on
laravel
- Get link
- Other Apps
- Get link
- Other Apps
Laravel Authentication api with passport
Install passport
composer require laravel/passport
Copied!
Run migrate command
php artisan migrate
Copied!
Run passport install command
php artisan passport:install
Copied!
User.php (User Model)
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Casts\Attribute;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Illuminate\Support\Facades\Hash;
use Laravel\Passport\HasApiTokens;
class User extends Authenticatable
{
use HasApiTokens, HasFactory, Notifiable;
/**
* The attributes that are mass assignable.
*
* @var array<int, string>
*/
protected $fillable = [
'name',
'email',
'mobile',
'password',
];
/**
* The attributes that should be hidden for serialization.
*
* @var array<int, string>
*/
protected $hidden = [
'password',
'remember_token',
];
/**
* The attributes that should be cast.
*
* @var array<string, string>
*/
protected $casts = [
'email_verified_at' => 'datetime',
'password' => 'hashed',
];
protected function password(): Attribute
{
return Attribute::make(
set: fn (string $value) => Hash::make($value)
);
}
}
Copied!
2014_10_12_000000_create_users_table.php (Migration)
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('users', function (Blueprint $table) {
$table->id();
$table->string('name');
$table->string('mobile')->unique();
$table->timestamp('mobile_verified_at')->nullable();
$table->string('password');
$table->rememberToken();
$table->timestamps();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('users');
}
};
Copied!
auth.php (config)
<?php
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session"
|
*/
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'users',
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expiry time is the number of minutes that each reset token will be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
| The throttle setting is the number of seconds a user must wait before
| generating more password reset tokens. This prevents the user from
| quickly generating a very large amount of password reset tokens.
|
*/
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_reset_tokens',
'expire' => 60,
'throttle' => 60,
],
],
/*
|--------------------------------------------------------------------------
| Password Confirmation Timeout
|--------------------------------------------------------------------------
|
| Here you may define the amount of seconds before a password confirmation
| times out and the user is prompted to re-enter their password via the
| confirmation screen. By default, the timeout lasts for three hours.
|
*/
'password_timeout' => 10800,
];
Copied!
api.php (Route)
<?php
use App\Http\Controllers\api\AuthController;
use App\Http\Controllers\api\ProfileController;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;
/*
|--------------------------------------------------------------------------
| API Routes
|--------------------------------------------------------------------------
|
| Here is where you can register API routes for your application. These
| routes are loaded by the RouteServiceProvider and all of them will
| be assigned to the "api" middleware group. Make something great!
|
*/
// Route::middleware('auth:sanctum')->get('/user', function (Request $request) {
// return $request->user();
// });
Route::controller(AuthController::class)->prefix('user')->group(function () {
Route::post('/signup', 'register');
Route::post('login', 'login');
});
Route::middleware('auth:api')->group(function () {
Route::controller(ProfileController::class)->prefix('user/profile')->group(function () {
Route::get('/', 'profile');
Route::get('/test','test');
});
Route::get('user/logout', [AuthController::class, 'logout']);
});
Copied!
AuthController.php
<?php
namespace App\Http\Controllers\api;
use App\Helpers\ResponseBuilder;
use App\Http\Controllers\Controller;
use App\Http\Requests\auth\LoginRequest;
use App\Http\Requests\auth\RegisterRequest;
use App\Http\Resources\UserResource;
use App\Models\User;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Log;
use Illuminate\Http\Request;
class AuthController extends Controller
{
public function register(RegisterRequest $request)
{
try {
DB::beginTransaction();
$user = User::create([
'name' => $request->name,
'mobile' => $request->mobile,
'password' => $request->password
]);
DB::commit();
$this->response = new UserResource($user);
$token = $user->createToken('authToken')->accessToken;
return ResponseBuilder::successWithToken($token, $this->response);
} catch (\Exception $e) {
Log::error($e);
dd($e);
return ResponseBuilder::error('error', $this->errorStatus);
}
}
public function login(LoginRequest $request)
{
try {
$creditional = $request->only(['mobile', 'password']);
if (auth()->attempt($creditional)) {
$token = auth()->user()->createToken('authToken')->accessToken;
$this->response = new UserResource(auth()->user());
return ResponseBuilder::successWithToken($token, $this->response,
"Login Successfully !");
}
} catch (\Exception $e) {
Log::error($e);
dd($e);
ResponseBuilder::error('error', $this->errorStatus);
}
}
public function logout(Request $request)
{
$request->user('api')->token()->revoke();
return ResponseBuilder::success(null, "Logout Successfully");
}
}
Copied!
RegisterRequest.php (Request)
<?php
namespace App\Http\Requests\auth;
use App\Helpers\ResponseBuilder;
use Illuminate\Contracts\Validation\Validator;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Http\Exceptions\HttpResponseException;
class RegisterRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*/
public function authorize(): bool
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
*/
public function rules(): array
{
return [
'name'=>'required|string',
'mobile'=>'required|min:8|max:10|unique:users,mobile',
'password'=>'required|confirmed'
];
}
protected function failedValidation(Validator $validator)
{
throw new HttpResponseException(
ResponseBuilder::error($validator->errors()->first(),400)
);
}
}
Copied!
LoginRequest.php (Request)
<?php
namespace App\Http\Requests\auth;
use App\Helpers\ResponseBuilder;
use Illuminate\Contracts\Validation\Validator;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Http\Exceptions\HttpResponseException;
class LoginRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*/
public function authorize(): bool
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array<string, \Illuminate\Contracts\Validation\ValidationRule|
array<mixed>|string>
*/
public function rules(): array
{
return [
'mobile'=>'required|exists:users,mobile',
'password'=>'required',
];
}
protected function failedValidation(Validator $validator)
{
throw new HttpResponseException(
ResponseBuilder::error($validator->errors()->first(),400)
);
}
}
Copied!
UserResource.php (Resources)
<?php
namespace App\Http\Resources;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\JsonResource;
class UserResource extends JsonResource
{
/**
* Transform the resource into an array.
*
* @return array<string, mixed>
*/
public function toArray(Request $request): array
{
return [
'name'=>$this->name,
'mobile'=>$this->mobile
];
}
}
Copied!
Comments
Post a Comment
If you any doubt of any topic then you can comment me.