{"metadata":{"image":[],"title":"","description":""},"api":{"url":"","auth":"required","results":{"codes":[]},"settings":"","params":[]},"next":{"description":"","pages":[]},"title":"Overview","type":"basic","slug":"jwt-auth-intro","excerpt":"","body":"JWT is configured thanks to [tymondesigns/jwt-auth](https://github.com/tymondesigns/jwt-auth).\n\n\n#Default Configuration\nWhen installing the repository using `composer create-project`, the following command is executed:\n`php artisan jwt:generate`\nwhich generates the `JWT_SECRET` needed for the JWT to run.\n\nJson Web Tokens are stateless, this is why we're never storing the tokens in the database.\n\nA sample code for JWT authentication is provided in the `LoginController`.\nYour API knows that a user is authenticated, if he sends the `Authorization: Bearer {token}` header.\nThis is automatically configured for you in the [API service](doc:restangular).\n\n\n[block:callout]\n{\n  \"type\": \"success\",\n  \"body\": \"It is recommended that you move the generated token from `config/jwt.php` to your `.env` file. This is an upstream limitation that should be fixed in their next release.\"\n}\n[/block]\n\n[block:callout]\n{\n  \"type\": \"warning\",\n  \"title\": \"\",\n  \"body\": \"If you're changing the default model for authentication, make sure to update your `config/jwt.php` to reflect your changes. Specifically you need to update `'user'` & `'identifier'`.\"\n}\n[/block]","updates":[],"order":0,"isReference":false,"hidden":false,"sync_unique":"","link_url":"","link_external":false,"_id":"57ffd85f755a2e1700c2bb0e","__v":0,"category":{"sync":{"isSync":false,"url":""},"pages":[],"title":"JWT Auth","slug":"jwt-auth","order":5,"from_sync":false,"reference":false,"_id":"57ffd85f755a2e1700c2bb0b","__v":0,"version":"57ffd85f755a2e1700c2bb05","project":"567083021dabd80d00b122ae","createdAt":"2015-12-18T23:14:19.433Z"},"createdAt":"2015-12-18T23:21:22.900Z","githubsync":"","parentDoc":null,"version":{"version":"3.4","version_clean":"3.4.0","codename":"","is_stable":true,"is_beta":false,"is_hidden":false,"is_deprecated":false,"categories":["57ffd85f755a2e1700c2bb06","57ffd85f755a2e1700c2bb07","57ffd85f755a2e1700c2bb08","57ffd85f755a2e1700c2bb09","57ffd85f755a2e1700c2bb0a","57ffd85f755a2e1700c2bb0b","57ffd85f755a2e1700c2bb0c","57ffd85f755a2e1700c2bb0d"],"_id":"57ffd85f755a2e1700c2bb05","project":"567083021dabd80d00b122ae","releaseDate":"2016-10-13T18:54:23.018Z","__v":1,"createdAt":"2016-10-13T18:54:23.018Z"},"project":"567083021dabd80d00b122ae","user":"567082433a32d20d00c45cab"}
JWT is configured thanks to [tymondesigns/jwt-auth](https://github.com/tymondesigns/jwt-auth). #Default Configuration When installing the repository using `composer create-project`, the following command is executed: `php artisan jwt:generate` which generates the `JWT_SECRET` needed for the JWT to run. Json Web Tokens are stateless, this is why we're never storing the tokens in the database. A sample code for JWT authentication is provided in the `LoginController`. Your API knows that a user is authenticated, if he sends the `Authorization: Bearer {token}` header. This is automatically configured for you in the [API service](doc:restangular). [block:callout] { "type": "success", "body": "It is recommended that you move the generated token from `config/jwt.php` to your `.env` file. This is an upstream limitation that should be fixed in their next release." } [/block] [block:callout] { "type": "warning", "title": "", "body": "If you're changing the default model for authentication, make sure to update your `config/jwt.php` to reflect your changes. Specifically you need to update `'user'` & `'identifier'`." } [/block]