README

Takes care of the authorization and sets the roles and permissions for the user and consumer. Depends on the iMemento JWT package for JWT related tasks. Decrypting the tokens happens in the JWT package.

Install

composer require imemento/guard-laravel

The package uses Service Discovery. Still, if necessary, you can add the service to config/app.php:

iMemento\Guard\Laravel\AuthServiceProvider::class,

In config/auth.php add a guard with jwt as the driver:

'api' => [
	'driver' 	=> 'jwt',
	'provider' 	=> 'users',
],

In config/auth.php add a user provider with static as the driver. The model needs to be an instance of iMemento\SDK\Auth\User::class or an extension of it.

'users' => [
	'driver' 	=> 'static',
	'model' 	=> iMemento\SDK\Auth\User::class,
],

Dependencies

Since this package handles multiple operations in order to achieve the desired results, the following .env variables should be properly defined:

AUTH_KEY=

Usage

To use the JWT Guard for all the routes in your routes/api.php file you just need to add it to the api middleware group in app/Http/Kernel.php.

'api' => [
	'throttle:60,1',
	'bindings',
	'auth:api', #this
],

If your API exposes public endpoints, the ones that should be guarded by the JWT Guard should be specifically grouped:

	Route::group(['middleware' => 'auth:api'], function ()) {
		//...
	}

Authenticated user

Once the Guard has been applied, the app will have access to an authenticated user through auth()->user().

The following fields are added to the current user and can be used in the application's policies.

{
  "id": 13,
  "agency_id": 2,
  "roles": ["admin"],
  "consumer_roles": ["user"],
  "permissions": ["read","write"]
}

The fields id, agency_id can be null, roles can be empty.