernel::class)->bootstrap(); 22 | 23 | return $app; 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /server.php: -------------------------------------------------------------------------------- 1 | 8 | */ 9 | 10 | $uri = urldecode( 11 | parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH) 12 | ); 13 | 14 | // This file allows us to emulate Apache's "mod_rewrite" functionality from the 15 | // built-in PHP web server. This provides a convenient way to test a Laravel 16 | // application without having installed a "real" web server software here. 17 | if ($uri !== '/' && file_exists(__DIR__.'/public'.$uri)) { 18 | return false; 19 | } 20 | 21 | require_once __DIR__.'/public/index.php'; 22 | -------------------------------------------------------------------------------- /app/Http/Middleware/RedirectIfAuthenticated.php: -------------------------------------------------------------------------------- 1 | check()) { 21 | return redirect('/'); 22 | } 23 | 24 | return $next($request); 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /app/Http/routes.php: -------------------------------------------------------------------------------- 1 | '/v1'], function () { 9 | 10 | /** 11 | * Authenticate the user via JWT 12 | */ 13 | Route::post('/auth', 'AuthController@auth'); 14 | 15 | /** 16 | * Create a user 17 | */ 18 | Route::post('/user', 'UserController@store'); 19 | 20 | /** 21 | * To use the following resources you must be authenticated with JWT 22 | */ 23 | Route::group(['middleware' => ['auth.jwt']], function () { 24 | 25 | Route::get('/user', 'UserController@show'); 26 | 27 | }); 28 | 29 | }); 30 | -------------------------------------------------------------------------------- /resources/lang/en/auth.php: -------------------------------------------------------------------------------- 1 | 'These credentials do not match our records.', 17 | 'throttle' => 'Too many login attempts. Please try again in :seconds seconds.', 18 | 19 | ]; 20 | -------------------------------------------------------------------------------- /database/factories/ModelFactory.php: -------------------------------------------------------------------------------- 1 | define(App\User::class, function (Faker\Generator $faker) { 15 | return [ 16 | 'name' => $faker->name, 17 | 'email' => $faker->email, 18 | 'password' => bcrypt(str_random(10)), 19 | 'remember_token' => str_random(10), 20 | ]; 21 | }); 22 | -------------------------------------------------------------------------------- /app/Console/Commands/Inspire.php: -------------------------------------------------------------------------------- 1 | comment(PHP_EOL.Inspiring::quote().PHP_EOL); 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /app/Console/Kernel.php: -------------------------------------------------------------------------------- 1 | command('inspire') 28 | ->hourly(); 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /app/Http/Middleware/Authenticate.php: -------------------------------------------------------------------------------- 1 | guest()) { 21 | if ($request->ajax()) { 22 | return response('Unauthorized.', 401); 23 | } else { 24 | return redirect()->guest('login'); 25 | } 26 | } 27 | 28 | return $next($request); 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /database/migrations/2014_10_12_100000_create_password_resets_table.php: -------------------------------------------------------------------------------- 1 | string('email')->index(); 17 | $table->string('token')->index(); 18 | $table->timestamp('created_at'); 19 | }); 20 | } 21 | 22 | /** 23 | * Reverse the migrations. 24 | * 25 | * @return void 26 | */ 27 | public function down() 28 | { 29 | Schema::drop('password_resets'); 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /app/Providers/AuthServiceProvider.php: -------------------------------------------------------------------------------- 1 | 'App\Policies\ModelPolicy', 17 | ]; 18 | 19 | /** 20 | * Register any application authentication / authorization services. 21 | * 22 | * @param \Illuminate\Contracts\Auth\Access\Gate $gate 23 | * @return void 24 | */ 25 | public function boot(GateContract $gate) 26 | { 27 | $this->registerPolicies($gate); 28 | 29 | // 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /resources/lang/en/passwords.php: -------------------------------------------------------------------------------- 1 | 'Passwords must be at least six characters and match the confirmation.', 17 | 'reset' => 'Your password has been reset!', 18 | 'sent' => 'We have e-mailed your password reset link!', 19 | 'token' => 'This password reset token is invalid.', 20 | 'user' => "We can't find a user with that e-mail address.", 21 | 22 | ]; 23 | -------------------------------------------------------------------------------- /app/Providers/EventServiceProvider.php: -------------------------------------------------------------------------------- 1 | [ 17 | 'App\Listeners\EventListener', 18 | ], 19 | ]; 20 | 21 | /** 22 | * Register any other events for your application. 23 | * 24 | * @param \Illuminate\Contracts\Events\Dispatcher $events 25 | * @return void 26 | */ 27 | public function boot(DispatcherContract $events) 28 | { 29 | parent::boot($events); 30 | 31 | // 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /database/migrations/2014_10_12_000000_create_users_table.php: -------------------------------------------------------------------------------- 1 | increments('id'); 17 | $table->string('name'); 18 | $table->string('email')->unique(); 19 | $table->string('password', 60); 20 | $table->rememberToken(); 21 | $table->timestamps(); 22 | }); 23 | } 24 | 25 | /** 26 | * Reverse the migrations. 27 | * 28 | * @return void 29 | */ 30 | public function down() 31 | { 32 | Schema::drop('users'); 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /resources/views/home/showRoutes.blade.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | API routes list 8 | 9 | 10 | 11 | 12 |
13 |

Routes list

14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | @foreach ($routes as $route) 22 | 23 | 24 | 25 | 26 | 27 | 28 | @endforeach 29 |
PathMethods
{{ $route['path'] }}{{ implode(', ', $route['methods']) }}
30 | 31 |
32 | 33 | 34 | 35 | -------------------------------------------------------------------------------- /phpunit.xml: -------------------------------------------------------------------------------- 1 | 2 | 11 | 12 | 13 | ./tests/ 14 | 15 | 16 | 17 | 18 | app/ 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | -------------------------------------------------------------------------------- /app/Http/Controllers/Auth/PasswordController.php: -------------------------------------------------------------------------------- 1 | middleware('guest'); 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /public/web.config: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | -------------------------------------------------------------------------------- /config/compile.php: -------------------------------------------------------------------------------- 1 | [ 17 | // 18 | ], 19 | 20 | /* 21 | |-------------------------------------------------------------------------- 22 | | Compiled File Providers 23 | |-------------------------------------------------------------------------- 24 | | 25 | | Here you may list service providers which define a "compiles" function 26 | | that returns additional files that should be compiled, providing an 27 | | easy way to get common files from any packages you are utilizing. 28 | | 29 | */ 30 | 31 | 'providers' => [ 32 | // 33 | ], 34 | 35 | ]; 36 | -------------------------------------------------------------------------------- /config/services.php: -------------------------------------------------------------------------------- 1 | [ 18 | 'domain' => env('MAILGUN_DOMAIN'), 19 | 'secret' => env('MAILGUN_SECRET'), 20 | ], 21 | 22 | 'mandrill' => [ 23 | 'secret' => env('MANDRILL_SECRET'), 24 | ], 25 | 26 | 'ses' => [ 27 | 'key' => env('SES_KEY'), 28 | 'secret' => env('SES_SECRET'), 29 | 'region' => 'us-east-1', 30 | ], 31 | 32 | 'stripe' => [ 33 | 'model' => App\User::class, 34 | 'key' => env('STRIPE_KEY'), 35 | 'secret' => env('STRIPE_SECRET'), 36 | ], 37 | 38 | ]; 39 | -------------------------------------------------------------------------------- /config/view.php: -------------------------------------------------------------------------------- 1 | [ 17 | realpath(base_path('resources/views')), 18 | ], 19 | 20 | /* 21 | |-------------------------------------------------------------------------- 22 | | Compiled View Path 23 | |-------------------------------------------------------------------------- 24 | | 25 | | This option determines where all the compiled Blade templates will be 26 | | stored for your application. Typically, this is within the storage 27 | | directory. However, as usual, you are free to change this value. 28 | | 29 | */ 30 | 31 | 'compiled' => realpath(storage_path('framework/views')), 32 | 33 | ]; 34 | -------------------------------------------------------------------------------- /bootstrap/autoload.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | Laravel 5 | 6 | 7 | 8 | 37 | 38 | 39 |
40 |
41 |
Laravel 5
42 |
43 |
44 | 45 | 46 | -------------------------------------------------------------------------------- /app/Http/Controllers/HomeController.php: -------------------------------------------------------------------------------- 1 | $route) 19 | { 20 | /** 21 | * Remove "/" path and HEAD method from routes listing 22 | */ 23 | 24 | $path = $route->getPath(); 25 | 26 | if($path == '/') 27 | { 28 | continue; 29 | } 30 | 31 | $methods = $route->getMethods(); 32 | 33 | $headKey = array_search('HEAD', $methods); 34 | 35 | if(false !== $headKey) 36 | { 37 | unset($methods[$headKey]); 38 | } 39 | 40 | $processedRoutes[] = [ 41 | 'path' => \Request::url() . '/' . $path, 42 | 'methods' => $methods 43 | ]; 44 | 45 | } 46 | 47 | return view('home.showRoutes')->with('routes', $processedRoutes); 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /app/Providers/RouteServiceProvider.php: -------------------------------------------------------------------------------- 1 | group(['namespace' => $this->namespace], function ($router) { 41 | require app_path('Http/routes.php'); 42 | }); 43 | } 44 | } 45 | -------------------------------------------------------------------------------- /resources/views/errors/503.blade.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | Be right back. 5 | 6 | 7 | 8 | 39 | 40 | 41 |
42 |
43 |
Be right back.
