How to integrate passport API in Laravel
This tutorial is for How to integrate passport API in Laravel. Laravel already makes authentication via traditional login forms. Laravel makes API authentication using Laravel Passport, which provides a default full OAuth2 server implementation for your Laravel application.
This tutorial will teach you how to create and secure your Laravel back-end API using Laravel passport. Laravel passport package to authenticate your application APIs. we will use the task that includes the creation and validation of tokens. We create your Laravel application APIs and secure them using the Laravel passport. Laravel Passport comes with the database setup to store its access tokens and 0Auth2 client activities.
We use the Postman application to test application RESTful APIs. You should be familiar with GET, POST, PUT, DELETE, and CREATE operations.
Installing the package then migrate your database. The Passport migrations will create the tables your application needs to store access tokens.
Install Laravel Passport Package
composer require laravel/passportAdd Service
#config/app.php
'providers' =>[
...
Laravel\Passport\PassportServiceProvider::class,
...
],php artisan migrateGenerate keys
php artisan passport:installConfiger Passport
#app\User.php
use Laravel\Passport\HasApiTokens;//added
class User extends Authenticatable
{
use Notifiable, HasApiTokens;//added
}Passport Service provides
#app\Providers\AppServiceProvider.php
use Laravel\Passport\Passport;//added
public function boot() {
Passport::routes();/added
}Api driver add
/* config/auth.php */
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',//added
'provider' => 'users',
],
],Create API Routes
#app/routes/api.php
Route::group(['prefix' => 'auth'], function () {
Route::post('login', 'AuthController@login');
Route::post('signup', 'AuthController@signup');
Route::group(['middleware' => 'auth:api'], function() {
Route::get('logout', 'AuthController@logout');
Route::get('user', 'AuthController@user');
});
});Create Controller
#app/Http?Controllers/AuthController.php
use App\User;
class AuthController extends Controller {
public function signup(Request $request) {
$request->validate([
'name' => 'required|string',
'email' => 'required|string|email|unique:users',
'password' => 'required|string|confirmed'
]);
$user = new User([
'name' => $request->name,
'email' => $request->email,
'password' => bcrypt($request->password)
]);
$user->save();
return response()->json([
'message' => 'Successfully Insert user!'
], 201);
}
public function login(Request $request) {
$request->validate([
'email' => 'required|string|email',
'password' => 'required|string',
'remember_me' => 'boolean'
]);
$credentials = request(['email', 'password']);
if(!Auth::attempt($credentials))
return response()->json([
'message' => 'Unauthorized'
], 401);
$user = $request->user();
$tokenResult = $user->createToken('Personal Access Token');
$token = $tokenResult->token;
if ($request->remember_me)
$token->expires_at = Carbon::now()->addWeeks(1);
$token->save();
return response()->json([
'access_token' => $tokenResult->accessToken,
'token_type' => 'Bearer',
'expires_at' => Carbon::parse(
$tokenResult->token->expires_at
)->toDateTimeString()
]);
}
public function logout(Request $request) {
$request->user()->token()->revoke();
return response()->json([
'message' => 'Successfully logout'
]);
}
public function user(Request $request) {
return response()->json($request->user());
}
}Now run the API
https://devnote.in/api/login
