obonyojimmy/AuthenticateController.php

## AuthenticateController.php
<?php namespace App\Http\Controllers\Api\V1;

use App\Http\Controllers\Controller;
use App\Http\Requests;
use Illuminate\Http\Request;
use Tymon\JWTAuth\Facades\JWTAuth;
use Tymon\JWTAuth\Exceptions\JWTException;

class AuthenticateController extends Controller
{
    /**
     * @param Request $request
     * @return \Symfony\Component\HttpFoundation\Response
     */
    public function authenticate(Request $request)
    {
        // grab credentials from the request
        $credentials = $request->only('email', 'password');

        try {
            // attempt to verify the credentials and create a token for the user
            if (!$token = JWTAuth::attempt($credentials)) {
                return response()->json(['error' => 'invalid_credentials'], 401);
            }
        } catch (JWTException $e) {
            // something went wrong whilst attempting to encode the token
            return response()->json(['error' => 'could_not_create_token'], 500);
        }

        // all good so return the token
        return response()->json(compact('token'));
    }
}

## jwt.php
<?php

return [

    /*
    |--------------------------------------------------------------------------
    | JWT Authentication Secret
    |--------------------------------------------------------------------------
    |
    | Don't forget to set this, as it will be used to sign your tokens.
    | A helper command is provided for this: `php artisan jwt:generate`
    |
    */

    'secret' => env('JWT_SECRET', 'changeme'),

    /*
    |--------------------------------------------------------------------------
    | JWT time to live
    |--------------------------------------------------------------------------
    |
    | Specify the length of time (in minutes) that the token will be valid for.
    | Defaults to 1 hour
    |
    */

    'ttl' => 60,

    /*
    |--------------------------------------------------------------------------
    | Refresh time to live
    |--------------------------------------------------------------------------
    |
    | Specify the length of time (in minutes) that the token can be refreshed
    | within. I.E. The user can refresh their token within a 2 week window of
    | the original token being created until they must re-authenticate.
    | Defaults to 2 weeks
    |
    */

    'refresh_ttl' => 20160,

    /*
    |--------------------------------------------------------------------------
    | JWT hashing algorithm
    |--------------------------------------------------------------------------
    |
    | Specify the hashing algorithm that will be used to sign the token.
    |
    | See here: https://github.com/namshi/jose/tree/2.2.0/src/Namshi/JOSE/Signer
    | for possible values
    |
    */

    'algo' => 'HS256',

    /*
    |--------------------------------------------------------------------------
    | User Model namespace
    |--------------------------------------------------------------------------
    |
    | Specify the full namespace to your User model.
    | e.g. 'Acme\Entities\User'
    |
    */

    'user' => 'App\User',

    /*
    |--------------------------------------------------------------------------
    | User identifier
    |--------------------------------------------------------------------------
    |
    | Specify a unique property of the user that will be added as the 'sub'
    | claim of the token payload.
    |
    */

    'identifier' => 'id',

    /*
    |--------------------------------------------------------------------------
    | Required Claims
    |--------------------------------------------------------------------------
    |
    | Specify the required claims that must exist in any token.
    | A TokenInvalidException will be thrown if any of these claims are not
    | present in the payload.
    |
    */

    'required_claims' => ['iss', 'iat', 'exp', 'nbf', 'sub', 'jti'],

    /*
    |--------------------------------------------------------------------------
    | Blacklist Enabled
    |--------------------------------------------------------------------------
    |
    | In order to invalidate tokens, you must have the the blacklist enabled.
    | If you do not want or need this functionality, then set this to false.
    |
    */

    'blacklist_enabled' => env('JWT_BLACKLIST_ENABLED', true),

    /*
    |--------------------------------------------------------------------------
    | Providers
    |--------------------------------------------------------------------------
    |
    | Specify the various providers used throughout the package.
    |
    */

    'providers' => [

        /*
        |--------------------------------------------------------------------------
        | User Provider
        |--------------------------------------------------------------------------
        |
        | Specify the provider that is used to find the user based
        | on the subject claim
        |
        */

        'user' => 'Tymon\JWTAuth\Providers\User\EloquentUserAdapter',

        /*
        |--------------------------------------------------------------------------
        | JWT Provider
        |--------------------------------------------------------------------------
        |
        | Specify the provider that is used to create and decode the tokens.
        |
        */