44 |
45 |
46 | 47 | 48 | -------------------------------------------------------------------------------- /composer.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "laravel/laravel", 3 | "description": "The Laravel Framework.", 4 | "keywords": ["framework", "laravel"], 5 | "license": "MIT", 6 | "type": "project", 7 | "require": { 8 | "php": ">=5.5.9", 9 | "laravel/framework": "5.2.*", 10 | "doctrine/dbal": "^2.5", 11 | "tymon/jwt-auth": "^0.5.6" 12 | }, 13 | "require-dev": { 14 | "fzaninotto/faker": "~1.4", 15 | "mockery/mockery": "0.9.*", 16 | "phpunit/phpunit": "~4.0", 17 | "symfony/css-selector": "2.8.*|3.0.*", 18 | "symfony/dom-crawler": "2.8.*|3.0.*" 19 | }, 20 | "autoload": { 21 | "classmap": [ 22 | "database" 23 | ], 24 | "psr-4": { 25 | "App\\": "app/" 26 | } 27 | }, 28 | "autoload-dev": { 29 | "classmap": [ 30 | "tests/TestCase.php" 31 | ] 32 | }, 33 | "scripts": { 34 | "post-root-package-install": [ 35 | "php -r \"copy('.env.example', '.env');\"" 36 | ], 37 | "post-create-project-cmd": [ 38 | "php artisan key:generate" 39 | ], 40 | "post-install-cmd": [ 41 | "php artisan clear-compiled", 42 | "php artisan optimize" 43 | ], 44 | "post-update-cmd": [ 45 | "php artisan optimize" 46 | ] 47 | }, 48 | "config": { 49 | "preferred-install": "dist" 50 | } 51 | } 52 | -------------------------------------------------------------------------------- /app/Exceptions/Handler.php: -------------------------------------------------------------------------------- 1 | env('BROADCAST_DRIVER', 'pusher'), 17 | 18 | /* 19 | |-------------------------------------------------------------------------- 20 | | Broadcast Connections 21 | |-------------------------------------------------------------------------- 22 | | 23 | | Here you may define all of the broadcast connections that will be used 24 | | to broadcast events to other systems or over websockets. Samples of 25 | | each available type of connection are provided inside this array. 26 | | 27 | */ 28 | 29 | 'connections' => [ 30 | 31 | 'pusher' => [ 32 | 'driver' => 'pusher', 33 | 'key' => env('PUSHER_KEY'), 34 | 'secret' => env('PUSHER_SECRET'), 35 | 'app_id' => env('PUSHER_APP_ID'), 36 | 'options' => [ 37 | // 38 | ], 39 | ], 40 | 41 | 'redis' => [ 42 | 'driver' => 'redis', 43 | 'connection' => 'default', 44 | ], 45 | 46 | 'log' => [ 47 | 'driver' => 'log', 48 | ], 49 | 50 | ], 51 | 52 | ]; 53 | -------------------------------------------------------------------------------- /app/Http/Controllers/AuthController.php: -------------------------------------------------------------------------------- 1 | only('email', 'password'); 17 | 18 | return $this->requestToken($credentials); 19 | } 20 | 21 | /** 22 | * Try to authenticate using specified email & password credentials 23 | * 24 | * @param array $credentials ['email', 'password'] required 25 | * @return json 26 | */ 27 | private function requestToken(array $credentials) 28 | { 29 | try 30 | { 31 | if ( ! $token = JWTAuth::attempt($credentials)) 32 | { 33 | return response()->json([ 34 | 'status' => 'error', 35 | 'message' => 'Invalid credentials' 36 | ], Response::HTTP_UNAUTHORIZED); 37 | } 38 | 39 | /** 40 | * Auth passed! 41 | */ 42 | return response()->json([ 43 | 'status' => 'success', 44 | 'token' => $token 45 | ]); 46 | } 47 | catch (JWTException $e) 48 | { 49 | return response()->json([ 50 | 'status' => 'error', 51 | 'message' => 'Could not create token' 52 | ], Response::HTTP_INTERNAL_SERVER_ERROR); 53 | } 54 | } 55 | 56 | } 57 | -------------------------------------------------------------------------------- /app/Http/Middleware/JWTAuthenticated.php: -------------------------------------------------------------------------------- 1 | authenticate()) 27 | { 28 | return response()->json([ 29 | 'status' => 'error', 30 | 'message' => 'User for the provided token not found' 31 | ], Response::HTTP_NOT_FOUND); 32 | } 33 | } 34 | catch (TokenExpiredException $e) 35 | { 36 | return response()->json([ 37 | 'status' => 'error', 38 | 'message' => 'Token expired' 39 | ], $e->getStatusCode()); 40 | } 41 | catch (TokenInvalidException $e) 42 | { 43 | return response()->json([ 44 | 'status' => 'error', 45 | 'message' => 'Invalid token' 46 | ], $e->getStatusCode()); 47 | } 48 | catch (JWTException $e) 49 | { 50 | return response()->json([ 51 | 'status' => 'error', 52 | 'message' => 'Token is missing' 53 | ], $e->getStatusCode()); 54 | } 55 | 56 | return $next($request); 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /app/Http/Kernel.php: -------------------------------------------------------------------------------- 1 | [ 27 | \App\Http\Middleware\EncryptCookies::class, 28 | \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, 29 | \Illuminate\Session\Middleware\StartSession::class, 30 | \Illuminate\View\Middleware\ShareErrorsFromSession::class, 31 | \App\Http\Middleware\VerifyCsrfToken::class, 32 | ], 33 | 34 | 'api' => [ 35 | 'throttle:60,1', 36 | ], 37 | ]; 38 | 39 | /** 40 | * The application's route middleware. 41 | * 42 | * These middleware may be assigned to groups or used individually. 43 | * 44 | * @var array 45 | */ 46 | protected $routeMiddleware = [ 47 | 'auth' => \App\Http\Middleware\Authenticate::class, 48 | 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 49 | 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 50 | 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class, 51 | 52 | /** 53 | * JWT Auth Middleware 54 | */ 55 | 'auth.jwt' => \App\Http\Middleware\JWTAuthenticated::class, 56 | ]; 57 | } 58 | -------------------------------------------------------------------------------- /bootstrap/app.php: -------------------------------------------------------------------------------- 1 | singleton( 30 | Illuminate\Contracts\Http\Kernel::class, 31 | App\Http\Kernel::class 32 | ); 33 | 34 | $app->singleton( 35 | Illuminate\Contracts\Console\Kernel::class, 36 | App\Console\Kernel::class 37 | ); 38 | 39 | $app->singleton( 40 | Illuminate\Contracts\Debug\ExceptionHandler::class, 41 | App\Exceptions\Handler::class 42 | ); 43 | 44 | /* 45 | |-------------------------------------------------------------------------- 46 | | Return The Application 47 | |-------------------------------------------------------------------------- 48 | | 49 | | This script returns the application instance. The instance is given to 50 | | the calling script so we can separate the building of the instances 51 | | from the actual running of the application and sending responses. 52 | | 53 | */ 54 | 55 | return $app; 56 | -------------------------------------------------------------------------------- /artisan: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env php 2 | make(Illuminate\Contracts\Console\Kernel::class); 32 | 33 | $status = $kernel->handle( 34 | $input = new Symfony\Component\Console\Input\ArgvInput, 35 | new Symfony\Component\Console\Output\ConsoleOutput 36 | ); 37 | 38 | /* 39 | |-------------------------------------------------------------------------- 40 | | Shutdown The Application 41 | |-------------------------------------------------------------------------- 42 | | 43 | | Once Artisan has finished running. We will fire off the shutdown events 44 | | so that any final work may be done by the application before we shut 45 | | down the process. This is the last thing to happen to the request. 46 | | 47 | */ 48 | 49 | $kernel->terminate($input, $status); 50 | 51 | exit($status); 52 | -------------------------------------------------------------------------------- /public/index.php: -------------------------------------------------------------------------------- 1 | 8 | */ 9 | 10 | /* 11 | |-------------------------------------------------------------------------- 12 | | Register The Auto Loader 13 | |-------------------------------------------------------------------------- 14 | | 15 | | Composer provides a convenient, automatically generated class loader for 16 | | our application. We just need to utilize it! We'll simply require it 17 | | into the script here so that we don't have to worry about manual 18 | | loading any of our classes later on. It feels nice to relax. 19 | | 20 | */ 21 | 22 | require __DIR__.'