Handle authentication, authorization, and manage user profile
- laravel/fortify - For setup authentication service
- tymon/jwt-auth - For provide authentication using JWT
- Register
- Login
- Logout
- Get user profile
- Delete my account
- Delete specific user by admin
- Add role to user
- Remove role from user
- Update user profile
- Update rider profile
Install laravel dependencies
docker run --rm \
-u "$(id -u):$(id -g)" \
-v "$(pwd):/var/www/html" \
-w /var/www/html \
laravelsail/php82-composer:latest \
composer install --ignore-platform-reqs
Copy .env.example
to .env
cp .env.example .env
cp .env.example .env.testing
Make sure you have the network called ku-wongnai_ku-wongnai
this use for connect to RabbitMQ
Start the service
sail up -d
Generate JWT secret
sail artisan jwt:secret
Migrate and seed database
sail artisan migrate:fresh --seed
Generate application key
sail artisan key:generate
If some service can't be run, for example, MySQl run the following command
sail down --volumes
Service run at http://localhost:8090
POST -> http://localhost:8090/register
{
"name": "Non",
"email": "[email protected]",
"password": "12345678",
"password_confirmation": "12345678"
}
{
"email": "[email protected]",
"password": "12345678"
}
After succesfully logged in, you will get a JWT Token
If you access this route without JWT token, It should return 401 Unauthorized
. Now try with JWT token
Authorization: Bearer <JWT_Token>
This should return the user profile
DELETE -> http://localhost:8090/api/users/me
DELETE -> http://localhost:8090/api/users/{user}
With Authorization: Bearer <JWT_Token>
to invalidate token
There are more routes that created by laravel/fortify but not listed in here. Please refer to the docs for more information
User can has many roles, for example user can be a normal user or a rider that delivery food to customers. Only admin has an access to this functionality.
Currently fixed to only 3 roles
- User
- Rider
- Admin
// Example response
{
"id": 4,
"name": "John Doe",
"email": "[email protected]",
"email_verified_at": null,
"two_factor_secret": null,
"two_factor_recovery_codes": null,
"two_factor_confirmed_at": null,
"created_at": "2023-09-02T19:49:59.000000Z",
"updated_at": "2023-09-02T19:49:59.000000Z",
"roles": [
{
"id": 1,
"name": "user",
"created_at": "2023-09-02T17:14:04.000000Z",
"updated_at": "2023-09-02T17:14:04.000000Z",
"pivot": {
"user_id": 4,
"role_id": 1
}
}
],
"user_profile": null,
"rider_profile": null
}
Add role to user
{
"user_id": 1,
"role_name": "rider"
}
Remove role from user
DELETE -> http://localhost:8090/api/users/role
{
"user_id": 1,
"role_name": "rider"
}
User can has 2 profile. One for normal user and second for rider. This action will update or create if no profile found.
User profile
{
"user_id": 2,
"phone_number": "0123456789",
"birth_date": "2003-3-5"
}
Rider profile
{
"user_id": 2,
"phone_number": "0890708155",
"birth_date": "2003-3-5",
"bank_account_number": "1234567890",
"id_card": "1234567890123"
}