In this post, I’m going to share how to build REST API web services authentication in Laravel 5 application using API Passport package. Nowadays Web services are very necessary while we are creating Web and Mobile application developing for multiple platform purpose. We need to create API for our mobile application developer. We understand Laravel is very popular and popular because of secure API. Laravel provides Passport package for secure API authentication. Passport package provides OAuth2, JWT authentication to access the web server using API.
Most of the single page applications (or SPAs) enhancing very familiar and very quickly we see an increasing want to attach APIs for every process in it. Most organizations use the first step by building a simple and quick REST API. I write Laravel script that makes a simple and quick REST API from your MySQL Database tables with login and register with user list view API services.Step 1: Install Laravel
Here, we need new Laravel application for API passport implementation and demonstration. the following command helps to create a new application.
1 |
composer create-project --prefer-dist laravel/laravel myLaravel |
Step 2: Install Package
In this step, we have to download laravel/passport package goto your command and run the following command
1 |
composer require laravel/passport |
Step 3: Make configuration for application
This step, we need to configure package provider in config/app.php file and add following service provider.
1 2 3 4 5 |
'providers' => [ .... .... Laravel\Passport\PassportServiceProvider::class, ], |
Step 4: Run Migration and Install Passport
After registering Passport service provider, we need to run the migrations and it will create new tables in our database.
1 2 3 |
php artisan make:auth php artisan migrate |
Step 5: Install Passport Package
This step, we want to download and install Laravel Passport package using the following command, it will install and create new token keys for security in a database.
1 |
php artisan passport:install |
Step 6: Passport Configuration
Here, we should configuration in three place Model, Service provider, and Auth config file. In model, we need to include HasApiTokens class of Passport and use HasApiTokens in our model.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 |
<?php namespace App; use Laravel\Passport\HasApiTokens; use Illuminate\Notifications\Notifiable; use Illuminate\Foundation\Auth\User as Authenticatable; class User extends Authenticatable { use Notifiable,HasApiTokens; /** * The attributes that are mass assignable. * * @var array */ protected $fillable = [ 'name', 'email', 'password', ]; /** * The attributes that should be hidden for arrays. * * @var array */ protected $hidden = [ 'password', 'remember_token', ]; } |
Then we need to include passport class and add routes “Passport::routes()” in boot method in AuthServiceProvider.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
<?php namespace App\Providers; use Laravel\Passport\Passport; use Illuminate\Support\Facades\Gate; use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider; class AuthServiceProvider extends ServiceProvider { /** * The policy mappings for the application. * * @var array */ protected $policies = [ 'App\Model' => 'App\Policies\ModelPolicy', ]; /** * Register any authentication / authorization services. * * @return void */ public function boot() { $this->registerPolicies(); Passport::routes(); } } |
and also, we need to modify API driver details with passport and provider as users in auth.php.
1 2 3 4 5 6 7 8 9 10 11 |
'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'api' => [ 'driver' => 'passport', 'provider' => 'users', ], ], |
Step 7: Create API Route in routes/api.php
Here we will add new API routes to access the laravel application and following routes are help us to make web service using a passport.
1 2 3 4 5 |
Route::post('userLogin', 'UserController@userLogin'); Route::post('userRegister', 'UserController@userRegister'); Route::group(['middleware' => 'auth:api'], function(){ Route::get('userDetails', 'UserController@userDetails'); }); |
Step 8: Create Controller & Methods
In this step, we have to add a new user controller and three methods for API request handler, following code help us to make API access in our application.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 |
<?php namespace App\Http\Controllers; use Illuminate\Http\Request; use App\Http\Controllers\Controller; use Auth; use Validator; use App\User; class UserController extends Controller { public function userLogin(Request $request){ $validator = Validator::make($request->all(), [ 'email' => 'required|email', 'password' => 'required' ]); if ($validator->fails()) { return response()->json(['error'=>$validator->errors()], 401); } if(Auth::attempt(['email' => request('email'), 'password' => request('password')])){ $user = Auth::user(); $success['token'] = $user->createToken('MyApp')->accessToken; return response()->json(['success' => $success], 200); } else{ return response()->json(['error'=>'Unauthorised'], 401); } } public function userRegister(Request $request) { $validator = Validator::make($request->all(), [ 'name' => 'required', 'email' => 'required|email', 'password' => 'required', 'c_password' => 'required|same:password', ]); if ($validator->fails()) { return response()->json(['error'=>$validator->errors()], 401); } $input = $request->all(); $input['password'] = bcrypt($input['password']); $user = User::create($input); $success['token'] = $user->createToken('MyApp')->accessToken; $success['name'] = $user->name; return response()->json(['success'=>$success], 200); } public function userDetails() { $users = User::get(); return response()->json(['success' => $users], 200); } } |