/../bootstrap/autoload.php'; 23 | 24 | /* 25 | |-------------------------------------------------------------------------- 26 | | Turn On The Lights 27 | |-------------------------------------------------------------------------- 28 | | 29 | | We need to illuminate PHP development, so let us turn on the lights. 30 | | This bootstraps the framework and gets it ready for use, then it 31 | | will load up this application so that we can run it and send 32 | | the responses back to the browser and delight our users. 33 | | 34 | */ 35 | 36 | $app = require_once __DIR__.'/../bootstrap/app.php'; 37 | 38 | /* 39 | |-------------------------------------------------------------------------- 40 | | Run The Application 41 | |-------------------------------------------------------------------------- 42 | | 43 | | Once we have the application, we can handle the incoming request 44 | | through the kernel, and send the associated response back to 45 | | the client's browser allowing them to enjoy the creative 46 | | and wonderful application we have prepared for them. 47 | | 48 | */ 49 | 50 | $kernel = $app->make(Illuminate\Contracts\Http\Kernel::class); 51 | 52 | $response = $kernel->handle( 53 | $request = Illuminate\Http\Request::capture() 54 | ); 55 | 56 | $response->send(); 57 | 58 | $kernel->terminate($request, $response); 59 | -------------------------------------------------------------------------------- /app/Http/Controllers/UserController.php: -------------------------------------------------------------------------------- 1 | json(compact('user')); 21 | } 22 | 23 | public function store(Request $request) 24 | { 25 | $data = $request->only(['email', 'password', 'name']); 26 | 27 | $validator = Validator::make($request->all(), [ 28 | 'email' => 'email|unique:users', 29 | 'password' => 'required', 30 | 'name' => 'required' 31 | ]); 32 | 33 | if($validator->fails()) 34 | { 35 | return $this->validationErrors($validator); 36 | } 37 | 38 | $data['password'] = bcrypt($data['password']); 39 | 40 | if(User::create($data)) 41 | { 42 | /** 43 | * User created successfully 44 | */ 45 | return response()->json([ 46 | 'status' => 'success', 47 | 'message' => 'User created.' 48 | ], Response::HTTP_CREATED); 49 | } 50 | else 51 | { 52 | return response()->json([ 53 | 'status' => 'error', 54 | 'message' => 'User not created.' 55 | ], Response::HTTP_INTERNAL_SERVER_ERROR); 56 | } 57 | } 58 | 59 | /** 60 | * Returns validation errors for user creation 61 | * 62 | * @param $validator 63 | * @return mixed 64 | */ 65 | private function validationErrors($validator) 66 | { 67 | $response = [ 68 | 'status' => 'error', 69 | 'message' => 'Invalid input data.' 70 | ]; 71 | 72 | foreach ($validator->errors()->all() as $error) { 73 | $response['details'][] = $error; 74 | } 75 | 76 | return response()->json($response, Response::HTTP_BAD_REQUEST); 77 | } 78 | } 79 | -------------------------------------------------------------------------------- /app/Http/Controllers/Auth/AuthController.php: -------------------------------------------------------------------------------- 1 | middleware('guest', ['except' => 'logout']); 41 | } 42 | 43 | /** 44 | * Get a validator for an incoming registration request. 45 | * 46 | * @param array $data 47 | * @return \Illuminate\Contracts\Validation\Validator 48 | */ 49 | protected function validator(array $data) 50 | { 51 | return Validator::make($data, [ 52 | 'name' => 'required|max:255', 53 | 'email' => 'required|email|max:255|unique:users', 54 | 'password' => 'required|confirmed|min:6', 55 | ]); 56 | } 57 | 58 | /** 59 | * Create a new user instance after a valid registration. 60 | * 61 | * @param array $data 62 | * @return User 63 | */ 64 | protected function create(array $data) 65 | { 66 | return User::create([ 67 | 'name' => $data['name'], 68 | 'email' => $data['email'], 69 | 'password' => bcrypt($data['password']), 70 | ]); 71 | } 72 | } 73 | -------------------------------------------------------------------------------- /config/cache.php: -------------------------------------------------------------------------------- 1 | env('CACHE_DRIVER', 'file'), 17 | 18 | /* 19 | |-------------------------------------------------------------------------- 20 | | Cache Stores 21 | |-------------------------------------------------------------------------- 22 | | 23 | | Here you may define all of the cache "stores" for your application as 24 | | well as their drivers. You may even define multiple stores for the 25 | | same cache driver to group types of items stored in your caches. 26 | | 27 | */ 28 | 29 | 'stores' => [ 30 | 31 | 'apc' => [ 32 | 'driver' => 'apc', 33 | ], 34 | 35 | 'array' => [ 36 | 'driver' => 'array', 37 | ], 38 | 39 | 'database' => [ 40 | 'driver' => 'database', 41 | 'table' => 'cache', 42 | 'connection' => null, 43 | ], 44 | 45 | 'file' => [ 46 | 'driver' => 'file', 47 | 'path' => storage_path('framework/cache'), 48 | ], 49 | 50 | 'memcached' => [ 51 | 'driver' => 'memcached', 52 | 'servers' => [ 53 | [ 54 | 'host' => '127.0.0.1', 'port' => 11211, 'weight' => 100, 55 | ], 56 | ], 57 | ], 58 | 59 | 'redis' => [ 60 | 'driver' => 'redis', 61 | 'connection' => 'default', 62 | ], 63 | 64 | ], 65 | 66 | /* 67 | |-------------------------------------------------------------------------- 68 | | Cache Key Prefix 69 | |-------------------------------------------------------------------------- 70 | | 71 | | When utilizing a RAM based store such as APC or Memcached, there might 72 | | be other applications utilizing the same cache. So, we'll specify a 73 | | value to get prefixed to all our keys so we can avoid collisions. 74 | | 75 | */ 76 | 77 | 'prefix' => 'laravel', 78 | 79 | ]; 80 | -------------------------------------------------------------------------------- /config/queue.php: -------------------------------------------------------------------------------- 1 | env('QUEUE_DRIVER', 'sync'), 20 | 21 | /* 22 | |-------------------------------------------------------------------------- 23 | | Queue Connections 24 | |-------------------------------------------------------------------------- 25 | | 26 | | Here you may configure the connection information for each server that 27 | | is used by your application. A default configuration has been added 28 | | for each back-end shipped with Laravel. You are free to add more. 29 | | 30 | */ 31 | 32 | 'connections' => [ 33 | 34 | 'sync' => [ 35 | 'driver' => 'sync', 36 | ], 37 | 38 | 'database' => [ 39 | 'driver' => 'database', 40 | 'table' => 'jobs', 41 | 'queue' => 'default', 42 | 'expire' => 60, 43 | ], 44 | 45 | 'beanstalkd' => [ 46 | 'driver' => 'beanstalkd', 47 | 'host' => 'localhost', 48 | 'queue' => 'default', 49 | 'ttr' => 60, 50 | ], 51 | 52 | 'sqs' => [ 53 | 'driver' => 'sqs', 54 | 'key' => 'your-public-key', 55 | 'secret' => 'your-secret-key', 56 | 'prefix' => 'https://sqs.us-east-1.amazonaws.com/your-account-id', 57 | 'queue' => 'your-queue-name', 58 | 'region' => 'us-east-1', 59 | ], 60 | 61 | 'redis' => [ 62 | 'driver' => 'redis', 63 | 'connection' => 'default', 64 | 'queue' => 'default', 65 | 'expire' => 60, 66 | ], 67 | 68 | ], 69 | 70 | /* 71 | |-------------------------------------------------------------------------- 72 | | Failed Queue Jobs 73 | |-------------------------------------------------------------------------- 74 | | 75 | | These options configure the behavior of failed queue job logging so you 76 | | can control which database and table are used to store the jobs that 77 | | have failed. You may change them to any database / table you wish. 78 | | 79 | */ 80 | 81 | 'failed' => [ 82 | 'database' => env('DB_CONNECTION', 'mysql'), 83 | 'table' => 'failed_jobs', 84 | ], 85 | 86 | ]; 87 | -------------------------------------------------------------------------------- /config/filesystems.php: -------------------------------------------------------------------------------- 1 | 'local', 19 | 20 | /* 21 | |-------------------------------------------------------------------------- 22 | | Default Cloud Filesystem Disk 23 | |-------------------------------------------------------------------------- 24 | | 25 | | Many applications store files both locally and in the cloud. For this 26 | | reason, you may specify a default "cloud" driver here. This driver 27 | | will be bound as the Cloud disk implementation in the container. 