Create JWT Based Authentication Endpoint With Laravel Lumen

Afrimadoni Dinata
2 min readSep 7, 2020


Many modern applications today implemented JWT (JSON Web Token) based authentication, although there are some pros/cons around it, JWT still a popular token format among developers.

Lumen Version

Currently my application written in Lumen 7.0.3, if you are not sure which version you have just check it with command:

php artisan --version


I’m using php-jwt library in this tutorial, you can run following command to install:

composer require firebase/php-jwt

Table Structure

I’m using MySQL 8.x, and my user’s table defined as follow:

`id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
`username` varchar(25) NOT NULL,
`password` varchar(100) NOT NULL,
`created_at` timestamp NULL DEFAULT NULL,
`updated_at` timestamp NULL DEFAULT NULL,
UNIQUE KEY `username` (`username`)

or if you prefer migration script:

public function up()
Schema::create('user', function(Blueprint $table)
$table->string('username', 25)->unique('username');
$table->string('password', 100);

User Model

User model must implemented AuthenticatableContract and AuthorizableContract as Laravel standard for doing authentication.

JWT Secret

Add secret key to your your .env file, this key will be used to generate the token


Auth Controller

The controller only have two methods plus one constructor, jwt() used to generate JWT token and authenticate() to perform authentication.

Register Route

Finally, create authentication url. Add following lines into routes/web.php:

$router->group(['prefix'=> 'auth'], function() use ($router) {
$router->post('login', [
'uses' => 'AuthController@authenticate'


Now it’s time to check whether our endpoint is working or not, open postman or any other tool and make HTTP post request

POST to route /auth/login



Afrimadoni Dinata

enterprise architect. tech enthusiast. coffee addict.