Heads up! To view this whole video, sign in with your Courses account or enroll in your free 7-day trial. Sign In Enroll
Preview
Start a free Courses trial
to watch this video
To use a JWT with our user data, we'll be looking at a couple of additional packages that we will install via composer, php-jwt and phpdotenv. php-jwt is a JSON Web Token package that allows you to generate a JWT that we will store in our cookies. phpdotenv is a nice package to set environment variables based on a file.
Lean more about Dependency Management with Composer
Check out the packages:
- firebase/php-jwt A simple library to encode and decode JSON Web Tokens (JWT) in PHP. Should conform to the current spec.
-
vlucas/phpdotenv Loads environment variables from
.env
togetenv()
,$_ENV
and$_SERVER
automagically.
Steps to Creating a .env file
- Preview your site in a browser again and copy the domain name from the url.
- In the 'inc' folder, create a new file named env.txt
- open the file and create 2 lines:
SECRET_KEY=kLQPGHwnHxTBcLkKtPyaUXt9jJgBZCffgXPDbyvb6XzBcPsXobtfzCyrjjqVyXxF COOKIE_PATH=/ COOKIE_DOMAIN=.treehouse-app.com COOKIE_SECURE=false COOKIE_HTTPONLY=true
- Close the file and rename env.txt to .env
To use a JWT with a user data we will be
looking at a couple additional packages
0:00
that will install via Composer,
PHP JWT, and PHP.ENV.
0:05
PHP JWT is a JSON web token package
that allows you to generate
0:11
a Jwt that will be stored in our cookie.
0:16
PHP.ENV is a nice package to set
environment variables based on a file.
0:19
If you want want more details
about environment variables
0:26
check the notes associated
with this video.
0:29
Since we're going to
need a new package for
0:32
this system, let's install our
new package to our composer.
0:34
In workspaces,
go to View>Show Console The package
0:37
we're going to be using is
the php-jwt by Firebase.
0:46
So let's type composer
0:51
require firebase/php-jwt.
0:56
This will install the package and
update your composer.json and
1:03
composer.lock files.
1:08
We also need to require
the vlucas/php.env,
1:09
another way of doing this is
going into our composer.json.
1:14
And we'll add it after the Firebase.
1:22
Vlucas/php.env,
1:28
3.3 is what we're using.
1:35
Make sure that you add a comma
to separate these two packages.
1:39
Doing it this way requires that you
know the latest stable release or
1:42
version that you want to use.
1:46
After updating your JSON file, go back
to the console and run composer update,
1:49
Composer update, oops, save our JSON.
1:58
The last thing we'll need to do
is create a new file named .env.
2:10
This is where we'll store
environment variables.
2:15
As a reminder,
you will want to make sure that any
2:19
ENV files that you use
are added to get ignore file.
2:22
You don't want to be pushing that
secure information to GitHub.
2:27
Any file that starts with a period
can be difficult to edit,
2:31
especially in workspaces.
2:34
So let's close our console and
the composer file and in the Inc folder,
2:36
we'll create a new file and
we'll name this env.txt.
2:43
We can rename it when we're done.
2:49
This is where we're going to define any
environment variables that we want to use.
2:51
We can access this with GitEnv or
the _env variable.
2:56
This file should contain any secret
keys that you need for your application.
3:02
In our case, we need a secret key for
our JWT to be signed.
3:06
We'll type SECRET_KEY and
3:10
set this equal to a string
of 64 random characters.
3:13
We can also use this environment file for
3:20
our cookie settings that may
change based on the environment.
3:22
We'll use COOKIE_PATH,
we'll set this equal to our root.
3:27
Our COOKIE_DOMAIN, which is going
3:34
to equal .treehouse-app.com.
3:39
Our COOKIE_SECURE,
3:43
which is going to equal false, and
3:47
our COOKIE_HTTPONLY equals true.
3:52
Let's close and rename this file.
3:58
.env.
4:06
The last thing we need to do is to tell
our application to load this file.
4:08
In our settings, Right at the top,
4:14
let's add dotenv =
4:22
Dotenv\Dotenv::create(__DIR).
4:27
Then we'll use dotenv->load().
4:42
This will tell the system
where to find our dotenv file,
4:48
in the same folder as our settings file.
4:52
You need to sign up for Treehouse in order to download course files.
Sign up