Laravel Sanctum
What is Laravel Sanctum ? Laravel Sanctum provides a featherweight authentication system for SPAs (single page applications), mobile applications, and simple, token based APIs. Sanctum allows each user of your application to generate multiple API tokens for their account. These tokens may be granted abilities / scopes which specify which actions the tokens are allowed to perform.. You have to just follow a few steps to get following web services User Registarion API User Login API User Logout API Products Details API using resourse controller Getting Started Step 1: setup database in .env file
DB_DATABASE=API DB_USERNAME=root DB_PASSWORD=
Step 2:Install Laravel Sanctum.
composer require laravel/sanctum
Step 3:Publish the Sanctum configuration and migration files .
php artisan vendor:publish --provider="Laravel\Sanctum\SanctumServiceProvider"
Step 4:Run your database migrations.
php artisan migrate
Step 5:Add the Sanctum's middleware.
../app/Http/Kernel.php
use Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful;
...
protected $middlewareGroups = [
...
'api' => [
EnsureFrontendRequestsAreStateful::class,
'throttle:60,1',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
];
...
],
Step 6:To use tokens for users.
use Laravel\Sanctum\HasApiTokens;
class User extends Authenticatable { use HasApiTokens, Notifiable; }
Step 7:Let's create the seeder for the User model
php artisan make:seeder UsersTableSeeder
Step 8:Now let's insert as record
use Illuminate\Support\Facades\DB; use Illuminate\Support\Facades\Hash; ... ... DB::table('users')->insert([ 'name' => 'John Doe', 'email' => '[email protected]', 'password' => Hash::make('password') ]);
Step 9:To seed users table with user
php artisan db:seed --class=UsersTableSeeder
Step 10: create a controller nad /login route in the routes/api.php file:
email)->first(); // print_r($data); if (!$user || !Hash::check($request->password, $user->password)) { return response([ 'message' => ['These credentials do not match our records.'] ], 404); } $token = $user->createToken('my-app-token')->plainTextToken; $response = [ 'user' => $user, 'token' => $token ]; return response($response, 201); } } Step 11: Test with postman, Result will be below { "user": { "id": 8, "name": "Dhawal", "email": "[email protected]", "email_verified_at": null, "created_at": "2023-05-08T06:42:28.000000Z", "updated_at": "2023-05-08T06:42:28.000000Z" }, "token": "11|YRpFwqzNqEFOVnRTHM8vT0Z60gIRWs6BaOxHtGNo" } Step 11: Make Details API or any other with secure route Route::group(['middleware' => 'auth:sanctum'], function(){ //All secure URL's }); Route::post("login",[UserController::class,'index']);