jwt:user information

2023-03-18 hit count image

let's see how to get user information from login user in jwt(Json Web Token) which is one of the token based authentication systems.

Outline

we’ll introduce how to get user information from login user in jwt authentication system. this blog is a series. if you want to know how to install jwt middleware and implement signup, signin features, see our previous blogs.

Repository

we’ve made the repository of jwt authentication system. click below link to see our repository.

Development Environment

in here, we’ll use Laravel development environment created by Laradock and Ansible. if you want to know our environment, see our previous blog.

Modify Controller

open /app/Http/Controllers/JWTAuthController.php file in Laravel project folder and add below code.

public function user() {
    return response()->json(Auth::guard('api')->user());
}

this function is to get and response login user information by client(browser) request.

Modify Route

modify the route to connect the controller function and url. open /routes/api.php file and add below code.

Route::get('unauthorized', function() {
    return response()->json([
        'status' => 'error',
        'message' => 'Unauthorized'
    ], 401);
})->name('api.jwt.unauthorized');

Route::group(['middleware' => 'auth:api'], function(){
    Route::get('user', 'JWTAuthController@user')->name('api.jwt.user');
});

user route which gets user information uses auth:api middleware. this middleware judges the user is login or not login and if the user was login, the user can get user information. we will make user to redirect unauthorized and response 401 if user was not login.

Redirect

Laravel Auth middleware basically has redirect feature. we’ll configure the redirect for api and set 401 response. open app/Http/Middleware/Authenticate.php file and modify it like below.

protected function redirectTo($request)
{
    if (! $request->expectsJson()) {
        if ($request->is('api/*')) {
            return route('api.jwt.unauthorized');
        }
        return route('login');
    }
}

Test

let’s test user information feature via Postman.

# URL
localhost/api/user
# header
Authorization
Bearer jwt_token

if jwt token is valid, you can get user information like below screen.

get user info

if jwt token is expired or user who didn’t login requests user information, you can get 401 error response.

fail to get user info

Completed

we’ve done to develop the api which gets user information feature in jwt authentication system. at next blog post, we will introduce how to make jwt token refresh feature after login.

Was my blog helpful? Please leave a comment at the bottom. it will be a great help to me!

App promotion

You can use the applications that are created by this blog writer Deku.
Deku created the applications with Flutter.

If you have interested, please try to download them for free.

word learning app for kids, BlaBoo
word learning app for kids
BlaBoo
Korean vocabulary, TOPIK words
Korean TOPIK vocabulary app
TOPIK words
Japanese vocabulary app
Japanese vocabulary app
Japanese words
Chinese HSK vocabulary app
Chinese HSK vocabulary app
HSK words
Posts
  • Previous
  • Next