28 | | 29 | */ 30 | 31 | 'cloud' => 's3', 32 | 33 | /* 34 | |-------------------------------------------------------------------------- 35 | | Filesystem Disks 36 | |-------------------------------------------------------------------------- 37 | | 38 | | Here you may configure as many filesystem "disks" as you wish, and you 39 | | may even configure multiple disks of the same driver. Defaults have 40 | | been setup for each driver as an example of the required options. 41 | | 42 | */ 43 | 44 | 'disks' => [ 45 | 46 | 'local' => [ 47 | 'driver' => 'local', 48 | 'root' => storage_path('app'), 49 | ], 50 | 51 | 'ftp' => [ 52 | 'driver' => 'ftp', 53 | 'host' => 'ftp.example.com', 54 | 'username' => 'your-username', 55 | 'password' => 'your-password', 56 | 57 | // Optional FTP Settings... 58 | // 'port' => 21, 59 | // 'root' => '', 60 | // 'passive' => true, 61 | // 'ssl' => true, 62 | // 'timeout' => 30, 63 | ], 64 | 65 | 's3' => [ 66 | 'driver' => 's3', 67 | 'key' => 'your-key', 68 | 'secret' => 'your-secret', 69 | 'region' => 'your-region', 70 | 'bucket' => 'your-bucket', 71 | ], 72 | 73 | 'rackspace' => [ 74 | 'driver' => 'rackspace', 75 | 'username' => 'your-username', 76 | 'key' => 'your-key', 77 | 'container' => 'your-container', 78 | 'endpoint' => 'https://identity.api.rackspacecloud.com/v2.0/', 79 | 'region' => 'IAD', 80 | 'url_type' => 'publicURL', 81 | ], 82 | 83 | ], 84 | 85 | ]; 86 | -------------------------------------------------------------------------------- /config/auth.php: -------------------------------------------------------------------------------- 1 | [ 17 | 'guard' => 'web', 18 | 'passwords' => 'users', 19 | ], 20 | 21 | /* 22 | |-------------------------------------------------------------------------- 23 | | Authentication Guards 24 | |-------------------------------------------------------------------------- 25 | | 26 | | Next, you may define every authentication guard for your application. 27 | | Of course, a great default configuration has been defined for you 28 | | here which uses session storage and the Eloquent user provider. 29 | | 30 | | All authentication drivers have a user provider. This defines how the 31 | | users are actually retrieved out of your database or other storage 32 | | mechanisms used by this application to persist your user's data. 33 | | 34 | | Supported: "session", "token" 35 | | 36 | */ 37 | 38 | 'guards' => [ 39 | 'web' => [ 40 | 'driver' => 'session', 41 | 'provider' => 'users', 42 | ], 43 | 44 | 'api' => [ 45 | 'driver' => 'token', 46 | 'provider' => 'users', 47 | ], 48 | ], 49 | 50 | /* 51 | |-------------------------------------------------------------------------- 52 | | User Providers 53 | |-------------------------------------------------------------------------- 54 | | 55 | | All authentication drivers have a user provider. This defines how the 56 | | users are actually retrieved out of your database or other storage 57 | | mechanisms used by this application to persist your user's data. 58 | | 59 | | If you have multiple user tables or models you may configure multiple 60 | | sources which represent each model / table. These sources may then 61 | | be assigned to any extra authentication guards you have defined. 62 | | 63 | | Supported: "database", "eloquent" 64 | | 65 | */ 66 | 67 | 'providers' => [ 68 | 'users' => [ 69 | 'driver' => 'eloquent', 70 | 'model' => App\User::class, 71 | ], 72 | 73 | // 'users' => [ 74 | // 'driver' => 'database', 75 | // 'table' => 'users', 76 | // ], 77 | ], 78 | 79 | /* 80 | |-------------------------------------------------------------------------- 81 | | Resetting Passwords 82 | |-------------------------------------------------------------------------- 83 | | 84 | | Here you may set the options for resetting passwords including the view 85 | | that is your password reset e-mail. You may also set the name of the 86 | | table that maintains all of the reset tokens for your application. 87 | | 88 | | You may specify multiple password reset configurations if you have more 89 | | than one user table or model in the application and you want to have 90 | | separate password reset settings based on the specific user types. 91 | | 92 | | The expire time is the number of minutes that the reset token should be 93 | | considered valid. This security feature keeps tokens short-lived so 94 | | they have less time to be guessed. You may change this as needed. 95 | | 96 | */ 97 | 98 | 'passwords' => [ 99 | 'users' => [ 100 | 'provider' => 'users', 101 | 'email' => 'auth.emails.password', 102 | 'table' => 'password_resets', 103 | 'expire' => 60, 104 | ], 105 | ], 106 | 107 | ]; 108 | -------------------------------------------------------------------------------- /config/mail.php: -------------------------------------------------------------------------------- 1 | env('MAIL_DRIVER', 'smtp'), 19 | 20 | /* 21 | |-------------------------------------------------------------------------- 22 | | SMTP Host Address 23 | |-------------------------------------------------------------------------- 24 | | 25 | | Here you may provide the host address of the SMTP server used by your 26 | | applications. A default option is provided that is compatible with 27 | | the Mailgun mail service which will provide reliable deliveries. 28 | | 29 | */ 30 | 31 | 'host' => env('MAIL_HOST', 'smtp.mailgun.org'), 32 | 33 | /* 34 | |-------------------------------------------------------------------------- 35 | | SMTP Host Port 36 | |-------------------------------------------------------------------------- 37 | | 38 | | This is the SMTP port used by your application to deliver e-mails to 39 | | users of the application. Like the host we have set this value to 40 | | stay compatible with the Mailgun e-mail application by default. 41 | | 42 | */ 43 | 44 | 'port' => env('MAIL_PORT', 587), 45 | 46 | /* 47 | |-------------------------------------------------------------------------- 48 | | Global "From" Address 49 | |-------------------------------------------------------------------------- 50 | | 51 | | You may wish for all e-mails sent by your application to be sent from 52 | | the same address. Here, you may specify a name and address that is 53 | | used globally for all e-mails that are sent by your application. 54 | | 55 | */ 56 | 57 | 'from' => ['address' => null, 'name' => null], 58 | 59 | /* 60 | |-------------------------------------------------------------------------- 61 | | E-Mail Encryption Protocol 62 | |-------------------------------------------------------------------------- 63 | | 64 | | Here you may specify the encryption protocol that should be used when 65 | | the application send e-mail messages. A sensible default using the 66 | | transport layer security protocol should provide great security. 67 | | 68 | */ 69 | 70 | 'encryption' => env('MAIL_ENCRYPTION', 'tls'), 71 | 72 | /* 73 | |-------------------------------------------------------------------------- 74 | | SMTP Server Username 75 | |-------------------------------------------------------------------------- 76 | | 77 | | If your SMTP server requires a username for authentication, you should 78 | | set it here. This will get used to authenticate with your server on 79 | | connection. You may also set the "password" value below this one. 80 | | 81 | */ 82 | 83 | 'username' => env('MAIL_USERNAME'), 84 | 85 | /* 86 | |-------------------------------------------------------------------------- 87 | | SMTP Server Password 88 | |-------------------------------------------------------------------------- 89 | | 90 | | Here you may set the password required by your SMTP server to send out 91 | | messages from your application. This will be given to the server on 92 | | connection so that the application will be able to send messages. 93 | | 94 | */ 95 | 96 | 'password' => env('MAIL_PASSWORD'), 97 | 98 | /* 99 | |-------------------------------------------------------------------------- 100 | | Sendmail System Path 101 | |-------------------------------------------------------------------------- 102 | | 103 | | When using the "sendmail" driver to send e-mails, we will need to know 104 | | the path to where Sendmail lives on this server. A default path has 105 | | been provided here, which will work well on most of your systems. 