Heads up! To view this whole video, sign in with your Courses account or enroll in your free 7-day trial. Sign In Enroll

Preview

Start a free Courses trial
to watch this video

Sign up for Treehouse

Setting up the Packages

4:55 with Alena Holligan

To use a JWT with our user data, we'll be looking at a couple of additional packages that we will install via composer, php-jwt and phpdotenv. php-jwt is a JSON Web Token package that allows you to generate a JWT that we will store in our cookies. phpdotenv is a nice package to set environment variables based on a file.

Lean more about Dependency Management with Composer

Check out the packages:

  • firebase/php-jwt A simple library to encode and decode JSON Web Tokens (JWT) in PHP. Should conform to the current spec.
  • vlucas/phpdotenv Loads environment variables from .env to getenv(), $_ENV and $_SERVER automagically.

Steps to Creating a .env file

  1. Preview your site in a browser again and copy the domain name from the url.
  2. In the 'inc' folder, create a new file named env.txt
  3. open the file and create 2 lines:
    SECRET_KEY=kLQPGHwnHxTBcLkKtPyaUXt9jJgBZCffgXPDbyvb6XzBcPsXobtfzCyrjjqVyXxF COOKIE_PATH=/ COOKIE_DOMAIN=.treehouse-app.com COOKIE_SECURE=false COOKIE_HTTPONLY=true
    ** NOTE: Do NOT include the ending slash on the url **
  4. Close the file and rename env.txt to .env

To use a JWT with a user data we will be looking at a couple additional packages 0:00
that will install via Composer, PHP JWT, and PHP.ENV. 0:05
PHP JWT is a JSON web token package that allows you to generate 0:11
a Jwt that will be stored in our cookie. 0:16
PHP.ENV is a nice package to set environment variables based on a file. 0:19
If you want want more details about environment variables 0:26
check the notes associated with this video. 0:29
Since we're going to need a new package for 0:32
this system, let's install our new package to our composer. 0:34
In workspaces, go to View>Show Console The package 0:37
we're going to be using is the php-jwt by Firebase. 0:46
So let's type composer 0:51
require firebase/php-jwt. 0:56
This will install the package and update your composer.json and 1:03
composer.lock files. 1:08
We also need to require the vlucas/php.env, 1:09
another way of doing this is going into our composer.json. 1:14
And we'll add it after the Firebase. 1:22
Vlucas/php.env, 1:28
3.3 is what we're using. 1:35
Make sure that you add a comma to separate these two packages. 1:39
Doing it this way requires that you know the latest stable release or 1:42
version that you want to use. 1:46
After updating your JSON file, go back to the console and run composer update, 1:49
Composer update, oops, save our JSON. 1:58
The last thing we'll need to do is create a new file named .env. 2:10
This is where we'll store environment variables. 2:15
As a reminder, you will want to make sure that any 2:19
ENV files that you use are added to get ignore file. 2:22
You don't want to be pushing that secure information to GitHub. 2:27
Any file that starts with a period can be difficult to edit, 2:31
especially in workspaces. 2:34
So let's close our console and the composer file and in the Inc folder, 2:36
we'll create a new file and we'll name this env.txt. 2:43
We can rename it when we're done. 2:49
This is where we're going to define any environment variables that we want to use. 2:51
We can access this with GitEnv or the _env variable. 2:56
This file should contain any secret keys that you need for your application. 3:02
In our case, we need a secret key for our JWT to be signed. 3:06
We'll type SECRET_KEY and 3:10
set this equal to a string of 64 random characters. 3:13
We can also use this environment file for 3:20
our cookie settings that may change based on the environment. 3:22
We'll use COOKIE_PATH, we'll set this equal to our root. 3:27
Our COOKIE_DOMAIN, which is going 3:34
to equal .treehouse-app.com. 3:39
Our COOKIE_SECURE, 3:43
which is going to equal false, and 3:47
our COOKIE_HTTPONLY equals true. 3:52
Let's close and rename this file. 3:58
.env. 4:06
The last thing we need to do is to tell our application to load this file. 4:08
In our settings, Right at the top, 4:14
let's add dotenv = 4:22
Dotenv\Dotenv::create(__DIR). 4:27
Then we'll use dotenv->load(). 4:42
This will tell the system where to find our dotenv file, 4:48
in the same folder as our settings file. 4:52

You need to sign up for Treehouse in order to download course files.

Sign up