"<p>As web apps become more and more popular, it's important to add security features like JSON Web Tokens (JWT) to protect your users' data. whether you use React,Vue.js or anything else you can add your JWT authentication in this way. Watch this video to learn how to add JWT authentication to your web app in just 9 minutes.</p> <h1>What is JWT?</h1> <p>JWT, or JSON Web Token, is a standard for sharing security information between a client and a server. JWTs contain encoded JSON objects, including claims, and are signed with a cryptographic algorithm to ensure that they can't be altered after being issued.</p> <p>Full Project on Github : https://github.com/HoussemTN/devbrains-jwt-auth</p> <p>In this article we will share with you some steps we have done in the tutorial to implement JWT authentication :</p> <p>1. Create your Symfony project :</p> <pre> <code> symfony new jwt-auth --version=5.4</code></pre> <p>2. Access to your project:</p> <pre> <code>cd jwt-auth</code></pre> <p>3. Install Maker Bundle :</p> <p>Maker Bundle allow us to generate classes,controllers,forms(..) automatically through the  CLI by answering some questions.</p> <pre> <code><code>composer require symfony/maker-bundle --dev</code></code></pre> <p>4. Setup your database:</p> <p>Configure your <kbd>.env </kbd>like we did in the tutorial (using mysql driver)<br /> then we created the database named <kbd>jwt </kbd>using this command:</p> <pre> <code><code>php bin/console doctrine:database:create</code></code></pre> <p>5. Install ORM Pack:</p> <pre> <code><code>composer require orm</code></code></pre> <p>6. Install Security Bundle:</p> <pre> <code>composer require security</code></pre> <p>7. Generate your User Entity:</p> <pre> <code><code>php bin/console make:user</code></code> </pre> <p>Also Don't forget to run migrations and insert a user in your database.</p> <p>You have to hash the password by using this command: </p> <pre> <code><code> php bin/console security:hash-password</code></code></pre> <p>8. Installing our Lexic JWT Authentication Bundle:</p> <pre> <code><code>composer require lexik/jwt-authentication-bundle</code></code></pre> <p>9. Generate your own keys using the following command:</p> <pre> <code><code>php bin/console lexik:jwt:generate-keypair</code></code></pre> <p>10. Configure your Security.yaml file:</p> <pre> <code>security: enable_authenticator_manager: true # https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords password_hashers: Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto' # https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider providers: # used to reload user from session & other features (e.g. switch_user) app_user_provider: entity: class: App\Entity\User property: email firewalls: login: pattern: ^/api/login stateless: true json_login: username_path: email check_path: /api/login_check # or api_login_check as defined in config/routes.yaml success_handler: lexik_jwt_authentication.handler.authentication_success failure_handler: lexik_jwt_authentication.handler.authentication_failure api: pattern: ^/api stateless: true guard: authenticators: - lexik_jwt_authentication.jwt_token_authenticator dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false main: lazy: true provider: app_user_provider</code></pre> <p>11. Configure your Routes.yaml file:</p> <pre> <code>api_login_check: path: /api/login_check</code></pre> <p>12. Test your API using Postman:</p> <pre> <code>{ "username":"YOUR_EMAIL", "password":"YOUR_PLAIN_PASSWORD" }</code></pre> <p>Don't forget to set your Header like this : </p> <pre> <code>Content-Type: application/json</code></pre> <p>That's all,if you have any question don't hesitate to post your question(s) on our forum.</p>"