        'jwt' => 'Tymon\JWTAuth\Providers\JWT\NamshiAdapter',

        /*
        |--------------------------------------------------------------------------
        | Authentication Provider
        |--------------------------------------------------------------------------
        |
        | Specify the provider that is used to authenticate users.
        |
        */

        'auth' => function ($app) {
            return new \App\Http\Repositories\Auth\SentinelAuthAdapter($app['auth']);
        },

        /*
        |--------------------------------------------------------------------------
        | Storage Provider
        |--------------------------------------------------------------------------
        |
        | Specify the provider that is used to store tokens in the blacklist
        |
        */

        'storage' => function ($app) {
            return new Tymon\JWTAuth\Providers\Storage\IlluminateCacheAdapter($app['cache']);
        }

    ]

];

## SentinelAuthAdapter.php
<?php namespace App\Http\Repositories\Auth;

use Exception;
use Cartalyst\Sentinel\Laravel\Facades\Sentinel;
use Cartalyst\Sentinel\Users\UserInterface;
use Tymon\JWTAuth\Providers\Auth\AuthInterface;

class SentinelAuthAdapter implements AuthInterface
{
    /**
     * Check a user's credentials
     *
     * @param  array  $credentials
     * @return bool
     */
    public function byCredentials(array $credentials = [])
    {
        try {
            $user = Sentinel::authenticate($credentials);
            return $user instanceof UserInterface;
        } catch (Exception $e) {
            return false;
        }
    }

    /**
     * Authenticate a user via the id
     *
     * @param  mixed  $id
     * @return bool
     */
    public function byId($id)
    {
        try {
            $user = Sentinel::findById($id);
            Sentinel::login($user);
            return $user instanceof UserInterface && Sentinel::check();
        } catch (Exception $e) {
            return false;
        }
    }

    /**
     * Get the currently authenticated user
     *
     * @return mixed
     */
    public function user()
    {
        return Sentinel::getUser();
    }
}
	<?php namespace App\Http\Controllers\Api\V1;

	use App\Http\Controllers\Controller;
	use App\Http\Requests;
	use Illuminate\Http\Request;
	use Tymon\JWTAuth\Facades\JWTAuth;
	use Tymon\JWTAuth\Exceptions\JWTException;

	class AuthenticateController extends Controller
	{
	/**
	* @param Request $request
	* @return \Symfony\Component\HttpFoundation\Response
	*/
	public function authenticate(Request $request)
	{
	// grab credentials from the request
	$credentials = $request->only('email', 'password');

	try {
	// attempt to verify the credentials and create a token for the user
	if (!$token = JWTAuth::attempt($credentials)) {
	return response()->json(['error' => 'invalid_credentials'], 401);
	}
	} catch (JWTException $e) {
	// something went wrong whilst attempting to encode the token
	return response()->json(['error' => 'could_not_create_token'], 500);
	}

	// all good so return the token
	return response()->json(compact('token'));
	}
	}
	<?php

	return [

	/*
	\|--------------------------------------------------------------------------
	\| JWT Authentication Secret
	\|--------------------------------------------------------------------------
	\|
	\| Don't forget to set this, as it will be used to sign your tokens.
	\| A helper command is provided for this: `php artisan jwt:generate`
	\|
	*/

	'secret' => env('JWT_SECRET', 'changeme'),

	/*
	\|--------------------------------------------------------------------------
	\| JWT time to live
	\|--------------------------------------------------------------------------
	\|
	\| Specify the length of time (in minutes) that the token will be valid for.
	\| Defaults to 1 hour
	\|
	*/

	'ttl' => 60,

	/*
	\|--------------------------------------------------------------------------
	\| Refresh time to live
	\|--------------------------------------------------------------------------
	\|
	\| Specify the length of time (in minutes) that the token can be refreshed
	\| within. I.E. The user can refresh their token within a 2 week window of
	\| the original token being created until they must re-authenticate.
	\| Defaults to 2 weeks
	\|
	*/

