Kali ini kita akan mencoba membuat REST API menggunakan Codeigniter 4 dan JWT Auth. Berikut langkah-langkahnya
Langkah 1. Instal Codeigniter 4 Melalui Composer
Langkah pertama install terlebih dahulu codeigniter 4 menggunakan composer, jalankan perintah berikut di terminal anda
composer create-project codeigniter4/appstarter ci4restapiLangkah 2. Setup Config dan Database
Setelah proses instalasi selesai, kita setup terlebih dahulu config dan koneksi ke database
Salin file env dan rekatkan lalu ganti namanya menjadi. env, lalu ubah beberapa kode di baris berikut
#-------------------------------------------------------------------- # ENVIRONMENT #-------------------------------------------------------------------- CI_ENVIRONMENT = development #-------------------------------------------------------------------- # APP #-------------------------------------------------------------------- app.baseURL = '//localhost:8080/'_Setup juga untuk koneksi database di baris berikut
#-------------------------------------------------------------------- # DATABASE #-------------------------------------------------------------------- database.default.hostname = 'localhost' database.default.database = 'rest_api' database.default.username = 'root' database.default.password = database.default.DBDriver = 'MySQLi'Langkah 3. Buat Model
Buat model bernama Pengguna. php di folder App\Models dan masukkan kode berikut
Langkah 4. Buat Pengontrol
Buat pengontrol bernama UserController. php di folder App\Controllers\Api dan masukkan kode berikut
get()->getResult(); return $this->response->setJSON( ['sucess'=> true, 'mesage' => 'OK', 'data' => $user] ); } public function create() { if( !$this->validate([ 'username' => 'required|is_unique[m_users.username]', 'password' => 'required|min_length[6]', 'name' => 'required', 'address' => 'required', 'phone' => 'required' ])) { return $this->response->setJSON(['success' => false, 'data' => null, "message" => \Config\Services::validation()->getErrors()]); } $insert = [ 'username' => $this->request->getVar('username'), 'password' => password_hash($this->request->getVar('password'), PASSWORD_DEFAULT), 'name' => $this->request->getVar('name'), 'naaddressme' => $this->request->getVar('address'), 'phone' => $this->request->getVar('phone'), ]; $db = new Users; $save = $db->insert($insert); return $this->setResponseFormat('json')->respondCreated( ['sucess'=> true, 'mesage' => 'OK'] ); } public function show($id) { $db = new Users; $user = $db->where('id', $id)->first(); return $this->response->setJSON( ['sucess'=> true, 'mesage' => 'OK', 'data' => $user] ); } public function update($id) { if (! $this->validate([ 'username' => 'permit_empty|is_unique[m_users.username,id,'.$id.']', 'password' => 'permit_empty|min_length[6]', 'name' => 'permit_empty', 'address' => 'permit_empty', 'phone' => 'permit_empty', ])) { return $this->response->setJSON(['success' => false, "message" => \Config\Services::validation()->getErrors()]); } $db = new Users; $exist = $db->where('id', $id)->first(); if( !$exist ) { return $this->response->setJSON(['success' => false, "message" => 'User not found']); } $update = [ 'username' => $this->request->getVar('username') ? $this->request->getVar('username') : $exist['username'], 'password' => $this->request->getVar('password') ? password_hash($this->request->getVar('password'), PASSWORD_DEFAULT) : $exist['password'], 'name' => $this->request->getVar('name') ? $this->request->getVar('name') : $exist['name'], 'naaddressme' => $this->request->getVar('address') ? $this->request->getVar('address') : $exist['address'], 'phone' => $this->request->getVar('phone') ? $this->request->getVar('phone') : $exist['phone'] ]; $db = new Users; $save = $db->update( $id, $update); return $this->response->setJSON(['success' => true,'message' => 'OK']); } public function delete($id) { $db = new Users; $db->where('id', $id); $db->delete(); return $this->response->setJSON( ['sucess'=> true, 'mesage' => 'OK'] ); } }Anda juga dapat membuat file ini secara otomatis menggunakan perintah _______1_______5 di terminal Anda
Buat juga pengontrol untuk menangani waktu login pengguna, karena ini adalah waktu saat kami membuat token untuk pertama kalinya. Buat pengontrol bernama AuthController. php dan masukkan kode berikut
validate([ 'username' => 'required', 'password' => 'required|min_length[6]', ])) { return $this->response->setJSON(['success' => false, 'data' => null, "message" => \Config\Services::validation()->getErrors()]); } $db = new Users; $user = $db->where('username', $this->request->getVar('username'))->first(); if( $user ) { if( password_verify($this->request->getVar('password'), $user['password']) ) { $jwt = new JWTCI4; $token = $jwt->token(); return $this->response->setJSON( ['token'=> $token ] ); } }else{ return $this->response->setJSON( ['success'=> false, 'message' => 'User not found' ] )->setStatusCode(409); } } }Langkah 5. Aktifkan CORS
