Laravel Vue JS JWT Implementation

Question

I am trying to understand how an auth in a spa context with a jwt token should be implemented based on a Register / Login / Logout process. I have been searching on the web and have implemented at laravel side tymon jwt but I am confused about next step regarding register form and login form.

Do I understand well that when my user register for the first time on my website, this is at this time that the JWT token should be generated and recorded in a cookie ? If yes, is it Vue or Laravel which should record the JWT token in a cookie ? I suppose Vue ?! If yes, in which manner?

Other question: what happen if the user clear the browser cache and eliminate the cookie containing the JWT form his computer ? Does he need to register again to get a a new token ?? I am totally confused about the process.

Getting a more detailed and step by step process would help. Thanks

Answer 1

The rough sketch for a JWT authentication works like this:

1. Registration - (optional | If the user is not registered) User fills the registration form which is posted to the register route, User account is created and the api responds with 201 ( content created)
2. Login - User uses his credentials to login to the app. The credentials are verified and a JWT token is issued and sent back to the user.
3. Vue handles the JWT Token and stores the provided token into cookies ( you can use js-cookie to handle this, usually in Vuex state )
4. The token is used with every request sent forth to the server, server verifies the Token and then the request proceeds.
5. Logging out requests the server to invalidate the token and then removes the token from the cookies.

You can use laravel passport, Laravel Sanctum or tymon/Jwt for token management.