Laravel 9 rest api with passport authentication tutorial
Next, install the Laravel Passport package with Composer:
composer require laravel/passport
After successful installation, open the config/app.php
file and add Passport's Service Provider to the providers section:
'providers' =>[
Laravel\Passport\PassportServiceProvider::class,
],
Step 3: Run Migration and Installation
After registering the Service Provider, we'll create tables in the database by running the Migration command:
php artisan migrate
Then, install Passport using the following command:
php artisan passport:install
Step 4: Configure Passport
Configure Passport in the Laravel application. Open the app/User.php
file and add the HasApiTokens
trait to the User model:
<?php
namespace App;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Laravel\Passport\HasApiTokens;
class User extends Authenticatable
{
use HasApiTokens, Notifiable;
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name', 'email', 'password',
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password', 'remember_token',
];
}
Next, in app/Providers/AuthServiceProvider.php
, register Passport's routes:
<?php
namespace App\Providers;
use Illuminate\Support\Facades\Gate;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Laravel\Passport\Passport;
class AuthServiceProvider extends ServiceProvider
{
/**
* The policy mappings for the application.
*
* @var array
*/
protected $policies = [
'App\Model' => 'App\Policies\ModelPolicy',
];
/**
* Register any authentication / authorization services.
*
* @return void
*/
public function boot()
{
$this->registerPolicies();
Passport::routes();
}
}
Finally, configure Passport in config/auth.php
:
<?php
return [
...
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'users',
],
],
...
];
Step 5: Create API Routes
In this step, we'll create API routes. Open the routes/api.php
file and define the API routes for your application:
<?php
use Illuminate\Http\Request;
/*
|--------------------------------------------------------------------------
| API Routes
|--------------------------------------------------------------------------
|
| Here is where you can register API routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| is assigned the "api" middleware group. Enjoy building your API!
|
*/
Route::middleware('auth:api')->get('/user', function (Request $request) {
return $request->user();
});
Route::post('login', 'api\UserController@login');
Route::post('register', 'api\UserController@register');
Route::group(['middleware' => 'auth:api'], function() {
Route::post('details', 'api\UserController@details');
});
Step 6: Create the Controller
Finally, we'll create the UserController to handle API requests. Use the following Artisan command:
php artisan make:controller API/UserController
To test the Details API, you need to set the following headers:
<?php
namespace App\Http\Controllers\API;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use App\User;
use Illuminate\Support\Facades\Auth;
use Validator;
class UserController extends Controller
{
public $successStatus = 200;
/**
* login api
*
* @return \Illuminate\Http\Response
*/
public function login()
{
if (Auth::attempt(
[
'email' => request('email'),
'password' => request('password')
]
)) {
$user = Auth::user();
$success['token'] = $user->createToken('MyApp')->accessToken;
return response()->json(
[
'success' => $success
],
$this->successStatus
);
}
else {
return response()->json(
[
'error' => 'Unauthorised'
], 401);
}
}
/**
* Register api
*
* @return \Illuminate\Http\Response
*/
public function register(Request $request)
{
$validator = Validator::make($request->all(),
[
'name' => 'required',
'email' => 'required|email',
'password' => 'required',
'c_password' => 'required|same:password',
]
);
if ($validator->fails()) {
return response()->json(
[
'error' => $validator->errors()
], 401);
}
$input = $request->all();
$input['password'] = bcrypt($input['password']);
$user = User::create($input);
$success['token'] = $user->createToken('MyApp')->accessToken;
$success['name'] = $user->name;
return response()->json(
[
'success' => $success
],
$this->successStatus
);
}
/**
* details api
*
* @return \Illuminate\Http\Response
*/
public function details()
{
$user = Auth::user();
return response()->json(
[
'success' => $user
],
$this->successStatus
);
}
}
Conclusion
So we've completed the tutorial for today. It's been a while since I've dived back into Laravel, and this is a great opportunity to refresh the basics. Hopefully, through this article, newcomers or those exploring Passport will have a clearer understanding and know how to apply it in their projects.
Thank you for taking the time to read my article!