Buat filter bernama CorsFilter. php dengan perintah #-------------------------------------------------------------------- # ENVIRONMENT #-------------------------------------------------------------------- CI_ENVIRONMENT = development #-------------------------------------------------------------------- # APP #-------------------------------------------------------------------- app.baseURL = '//localhost:8080/'_6 di terminal Anda. Kemudian masukkan kode berikut di fungsi sebelum
* @return mixed */ public function before(RequestInterface $request, $arguments = null) { header('Access-Control-Allow-Origin: *'); header("Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE"); header("Access-Control-Allow-Credentials: true"); header("Access-Control-Max-Age: 86400"); header("Access-Control-Allow-Headers: X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, Authorization"); if ( $request->getMethod() == 'options') { $response = service('response'); $response->setJSON(['method' => 'OPTIONS']); return $response; die(); } }_Langkah selanjutnya adalah mendaftarkan filter dengan membuka file App\Config\Filters. php, dan masukkan kode berikut
Kami mendaftar dengan nama cors di variabel $alias
Langkah 6. Instal PHP JWT untuk Codeigniter 4
Pertama-tama kita instal paket JWT dengan perintah berikut
composer require firebase/php-jwtKemudian kita buat library baru bernama JWTCI4, dan masukkan kode berikut
setConfig()->setExpiredDate(); } protected function setConfig() { $this->key = getenv("jwt.secretkey"); $this->ttl = getenv("jwt.ttl") ? getenv("jwt.ttl") : 60; $this->iss = $this->getCurrentURL(); $this->jti = $this->setTime( date("Y-m-d H:i:s")); return $this; } protected function setExpiredDate() { $now = date("Y-m-d H:i:s"); $this->iat = $this->setTime( $now ); $this->nbf = $this->setTime( $now ); $this->exp = $this->setTime( date("Y-m-d H:i:s", strtotime("+".$this->ttl." MINUTES")) ); return $this; } public function token() { $payload = [ 'iss' => $this->iss, 'iat' => $this->iat, 'exp' => $this->exp, 'nbf' => $this->nbf, 'jti' => $this->jti ]; return JWT::encode($payload, $this->key, 'HS256'); } public function parse($token) { $bearerToken = $this->getBearerToken( $token ); if( !$bearerToken ) return ['success' => false, 'message' => 'Token Invalid']; try { $decoded = JWT::decode($bearerToken, new Key($this->key, 'HS256') ); return ['success' => true]; }catch (\Exception $e){ return ['success' => false, 'message' => $e->getMessage()]; } } public function getBearerToken($token) { $token = explode(" ", $token); if( !isset($token[0]) && $token[0] != 'Bearer' ) { return false; } return $token[2]; } public function setTime($date) { return strtotime($date); } public function getCurrentURL() { $url = ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? '//' : '//') . $_SERVER['HTTP_HOST']. $_SERVER['REQUEST_URI']; return $url; } }Kami membuka file itu lagi. env dan tambahkan variabel berikut
#-------------------------------------------------------------------- # ENVIRONMENT #-------------------------------------------------------------------- CI_ENVIRONMENT = development #-------------------------------------------------------------------- # APP #-------------------------------------------------------------------- app.baseURL = '//localhost:8080/'_0Ada dua variabel yaitu kunci rahasia dan ttl. Kunci rahasia nantinya akan digunakan sebagai kunci saat membuat token JWT, sedangkan ttl digunakan untuk mengatur tanggal kedaluwarsa token. Untuk format waktu kami menggunakan menit. Contoh diatas yang kita gunakan adalah 1440 menit atau 24 jam
Selanjutnya, kami membuat middleware untuk otentikasi bahwa API harus diakses menggunakan token JWT. Bagaimana kami membuat file Filter bernama AuthFilter. php, dan masukkan kode berikut
Jangan lupa daftar dulu
#-------------------------------------------------------------------- # ENVIRONMENT #-------------------------------------------------------------------- CI_ENVIRONMENT = development #-------------------------------------------------------------------- # APP #-------------------------------------------------------------------- app.baseURL = '//localhost:8080/'_2Fungsi filter adalah untuk keamanan agar tidak semua orang bisa mengakses API secara bebas
Langkah 7. Buat Rute
Tambahkan beberapa rute baru di file App\Config\Routes. php sebagai berikut
#-------------------------------------------------------------------- # ENVIRONMENT #-------------------------------------------------------------------- CI_ENVIRONMENT = development #-------------------------------------------------------------------- # APP #-------------------------------------------------------------------- app.baseURL = '//localhost:8080/'_3Langkah 8. Jalankan API
Berikut adalah hasil REST API yang kami uji menggunakan Postman
Demikian tutorial kali ini. Semoga bermanfaat
Untuk source code lengkapnya bisa dilihat di akun github sobatcoding di link berikut https. //github. com/sobatcoding21/CI4RestApi. git