Te recomiendo que sigas este tutorial:
https://scotch.io/tutorials/token-ba...d-laravel-apps
En resumen como hice el auth y reset:
1.- Usa esta libreria (ponlo en tu composer.json): "tymon/jwt-auth": "0.5.*",
2.- En tu routes.php agrega las rutas:
Route::group(['prefix' => 'api'], function () {
Route::resource('user', 'Api\UserController');
Route::post('auth/login', 'Api\AuthController@doLogin');
Route::post('auth/logout', 'Api\AuthController@doLogout');
Route::post('password/email', 'Api\PasswordController@postEmail');
Route::post('password/reset', 'Api\PasswordController@postReset');
});
3.- Crea los controllers.
Este es para la autenticacion y actualizar el token si es necesario:
<?php
namespace App\Http\Controllers\Api;
use Illuminate\Http\Request;
use Illuminate\Http\Response;
use App\Http\Requests;
use App\Http\Controllers\Controller;
use \stdclass;
use \Validator;
use App\User;
use \DB;
use Hash;
class AuthController extends Controller
{
public function doLogin(Request $request)
{
$validation_rules = array(
'email' => 'required|email',
'password' => 'required|min:6|max:50'
);
$this->validate($request, $validation_rules);
$credentials = \Input::only('email', 'password');
if ( $token = \JWTAuth::attempt($credentials) ) {
\JWTAuth::setToken($token);
$blacklist = \JWTAuth::manager()
->getBlacklist()
->remove( \JWTAuth::getPayload() );
return response()->json( compact('token'), Response::HTTP_OK );
} else {
return response()->json( ['message' => 'Invalid user/password'], Response::HTTP_UNAUTHORIZED );
}
}
public function doLogout(Request $request)
{
$token = \JWTAuth::getToken();
\JWTAuth::setToken($token)->invalidate();
return response( '', Response::HTTP_NO_CONTENT );
}
public function refreshToken(Request $request)
{
$token = \JWTAuth::getToken();
$token = \JWTAuth::refresh($token);
return response()->json( compact('token'), Response::HTTP_OK );
}
}
Y este es para el reseteo del password:
<?php
namespace App\Http\Controllers\Api;
use Illuminate\Support\Facades\Password;
use Illuminate\Http\Request;
use Illuminate\Http\Response;
use Illuminate\Mail\Message;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ResetsPasswords;
class PasswordController extends Controller
{
use ResetsPasswords;
//add and modify this methods as you wish:
/**
* Send a reset link to the given user.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function postEmail(Request $request)
{
$this->validate($request, ['email' => 'required|email']);
$response = Password::sendResetLink($request->only('email'), function (Message $message) {
$message->subject($this->getEmailSubject());
});
switch ($response) {
case Password::RESET_LINK_SENT:
return response()->json( '' , Response::HTTP_NO_CONTENT);
case Password::INVALID_USER:
return response()->json( ['email' => array(trans($response))] , Response::HTTP_UNPROCESSABLE_ENTITY);
}
}
/**
* Reset the given user's password.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function postReset(Request $request)
{
$this->validate($request, [
'token' => 'required',
'email' => 'required|email',
'password' => 'required|confirmed',
]);
$credentials = $request->only(
'email', 'password', 'password_confirmation', 'token'
);
$response = Password::reset($credentials, function ($user, $password) {
$this->resetPassword($user, $password);
});
switch ($response) {
case Password::PASSWORD_RESET:
return redirect($this->redirectPath());
default:
return redirect()->back()
->withInput($request->only('email'))
->withErrors(['email' => trans($response)]);
}
}
}
Saludos
