jwt:user information

2020-06-10 hit count image

let's see how to get user information from login user in jwt(Json Web Token) which is one of the token based authentication systems.


we’ll introduce how to get user information from login user in jwt authentication system. this blog is a series. if you want to know how to install jwt middleware and implement signup, signin features, see our previous blogs.


we’ve made the repository of jwt authentication system. click below link to see our repository.

Development Environment

in here, we’ll use Laravel development environment created by Laradock and Ansible. if you want to know our environment, see our previous blog.

Modify Controller

open /app/Http/Controllers/JWTAuthController.php file in Laravel project folder and add below code.

public function user() {
    return response()->json(Auth::guard('api')->user());

this function is to get and response login user information by client(browser) request.

Modify Route

modify the route to connect the controller function and url. open /routes/api.php file and add below code.

Route::get('unauthorized', function() {
    return response()->json([
        'status' => 'error',
        'message' => 'Unauthorized'
    ], 401);

Route::group(['middleware' => 'auth:api'], function(){
    Route::get('user', 'JWTAuthController@user')->name('api.jwt.user');

user route which gets user information uses auth:api middleware. this middleware judges the user is login or not login and if the user was login, the user can get user information. we will make user to redirect unauthorized and response 401 if user was not login.


Laravel Auth middleware basically has redirect feature. we’ll configure the redirect for api and set 401 response. open app/Http/Middleware/Authenticate.php file and modify it like below.

protected function redirectTo($request)
    if (! $request->expectsJson()) {
        if ($request->is('api/*')) {
            return route('api.jwt.unauthorized');
        return route('login');


let’s test user information feature via Postman.

# header
Bearer jwt_token

if jwt token is valid, you can get user information like below screen.

get user info

if jwt token is expired or user who didn’t login requests user information, you can get 401 error response.

fail to get user info


we’ve done to develop the api which gets user information feature in jwt authentication system. at next blog post, we will introduce how to make jwt token refresh feature after login.