106 | | 107 | */ 108 | 109 | 'sendmail' => '/usr/sbin/sendmail -bs', 110 | 111 | ]; 112 | -------------------------------------------------------------------------------- /config/database.php: -------------------------------------------------------------------------------- 1 | PDO::FETCH_CLASS, 17 | 18 | /* 19 | |-------------------------------------------------------------------------- 20 | | Default Database Connection Name 21 | |-------------------------------------------------------------------------- 22 | | 23 | | Here you may specify which of the database connections below you wish 24 | | to use as your default connection for all database work. Of course 25 | | you may use many connections at once using the Database library. 26 | | 27 | */ 28 | 29 | 'default' => env('DB_CONNECTION', 'mysql'), 30 | 31 | /* 32 | |-------------------------------------------------------------------------- 33 | | Database Connections 34 | |-------------------------------------------------------------------------- 35 | | 36 | | Here are each of the database connections setup for your application. 37 | | Of course, examples of configuring each database platform that is 38 | | supported by Laravel is shown below to make development simple. 39 | | 40 | | 41 | | All database work in Laravel is done through the PHP PDO facilities 42 | | so make sure you have the driver for your particular database of 43 | | choice installed on your machine before you begin development. 44 | | 45 | */ 46 | 47 | 'connections' => [ 48 | 49 | 'sqlite' => [ 50 | 'driver' => 'sqlite', 51 | 'database' => database_path('database.sqlite'), 52 | 'prefix' => '', 53 | ], 54 | 55 | 'mysql' => [ 56 | 'driver' => 'mysql', 57 | 'host' => env('DB_HOST', 'localhost'), 58 | 'database' => env('DB_DATABASE', 'forge'), 59 | 'username' => env('DB_USERNAME', 'forge'), 60 | 'password' => env('DB_PASSWORD', ''), 61 | 'charset' => 'utf8', 62 | 'collation' => 'utf8_unicode_ci', 63 | 'prefix' => '', 64 | 'strict' => false, 65 | ], 66 | 67 | 'pgsql' => [ 68 | 'driver' => 'pgsql', 69 | 'host' => env('DB_HOST', 'localhost'), 70 | 'database' => env('DB_DATABASE', 'forge'), 71 | 'username' => env('DB_USERNAME', 'forge'), 72 | 'password' => env('DB_PASSWORD', ''), 73 | 'charset' => 'utf8', 74 | 'prefix' => '', 75 | 'schema' => 'public', 76 | ], 77 | 78 | 'sqlsrv' => [ 79 | 'driver' => 'sqlsrv', 80 | 'host' => env('DB_HOST', 'localhost'), 81 | 'database' => env('DB_DATABASE', 'forge'), 82 | 'username' => env('DB_USERNAME', 'forge'), 83 | 'password' => env('DB_PASSWORD', ''), 84 | 'charset' => 'utf8', 85 | 'prefix' => '', 86 | ], 87 | 88 | ], 89 | 90 | /* 91 | |-------------------------------------------------------------------------- 92 | | Migration Repository Table 93 | |-------------------------------------------------------------------------- 94 | | 95 | | This table keeps track of all the migrations that have already run for 96 | | your application. Using this information, we can determine which of 97 | | the migrations on disk haven't actually been run in the database. 98 | | 99 | */ 100 | 101 | 'migrations' => 'migrations', 102 | 103 | /* 104 | |-------------------------------------------------------------------------- 105 | | Redis Databases 106 | |-------------------------------------------------------------------------- 107 | | 108 | | Redis is an open source, fast, and advanced key-value store that also 109 | | provides a richer set of commands than a typical key-value systems 110 | | such as APC or Memcached. Laravel makes it easy to dig right in. 111 | | 112 | */ 113 | 114 | 'redis' => [ 115 | 116 | 'cluster' => false, 117 | 118 | 'default' => [ 119 | 'host' => env('REDIS_HOST', 'localhost'), 120 | 'password' => env('REDIS_PASSWORD', null), 121 | 'port' => env('REDIS_PORT', 6379), 122 | 'database' => 0, 123 | ], 124 | 125 | ], 126 | 127 | ]; 128 | -------------------------------------------------------------------------------- /readme.md: -------------------------------------------------------------------------------- 1 | ## Laravel PHP Framework for APIs with JWT authentication ## 2 | 3 | This is a fresh copy of Laravel 5.2 with small modifications: 4 | 5 | - Added JSON Web Token authentication using [Tymon's package](https://github.com/tymondesigns/jwt-auth); 6 | - Added a custom Middleware that verifies the JWT token; 7 | - Modified the routes.php to add a basic flow of authentication and to display the authenticated user; 8 | - Added the AuthController that takes care of the JWT authentication; 9 | - Added a UserController that uses the Middleware in order to display the authenticated user (and to create a new user); 10 | - Added a HomeController that displays the available API routes (just for fun); 11 | 12 | ### More to come in the next versions, stay tuned! ### 13 | 14 | ### Installation ### 15 | 16 | Before you start, make sure that you have: 17 | 18 | - PHP >= 5.5.9 19 | - OpenSSL PHP Extension 20 | - PDO PHP Extension 21 | - Mbstring PHP Extension 22 | - Tokenizer PHP Extension 23 | - A database created 24 | 25 | ``` 26 | #!bash 27 | # Get the project 28 | mkdir myproject && cd myproject 29 | git clone https://github.com/laragems/laravel-api-jwt.git . 30 | 31 | # Install required packages 32 | composer install 33 | 34 | # Make folders writable 35 | chmod -R o+w storage 36 | chmod -R o+w bootstrap/cache 37 | 38 | # Create your environment file (and then edit it as you see fit - setting the database part is important for the next step) 39 | cp .env.example .env 40 | 41 | # Run the default (user & password reset) migrations 42 | php artisan migrate 43 | 44 | # Generate application & JWT keys 45 | php artisan key:generate 46 | php artisan jwt:generate 47 | 48 | # Start the application (if you are not using Apache) 49 | php artisan serve 50 | 51 | ``` 52 | 53 | Go to [http://localhost:8000/](http://localhost:8000/) (or your Apache vhost) and voila! 54 | 55 | ## Examples and usages ## 56 | 57 | For the examples I will use ```api.dev``` as a hostname. 58 | 59 | Now you can: 60 | 61 | - Create a valid user: 62 | ```POST http://api.dev/v1/user email=youremail@example.com password=yourpassword name=Laragems``` 63 | 64 | ``` 65 | { 66 | "status": "success", 67 | "message": "User created." 68 | } 69 | ``` 70 | 71 | - Login with your user: 72 | ```POST http://api.dev/v1/auth email=youremail@example.com password=yourpassword``` 73 | 74 | ``` 75 | { 76 | "status": "success", 77 | "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOjIsImlzcyI6Imh0dHA6XC9cL2FwaS5kZXZcL3YxXC9hdXRoIiwiaWF0IjoxNDUzNDEwNzE5LCJleHAiOjE0NTM2Njk5MTksIm5iZiI6MTQ1MzQxMDcxOSwianRpIjoiNDczMTA5OTA0MzIyN2I1MjQ1Y2U3YTJlYmVjMjc5NmYifQ.7IFbi1gDudChSxz1P1CAzOAzgsNqdE7Nhdi4LYSnUF0" 78 | } 79 | ``` 80 | 81 | - Use the ```token``` in every other request that uses the ```auth.jwt``` middleware as an querystring parameter or in "Authorization: Bearer {yourtokenhere}" header. 82 | 83 | - Get current logged in user: 84 | ```GET http://api.dev/v1/user?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOjIsImlzcyI6Imh0dHA6XC9cL2FwaS5kZXZcL3YxXC9hdXRoIiwiaWF0IjoxNDUzNDEwNzE5LCJleHAiOjE0NTM2Njk5MTksIm5iZiI6MTQ1MzQxMDcxOSwianRpIjoiNDczMTA5OTA0MzIyN2I1MjQ1Y2U3YTJlYmVjMjc5NmYifQ.7IFbi1gDudChSxz1P1CAzOAzgsNqdE7Nhdi4LYSnUF0``` 85 | 86 | ``` 87 | { 88 | "user": { 89 | "id": 2, 90 | "name": "Laragems", 91 | "email": "youremail@example.com", 92 | "created_at": "2016-01-21 21:09:56", 93 | "updated_at": "2016-01-21 21:09:56" 94 | } 95 | } 96 | ``` 97 | 98 | - Attempt to create an invalid user: 99 | 100 | ```POST http://api.dev/v1/user email=wrongemailaddress password=mypassword``` 101 | 102 | ``` 103 | { 104 | "status": "error", 105 | "message": "Invalid input data.", 106 | "details": [ 107 | "The email must be a valid email address.", 108 | "The name field is required." 109 | ] 110 | } 111 | ``` 112 | 113 | - Attempt to create a user that already exists: 114 | 115 | ```POST http://api.dev/v1/user email=youremail@example.com password=yourpassword name=Laragems``` 116 | 117 | ``` 118 | { 119 | "status": "error", 120 | "message": "Invalid input data.", 121 | "details": [ 122 | "The email has already been taken." 