Let's now allow signed up users to login to the app. We'll be using JSON Web Tokens (JWT) for user authentication. Because we created an api-only app, the app is already configured to use of JWT for authentication.

Let's create the /login route, open start/routes.js and add the line below to it:

// start/routes.js

Route.post('/login', 'UserController.login')

UserController's login method will be executed when the /login route is accessed. This method handles users authentication.

Table of Contents

    Next, let's add the login method to UserController. Open app/Controllers/Http/UserController.js and add the code below to it:

    // app/Controllers/Http/UserController.js
    async login ({ request, auth, response }) {
        try {
            // validate the user credentials and generate a JWT token
            const token = await auth.attempt(
            return response.json({
                status: 'success',
                data: token
        } catch (error) {
                status: 'error',
                message: 'Invalid email/password'

    Using the attempt method, we validate the user's credentials and generate a JWT token which we in turn return. If the user's credentails does not match what's in the database, we simply return a JSON object with an appropriate message.

    Chimezie Enyinnaya

    16 posts

    Software Developer [PHP Laravel JavaScript NodeJS AdonisJS VueJS] | movie lover | run http://openlaravel.com