개발을 간바루Joy 하게

[Laravel] tymon/JWT 활용 본문

프로그래밍/laravel

[Laravel] tymon/JWT 활용

New! Game 2024. 1. 26. 12:39

개발환경

laravel  9.x

vue3

npm 18.x

php 8.3

composer

 

2024_01_26 작성

 

1. composer 로 tymon jwt 설치

composer require tymon/jwt-auth

 

 

2. config.app.php 에 프로바이더 설정

providers' => [

    ...

    Tymon\JWTAuth\Providers\LaravelServiceProvider::class,
]

 

 

3. config publish 설정

php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"

 

 

4. screte key 생성

php artisan jwt:secret

 

 

5. JWT 미들웨어 생성 및 등록

class JwtMiddleware
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse)  $next
     * @return \Illuminate\Http\JsonResponse
     */
    public function handle(Request $request, Closure $next)
    {
        try {
            $user = JWTAuth::parseToken()->authenticate();
        } catch (Exception $e) {
            if ($e instanceof \Tymon\JWTAuth\Exceptions\TokenInvalidException) {
                return response()->json(['status' => 'Token is Invalid'], 403);
            } else if ($e instanceof \Tymon\JWTAuth\Exceptions\TokenExpiredException) {
                return response()->json(['status' => 'Token is Expired'], 401);
            } else if ($e instanceof \Tymon\JWTAuth\Exceptions\TokenBlacklistedException) {
                return response()->json(['status' => 'Token is Blacklisted'], 400);
            } else {
                return response()->json(['status' => 'Authorization Token not found'], 404);
            }
        }
        return $next($request);
    }
}
protected $routeMiddleware = [

	// ...
    'jwt.verify' => \App\Http\Middleware\JwtMiddleware::class,
];

 

 

6. Laravel Auth Guard/Providers 수정

// config/auth.php

'defaults' => [
    'guard' => 'api',
    'passwords' => 'users',
],


'guards' => [
    'web' => [
        'driver' => 'session',
        'provider' => 'users',
    ],

    'api' => [
        'driver' => 'jwt',
        'provider' => 'users',
        'hash' => false,
    ],
],

'providers' => [
    'users' => [
        'driver' => 'eloquent',
        'model' => App\Models\User::class,
        //field는 기본제공하는 users테이블이아닌 다른테이블 컬럼명을 사용할때 지정
        'field' => [ 
            'id' => 'MEMBER_ID',
            'password' => 'MEMBER_PW',
        ],
    ],
],

 

 

7. user모델 설정

<?php

namespace App\Models;

use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Laravel\Sanctum\HasApiTokens;
use Tymon\JWTAuth\Contracts\JWTSubject;

class User extends Authenticatable implements JWTSubject
{
    use HasApiTokens, HasFactory, Notifiable;
    /**
     * The attributes that are mass assignable.
     *
     * @var array<int, string>
     */
    protected $table = 'MEMBER_TBL'; //사용할 테이블 명
    protected $primaryKey = 'MEMBER_IDX'; //인증 idx키 값
    protected $password = 'MEMBER_PW'; //custom password 컬럼명
    protected $fillable = [
    	//jwt라이브러리로 Insert 할때 사용할 컬럼들
        'MEMBER_ID',
        'MEMBER_PW',
    ];

    /**
     * The attributes that should be hidden for serializa
     *
     * @var array<int, string>
     */
    protected $hidden = [
    	//DB에서 값 가져올때 hidden으로 처리할 컬럼들
        'remember_token',
    ];

    /**
     * The attributes that should be cast.
     *
     * @var array<string, string>
     */
    protected $casts = [
        //'email_verified_at' => 'datetime',
    ];

    public function getJWTIdentifier()
    {
       return $this->getKey();
    }

    public function getJWTCustomClaims()
    {
       return [];
    }

 	//기본컬럼인password말고 커스텀하여 사용할경우
    public function getAuthPassword(){
        return $this->MEMBER_PW;
    }
}

 

 

8.Controller 코드 작성

namespace App\Http\Controllers;

use App\Models\User;
use App\Services\MemberService;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Illuminate\Validation\ValidationException;
use OpenApi\Attributes as OA;

class MemberController extends Controller
{
	//회원가입
	public function joinMemberCont(Request $request){
    	//회원가입로직
        //비밀번호는 다음과같은 암호화로 사용할것
        Hash::make($user_data["member_pw"]);
	}
    
    //로그인
    public function loginMemberCont(Request $request){
    	//로그인 로직
        
        //주의사항 password 키값은 변경되어선 안됨
        $credentials = [
            "MEMBER_ID" => $request->post("member_id",""), //체크할 ID
            "password" => $request->post("member_pw") //체크할 비밀번호
        ];
        
      	if (!$token = auth()->attempt($credentials)) {
            return response()->json(['error' => 'Unauthorized'], 401);
        }
        return $this->respondWithToken($token);
    }
    
    protected function respondWithToken($token) {
        return response()->json([
            'access_token' => $token,
            'token_type' => 'bearer',
            'expires_in' => auth()->factory()->getTTL() * 60
        ]);
    }
}

 

 

참고사이트

 

https://jwt-auth.readthedocs.io/en/develop/laravel-installation/

https://github.com/tymondesigns/jwt-auth/issues

https://8ugust-dev.tistory.com/12

 

저작자표시

'프로그래밍 > laravel' 카테고리의 다른 글

Laravel application key 생성  (0) 2020.02.05
laravel 사용자 헬퍼함수 사용방법  (0) 2020.02.03
AWS EC2에 laravel 설치  (0) 2020.01.31
'프로그래밍/laravel' Related Articles more