123 | ] 124 | } 125 | ``` 126 | 127 | - Attempt to login with wrong credentials: 128 | ```POST http://api.dev/v1/auth email=youremail@example.com password=wrong``` 129 | 130 | ``` 131 | { 132 | "status": "error", 133 | "message": "Invalid credentials" 134 | } 135 | ``` 136 | 137 | Play with those routes, explore ```routes.php```, ```AuthController.php```, ```UserController.php```. 138 | 139 | Building an API on top of this package is very easy, just add your resources with ```auth.jwt``` middleware (as you see in ```routes.php```). 140 | 141 | ## Official Laravel & Tymon's JWT Authentication Documentation ## 142 | 143 | Documentation for the framework can be found on the [Laravel website](http://laravel.com/docs). 144 | 145 | Documentation for Tymon's JWT Authentication can be found on [the Wiki](https://github.com/tymondesigns/jwt-auth/wiki). 146 | -------------------------------------------------------------------------------- /config/session.php: -------------------------------------------------------------------------------- 1 | env('SESSION_DRIVER', 'file'), 20 | 21 | /* 22 | |-------------------------------------------------------------------------- 23 | | Session Lifetime 24 | |-------------------------------------------------------------------------- 25 | | 26 | | Here you may specify the number of minutes that you wish the session 27 | | to be allowed to remain idle before it expires. If you want them 28 | | to immediately expire on the browser closing, set that option. 29 | | 30 | */ 31 | 32 | 'lifetime' => 120, 33 | 34 | 'expire_on_close' => false, 35 | 36 | /* 37 | |-------------------------------------------------------------------------- 38 | | Session Encryption 39 | |-------------------------------------------------------------------------- 40 | | 41 | | This option allows you to easily specify that all of your session data 42 | | should be encrypted before it is stored. All encryption will be run 43 | | automatically by Laravel and you can use the Session like normal. 44 | | 45 | */ 46 | 47 | 'encrypt' => false, 48 | 49 | /* 50 | |-------------------------------------------------------------------------- 51 | | Session File Location 52 | |-------------------------------------------------------------------------- 53 | | 54 | | When using the native session driver, we need a location where session 55 | | files may be stored. A default has been set for you but a different 56 | | location may be specified. This is only needed for file sessions. 57 | | 58 | */ 59 | 60 | 'files' => storage_path('framework/sessions'), 61 | 62 | /* 63 | |-------------------------------------------------------------------------- 64 | | Session Database Connection 65 | |-------------------------------------------------------------------------- 66 | | 67 | | When using the "database" or "redis" session drivers, you may specify a 68 | | connection that should be used to manage these sessions. This should 69 | | correspond to a connection in your database configuration options. 70 | | 71 | */ 72 | 73 | 'connection' => null, 74 | 75 | /* 76 | |-------------------------------------------------------------------------- 77 | | Session Database Table 78 | |-------------------------------------------------------------------------- 79 | | 80 | | When using the "database" session driver, you may specify the table we 81 | | should use to manage the sessions. Of course, a sensible default is 82 | | provided for you; however, you are free to change this as needed. 83 | | 84 | */ 85 | 86 | 'table' => 'sessions', 87 | 88 | /* 89 | |-------------------------------------------------------------------------- 90 | | Session Sweeping Lottery 91 | |-------------------------------------------------------------------------- 92 | | 93 | | Some session drivers must manually sweep their storage location to get 94 | | rid of old sessions from storage. Here are the chances that it will 95 | | happen on a given request. By default, the odds are 2 out of 100. 96 | | 97 | */ 98 | 99 | 'lottery' => [2, 100], 100 | 101 | /* 102 | |-------------------------------------------------------------------------- 103 | | Session Cookie Name 104 | |-------------------------------------------------------------------------- 105 | | 106 | | Here you may change the name of the cookie used to identify a session 107 | | instance by ID. The name specified here will get used every time a 108 | | new session cookie is created by the framework for every driver. 109 | | 110 | */ 111 | 112 | 'cookie' => 'laravel_session', 113 | 114 | /* 115 | |-------------------------------------------------------------------------- 116 | | Session Cookie Path 117 | |-------------------------------------------------------------------------- 118 | | 119 | | The session cookie path determines the path for which the cookie will 120 | | be regarded as available. Typically, this will be the root path of 121 | | your application but you are free to change this when necessary. 122 | | 123 | */ 124 | 125 | 'path' => '/', 126 | 127 | /* 128 | |-------------------------------------------------------------------------- 129 | | Session Cookie Domain 130 | |-------------------------------------------------------------------------- 131 | | 132 | | Here you may change the domain of the cookie used to identify a session 133 | | in your application. This will determine which domains the cookie is 134 | | available to in your application. A sensible default has been set. 135 | | 136 | */ 137 | 138 | 'domain' => null, 139 | 140 | /* 141 | |-------------------------------------------------------------------------- 142 | | HTTPS Only Cookies 143 | |-------------------------------------------------------------------------- 144 | | 145 | | By setting this option to true, session cookies will only be sent back 146 | | to the server if the browser has a HTTPS connection. This will keep 147 | | the cookie from being sent to you if it can not be done securely. 148 | | 149 | */ 150 | 151 | 'secure' => false, 152 | 153 | ]; 154 | -------------------------------------------------------------------------------- /config/jwt.php: -------------------------------------------------------------------------------- 1 | env('JWT_SECRET', 'dyn6vQziSAfZy1FMnBRKhvHp1Irmhxmm'), 16 | 17 | /* 18 | |-------------------------------------------------------------------------- 19 | | JWT time to live 20 | |-------------------------------------------------------------------------- 21 | | 22 | | Specify the length of time (in minutes) that the token will be valid for. 23 | | Defaults to 1 hour 24 | | 25 | */ 26 | 27 | 'ttl' => 60 * 72, 28 | 29 | /* 30 | |-------------------------------------------------------------------------- 31 | | Refresh time to live 32 | |-------------------------------------------------------------------------- 33 | | 34 | | Specify the length of time (in minutes) that the token can be refreshed 35 | | within. I.E. The user can refresh their token within a 2 week window of 36 | | the original token being created until they must re-authenticate. 37 | | Defaults to 2 weeks 38 | | 39 | */ 40 | 41 | 'refresh_ttl' => 20160, 42 | 43 | /* 44 | |-------------------------------------------------------------------------- 45 | | JWT hashing algorithm 46 | |-------------------------------------------------------------------------- 47 | | 48 | | Specify the hashing algorithm that will be used to sign the token. 49 | | 50 | | See here: https://github.com/namshi/jose/tree/2.2.0/src/Namshi/JOSE/Signer 51 | | for possible values 52 | | 53 | */ 54 | 55 | 'algo' => 'HS256', 56 | 57 | /* 58 | |-------------------------------------------------------------------------- 59 | | User Model namespace 60 | |-------------------------------------------------------------------------- 61 | | 62 | | Specify the full namespace to your User model. 63 | | e.g. 'Acme\Entities\User' 64 | | 65 | */ 66 | 67 | 'user' => 'App\User', 68 | 69 | /* 70 | |-------------------------------------------------------------------------- 71 | | User identifier 72 | |-------------------------------------------------------------------------- 73 | | 74 | | Specify a unique property of the user that will be added as the 'sub' 75 | | claim of the token payload. 