	'refresh_ttl' => 20160,

	/*
	\|--------------------------------------------------------------------------
	\| JWT hashing algorithm
	\|--------------------------------------------------------------------------
	\|
	\| Specify the hashing algorithm that will be used to sign the token.
	\|
	\| See here: https://github.com/namshi/jose/tree/2.2.0/src/Namshi/JOSE/Signer
	\| for possible values
	\|
	*/

	'algo' => 'HS256',

	/*
	\|--------------------------------------------------------------------------
	\| User Model namespace
	\|--------------------------------------------------------------------------
	\|
	\| Specify the full namespace to your User model.
	\| e.g. 'Acme\Entities\User'
	\|
	*/

	'user' => 'App\User',

	/*
	\|--------------------------------------------------------------------------
	\| User identifier
	\|--------------------------------------------------------------------------
	\|
	\| Specify a unique property of the user that will be added as the 'sub'
	\| claim of the token payload.
	\|
	*/

	'identifier' => 'id',

	/*
	\|--------------------------------------------------------------------------
	\| Required Claims
	\|--------------------------------------------------------------------------
	\|
	\| Specify the required claims that must exist in any token.
	\| A TokenInvalidException will be thrown if any of these claims are not
	\| present in the payload.
	\|
	*/

	'required_claims' => ['iss', 'iat', 'exp', 'nbf', 'sub', 'jti'],

	/*
	\|--------------------------------------------------------------------------
	\| Blacklist Enabled
	\|--------------------------------------------------------------------------
	\|
	\| In order to invalidate tokens, you must have the the blacklist enabled.
	\| If you do not want or need this functionality, then set this to false.
	\|
	*/

	'blacklist_enabled' => env('JWT_BLACKLIST_ENABLED', true),

	/*
	\|--------------------------------------------------------------------------
	\| Providers
	\|--------------------------------------------------------------------------
	\|
	\| Specify the various providers used throughout the package.
	\|
	*/

	'providers' => [

	/*
	\|--------------------------------------------------------------------------
	\| User Provider
	\|--------------------------------------------------------------------------
	\|
	\| Specify the provider that is used to find the user based
	\| on the subject claim
	\|
	*/

	'user' => 'Tymon\JWTAuth\Providers\User\EloquentUserAdapter',

	/*
	\|--------------------------------------------------------------------------
	\| JWT Provider
	\|--------------------------------------------------------------------------
	\|
	\| Specify the provider that is used to create and decode the tokens.
	\|
	*/

	'jwt' => 'Tymon\JWTAuth\Providers\JWT\NamshiAdapter',

	/*
	\|--------------------------------------------------------------------------
	\| Authentication Provider
	\|--------------------------------------------------------------------------
	\|
	\| Specify the provider that is used to authenticate users.
	\|
	*/

	'auth' => function ($app) {
	return new \App\Http\Repositories\Auth\SentinelAuthAdapter($app['auth']);
	},

	/*
	\|--------------------------------------------------------------------------
	\| Storage Provider
	\|--------------------------------------------------------------------------
	\|
	\| Specify the provider that is used to store tokens in the blacklist
	\|
	*/

	'storage' => function ($app) {
	return new Tymon\JWTAuth\Providers\Storage\IlluminateCacheAdapter($app['cache']);
	}

	]

	];
	<?php namespace App\Http\Repositories\Auth;

	use Exception;
	use Cartalyst\Sentinel\Laravel\Facades\Sentinel;
	use Cartalyst\Sentinel\Users\UserInterface;
	use Tymon\JWTAuth\Providers\Auth\AuthInterface;

	class SentinelAuthAdapter implements AuthInterface
	{
	/**
	* Check a user's credentials
	*
	* @param array $credentials
	* @return bool
	*/
	public function byCredentials(array $credentials = [])
	{
	try {
	$user = Sentinel::authenticate($credentials);
	return $user instanceof UserInterface;
	} catch (Exception $e) {
	return false;
	}
	}

	/**
	* Authenticate a user via the id
	*
	* @param mixed $id
	* @return bool
	*/
	public function byId($id)
	{
	try {
	$user = Sentinel::findById($id);
	Sentinel::login($user);
	return $user instanceof UserInterface && Sentinel::check();
	} catch (Exception $e) {
	return false;
	}
	}

	/**
	* Get the currently authenticated user
	*
	* @return mixed
	*/
	public function user()
	{
	return Sentinel::getUser();
	}
	}