Introduction Laravel passport ~ MixBoxlk

Sunday, February 11, 2018

Introduction Laravel passport

prabhath wijesinghe Sunday, February 11, 2018 API, Laravel, Passport, PHP, Postman No comments

API using token base authentication not session states. Laravel passport will make it easy to handle token between user and server.

Install Passport

To start install passport via composer.

composer require laravel/passport

Create respective database tables

php artisan migrate

Then you should run passport:install command. This command will generate access keys to generate secure access tokens. in addition the command will create personal access and password grant client which will be used to generate access token.

php artisan passport:install

Passport configure

1. In User model add HasApiTokens class of passport

namespace App;

use Laravel\Passport\HasApiTokens;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
use HasApiTokens, Notifiable;

/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name', 'email', 'password',
];

/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password', 'remember_token',
];
}

2. Add Passport::routes() to AuthServiceProviders

namespace App\Providers;

use Laravel\Passport\Passport;
use Illuminate\Support\Facades\Gate;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;

class AuthServiceProvider extends ServiceProvider
{
/**
* The policy mappings for the application.
*
* @var array
*/
protected $policies = [
'App\Model' => 'App\Policies\ModelPolicy',
];

/**
* Register any authentication / authorization services.
*
* @return void
*/
public function boot()
{
$this->registerPolicies();
Passport::routes();
}
}

3. Add passport driver to Config/Auth.php

return [
.....
.....
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'users',
],
],
.....
.....
]

4. Create routes in Routes/Api.php

Route::post('login', 'API\PassportController@login');
Route::post('register', 'API\PassportController@register');

Route::group(['middleware' => 'auth:api'], function(){
Route::post('get-details', 'API\PassportController@getDetails');
});

5. Create controller

Then create PassportController.php in app/Http/Controllers/API/ root.

namespace App\Http\Controllers\API;

use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use App\User;
use Illuminate\Support\Facades\Auth;
use Validator;

class PassportController extends Controller
{

public $successStatus = 200;

/**
* login api
*
* @return \Illuminate\Http\Response
*/
public function login(){
if(Auth::attempt(['email' => request('email'), 'password' => request('password')])){
$user = Auth::user();
$success['token'] = $user->createToken('MyApp')->accessToken;
return response()->json(['success' => $success], $this->successStatus);
}
else{
return response()->json(['error'=>'Unauthorised'], 401);
}
}

/**
* Register api
*
* @return \Illuminate\Http\Response
*/
public function register(Request $request)
{
$validator = Validator::make($request->all(), [
'name' => 'required',
'email' => 'required|email',
'password' => 'required',
'c_password' => 'required|same:password',
]);

if ($validator->fails()) {
return response()->json(['error'=>$validator->errors()], 401);
}

$input = $request->all();
$input['password'] = bcrypt($input['password']);
$user = User::create($input);
$success['token'] = $user->createToken('MyApp')->accessToken;
$success['name'] = $user->name;

return response()->json(['success'=>$success], $this->successStatus);
}

/**
* details api
*
* @return \Illuminate\Http\Response
*/
public function getDetails()
{
$user = Auth::user();
return response()->json(['success' => $user], $this->successStatus);
}
}

Run php artisan serve to run server.

For API testing we can use Postman.

Next article we will give introduction about Postman.

Sunday, February 11, 2018