76 | | 77 | */ 78 | 79 | 'identifier' => 'id', 80 | 81 | /* 82 | |-------------------------------------------------------------------------- 83 | | Required Claims 84 | |-------------------------------------------------------------------------- 85 | | 86 | | Specify the required claims that must exist in any token. 87 | | A TokenInvalidException will be thrown if any of these claims are not 88 | | present in the payload. 89 | | 90 | */ 91 | 92 | 'required_claims' => ['iss', 'iat', 'exp', 'nbf', 'sub', 'jti'], 93 | 94 | /* 95 | |-------------------------------------------------------------------------- 96 | | Blacklist Enabled 97 | |-------------------------------------------------------------------------- 98 | | 99 | | In order to invalidate tokens, you must have the the blacklist enabled. 100 | | If you do not want or need this functionality, then set this to false. 101 | | 102 | */ 103 | 104 | 'blacklist_enabled' => env('JWT_BLACKLIST_ENABLED', true), 105 | 106 | /* 107 | |-------------------------------------------------------------------------- 108 | | Providers 109 | |-------------------------------------------------------------------------- 110 | | 111 | | Specify the various providers used throughout the package. 112 | | 113 | */ 114 | 115 | 'providers' => [ 116 | 117 | /* 118 | |-------------------------------------------------------------------------- 119 | | User Provider 120 | |-------------------------------------------------------------------------- 121 | | 122 | | Specify the provider that is used to find the user based 123 | | on the subject claim 124 | | 125 | */ 126 | 127 | 'user' => 'Tymon\JWTAuth\Providers\User\EloquentUserAdapter', 128 | 129 | /* 130 | |-------------------------------------------------------------------------- 131 | | JWT Provider 132 | |-------------------------------------------------------------------------- 133 | | 134 | | Specify the provider that is used to create and decode the tokens. 135 | | 136 | */ 137 | 138 | 'jwt' => 'Tymon\JWTAuth\Providers\JWT\NamshiAdapter', 139 | 140 | /* 141 | |-------------------------------------------------------------------------- 142 | | Authentication Provider 143 | |-------------------------------------------------------------------------- 144 | | 145 | | Specify the provider that is used to authenticate users. 146 | | 147 | */ 148 | 149 | 'auth' => function ($app) { 150 | return new Tymon\JWTAuth\Providers\Auth\IlluminateAuthAdapter($app['auth']); 151 | }, 152 | 153 | /* 154 | |-------------------------------------------------------------------------- 155 | | Storage Provider 156 | |-------------------------------------------------------------------------- 157 | | 158 | | Specify the provider that is used to store tokens in the blacklist 159 | | 160 | */ 161 | 162 | 'storage' => function ($app) { 163 | return new Tymon\JWTAuth\Providers\Storage\IlluminateCacheAdapter($app['cache']); 164 | } 165 | 166 | ] 167 | 168 | ]; 169 | -------------------------------------------------------------------------------- /resources/lang/en/validation.php: -------------------------------------------------------------------------------- 1 | 'The :attribute must be accepted.', 17 | 'active_url' => 'The :attribute is not a valid URL.', 18 | 'after' => 'The :attribute must be a date after :date.', 19 | 'alpha' => 'The :attribute may only contain letters.', 20 | 'alpha_dash' => 'The :attribute may only contain letters, numbers, and dashes.', 21 | 'alpha_num' => 'The :attribute may only contain letters and numbers.', 22 | 'array' => 'The :attribute must be an array.', 23 | 'before' => 'The :attribute must be a date before :date.', 24 | 'between' => [ 25 | 'numeric' => 'The :attribute must be between :min and :max.', 26 | 'file' => 'The :attribute must be between :min and :max kilobytes.', 27 | 'string' => 'The :attribute must be between :min and :max characters.', 28 | 'array' => 'The :attribute must have between :min and :max items.', 29 | ], 30 | 'boolean' => 'The :attribute field must be true or false.', 31 | 'confirmed' => 'The :attribute confirmation does not match.', 32 | 'date' => 'The :attribute is not a valid date.', 33 | 'date_format' => 'The :attribute does not match the format :format.', 34 | 'different' => 'The :attribute and :other must be different.', 35 | 'digits' => 'The :attribute must be :digits digits.', 36 | 'digits_between' => 'The :attribute must be between :min and :max digits.', 37 | 'email' => 'The :attribute must be a valid email address.', 38 | 'exists' => 'The selected :attribute is invalid.', 39 | 'filled' => 'The :attribute field is required.', 40 | 'image' => 'The :attribute must be an image.', 41 | 'in' => 'The selected :attribute is invalid.', 42 | 'integer' => 'The :attribute must be an integer.', 43 | 'ip' => 'The :attribute must be a valid IP address.', 44 | 'json' => 'The :attribute must be a valid JSON string.', 45 | 'max' => [ 46 | 'numeric' => 'The :attribute may not be greater than :max.', 47 | 'file' => 'The :attribute may not be greater than :max kilobytes.', 48 | 'string' => 'The :attribute may not be greater than :max characters.', 49 | 'array' => 'The :attribute may not have more than :max items.', 50 | ], 51 | 'mimes' => 'The :attribute must be a file of type: :values.', 52 | 'min' => [ 53 | 'numeric' => 'The :attribute must be at least :min.', 54 | 'file' => 'The :attribute must be at least :min kilobytes.', 55 | 'string' => 'The :attribute must be at least :min characters.', 56 | 'array' => 'The :attribute must have at least :min items.', 57 | ], 58 | 'not_in' => 'The selected :attribute is invalid.', 59 | 'numeric' => 'The :attribute must be a number.', 60 | 'regex' => 'The :attribute format is invalid.', 61 | 'required' => 'The :attribute field is required.', 62 | 'required_if' => 'The :attribute field is required when :other is :value.', 63 | 'required_unless' => 'The :attribute field is required unless :other is in :values.', 64 | 'required_with' => 'The :attribute field is required when :values is present.', 65 | 'required_with_all' => 'The :attribute field is required when :values is present.', 66 | 'required_without' => 'The :attribute field is required when :values is not present.', 67 | 'required_without_all' => 'The :attribute field is required when none of :values are present.', 68 | 'same' => 'The :attribute and :other must match.', 69 | 'size' => [ 70 | 'numeric' => 'The :attribute must be :size.', 71 | 'file' => 'The :attribute must be :size kilobytes.', 72 | 'string' => 'The :attribute must be :size characters.', 73 | 'array' => 'The :attribute must contain :size items.', 74 | ], 75 | 'string' => 'The :attribute must be a string.', 76 | 'timezone' => 'The :attribute must be a valid zone.', 77 | 'unique' => 'The :attribute has already been taken.', 78 | 'url' => 'The :attribute format is invalid.', 79 | 80 | /* 81 | |-------------------------------------------------------------------------- 82 | | Custom Validation Language Lines 83 | |-------------------------------------------------------------------------- 84 | | 85 | | Here you may specify custom validation messages for attributes using the 86 | | convention "attribute.rule" to name the lines. This makes it quick to 87 | | specify a specific custom language line for a given attribute rule. 88 | | 89 | */ 90 | 91 | 'custom' => [ 92 | 'attribute-name' => [ 93 | 'rule-name' => 'custom-message', 94 | ], 95 | ], 96 | 97 | /* 98 | |-------------------------------------------------------------------------- 99 | | Custom Validation Attributes 100 | |-------------------------------------------------------------------------- 101 | | 102 | | The following language lines are used to swap attribute place-holders 103 | | with something more reader friendly such as E-Mail Address instead 104 | | of "email". This simply helps us make messages a little cleaner. 105 | | 106 | */ 107 | 108 | 'attributes' => [], 109 | 110 | ]; 111 | -------------------------------------------------------------------------------- /config/app.php: -------------------------------------------------------------------------------- 1 | env('APP_ENV', 'production'), 17 | 18 | /* 19 | |-------------------------------------------------------------------------- 20 | | Application Debug Mode 21 | |-------------------------------------------------------------------------- 22 | | 23 | | When your application is in debug mode, detailed error messages with 24 | | stack traces will be shown on every error that occurs within your 25 | | application. If disabled, a simple generic error page is shown. 26 | | 27 | */ 28 | 29 | 'debug' => env('APP_DEBUG', false), 30 | 31 | /* 32 | |-------------------------------------------------------------------------- 33 | | Application URL 34 | |-------------------------------------------------------------------------- 35 | | 36 | | This URL is used by the console to properly generate URLs when using 37 | | the Artisan command line tool. You should set this to the root of 38 | | your application so that it is used when running Artisan tasks. 39 | | 40 | */ 41 | 42 | 'url' => 'http://localhost', 43 | 44 | /* 45 | |-------------------------------------------------------------------------- 46 | | Application Timezone 47 | |-------------------------------------------------------------------------- 48 | | 49 | | Here you may specify the default timezone for your application, which 50 | | will be used by the PHP date and date-time functions. We have gone 51 | | ahead and set this to a sensible default for you out of the box. 52 | | 53 | */ 54 | 55 | 'timezone' => 'UTC', 56 | 57 | /* 58 | |-------------------------------------------------------------------------- 59 | | Application Locale Configuration 60 | |-------------------------------------------------------------------------- 61 | | 62 | | The application locale determines the default locale that will be used 63 | | by the translation service provider. You are free to set this value 64 | | to any of the locales which will be supported by the application. 65 | | 66 | */ 67 | 68 | 'locale' => 'en', 69 | 70 | /* 71 | |-------------------------------------------------------------------------- 72 | | Application Fallback Locale 73 | |-------------------------------------------------------------------------- 74 | | 75 | | The fallback locale determines the locale to use when the current one 76 | | is not available. You may change the value to correspond to any of 77 | | the language folders that are provided through your application. 78 | | 79 | */ 80 | 81 | 'fallback_locale' => 'en', 82 | 83 | /* 84 | |-------------------------------------------------------------------------- 85 | | Encryption Key 86 | |-------------------------------------------------------------------------- 87 | | 88 | | This key is used by the Illuminate encrypter service and should be set 89 | | to a random, 32 character string, otherwise these encrypted strings 90 | | will not be safe. Please do this before deploying an application! 91 | | 92 | */ 93 | 94 | 'key' => env('APP_KEY'), 95 | 96 | 'cipher' => 'AES-256-CBC', 97 | 98 | /* 99 | |-------------------------------------------------------------------------- 100 | | Logging Configuration 101 | |-------------------------------------------------------------------------- 102 | | 103 | | Here you may configure the log settings for your application. Out of 104 | | the box, Laravel uses the Monolog PHP logging library. This gives 105 | | you a variety of powerful log handlers / formatters to utilize. 106 | | 107 | | Available Settings: "single", "daily", "syslog", "errorlog" 108 | | 109 | */ 110 | 111 | 'log' => env('APP_LOG', 'single'), 112 | 113 | /* 114 | |-------------------------------------------------------------------------- 115 | | Autoloaded Service Providers 116 | |-------------------------------------------------------------------------- 117 | | 118 | | The service providers listed here will be automatically loaded on the 119 | | request to your application. Feel free to add your own services to 120 | | this array to grant expanded functionality to your applications. 121 | | 122 | */ 123 | 124 | 'providers' => [ 125 | 126 | /* 127 | * Laravel Framework Service Providers... 128 | */ 129 | Illuminate\Auth\AuthServiceProvider::class, 130 | Illuminate\Broadcasting\BroadcastServiceProvider::class, 131 | Illuminate\Bus\BusServiceProvider::class, 132 | Illuminate\Cache\CacheServiceProvider::class, 133 | Illuminate\Foundation\Providers\ConsoleSupportServiceProvider::class, 134 | Illuminate\Cookie\CookieServiceProvider::class, 135 | Illuminate\Database\DatabaseServiceProvider::class, 136 | Illuminate\Encryption\EncryptionServiceProvider::class, 137 | Illuminate\Filesystem\FilesystemServiceProvider::class, 138 | Illuminate\Foundation\Providers\FoundationServiceProvider::class, 139 | Illuminate\Hashing\HashServiceProvider::class, 140 | Illuminate\Mail\MailServiceProvider::class, 141 | Illuminate\Pagination\PaginationServiceProvider::class, 142 | Illuminate\Pipeline\PipelineServiceProvider::class, 143 | Illuminate\Queue\QueueServiceProvider::class, 144 | Illuminate\Redis\RedisServiceProvider::class, 145 | Illuminate\Auth\Passwords\PasswordResetServiceProvider::class, 146 | Illuminate\Session\SessionServiceProvider::class, 147 | Illuminate\Translation\TranslationServiceProvider::class, 148 | Illuminate\Validation\ValidationServiceProvider::class, 149 | Illuminate\View\ViewServiceProvider::class, 150 | 151 | /* 152 | * Application Service Providers... 153 | */ 154 | App\Providers\AppServiceProvider::class, 155 | App\Providers\AuthServiceProvider::class, 156 | App\Providers\EventServiceProvider::class, 157 | App\Providers\RouteServiceProvider::class, 158 | 159 | /* 160 | * Custom Service Providers... 161 | */ 162 | Tymon\JWTAuth\Providers\JWTAuthServiceProvider::class, 163 | 164 | ], 165 | 166 | /* 167 | |-------------------------------------------------------------------------- 168 | | Class Aliases 169 | |-------------------------------------------------------------------------- 170 | | 171 | | This array of class aliases will be registered when this application 172 | | is started. However, feel free to register as many as you wish as 173 | | the aliases are "lazy" loaded so they don't hinder performance. 174 | | 175 | */ 176 | 177 | 'aliases' => [ 178 | 179 | 'App' => Illuminate\Support\Facades\App::class, 180 | 'Artisan' => Illuminate\Support\Facades\Artisan::class, 181 | 'Auth' => Illuminate\Support\Facades\Auth::class, 182 | 'Blade' => Illuminate\Support\Facades\Blade::class, 183 | 'Cache' => Illuminate\Support\Facades\Cache::class, 184 | 'Config' => Illuminate\Support\Facades\Config::class, 185 | 'Cookie' => Illuminate\Support\Facades\Cookie::class, 186 | 'Crypt' => Illuminate\Support\Facades\Crypt::class, 187 | 'DB' => Illuminate\Support\Facades\DB::class, 188 | 'Eloquent' => Illuminate\Database\Eloquent\Model::class, 189 | 'Event' => Illuminate\Support\Facades\Event::class, 190 | 'File' => Illuminate\Support\Facades\File::class, 191 | 'Gate' => Illuminate\Support\Facades\Gate::class, 192 | 'Hash' => Illuminate\Support\Facades\Hash::class, 193 | 'Lang' => Illuminate\Support\Facades\Lang::class, 194 | 'Log' => Illuminate\Support\Facades\Log::class, 195 | 'Mail' => Illuminate\Support\Facades\Mail::class, 196 | 'Password' => Illuminate\Support\Facades\Password::class, 197 | 'Queue' => Illuminate\Support\Facades\Queue::class, 198 | 'Redirect' => Illuminate\Support\Facades\Redirect::class, 199 | 'Redis' => Illuminate\Support\Facades\Redis::class, 200 | 'Request' => Illuminate\Support\Facades\Request::class, 201 | 'Response' => Illuminate\Support\Facades\Response::class, 202 | 'Route' => Illuminate\Support\Facades\Route::class, 203 | 'Schema' => Illuminate\Support\Facades\Schema::class, 204 | 'Session' => Illuminate\Support\Facades\Session::class, 205 | 'Storage' => Illuminate\Support\Facades\Storage::class, 206 | 'URL' => Illuminate\Support\Facades\URL::class, 207 | 'Validator' => Illuminate\Support\Facades\Validator::class, 208 | 'View' => Illuminate\Support\Facades\View::class, 209 | 'JWTAuth' => Tymon\JWTAuth\Facades\JWTAuth::class, 210 | 211 | ], 212 | 213 | ]; 214 | --------------------------------------------------------------------------------