Laravel Sanctum

What is Laravel Sanctum ? Laravel Sanctum provides a featherweight authentication system for SPAs (single page applications), mobile applications, and simple, token based APIs. Sanctum allows each user of your application to generate multiple API tokens for their account. These tokens may be granted abilities / scopes which specify which actions the tokens are allowed to perform.. You have to just follow a few steps to get following web services User Registarion API User Login API User Logout API Products Details API using resourse controller Getting Started Step 1: setup database in .env file

DB_DATABASE=API DB_USERNAME=root DB_PASSWORD=

Step 2:Install Laravel Sanctum.

composer require laravel/sanctum

Step 3:Publish the Sanctum configuration and migration files .

php artisan vendor:publish --provider="Laravel\Sanctum\SanctumServiceProvider"

Step 4:Run your database migrations.

php artisan migrate

Step 5:Add the Sanctum's middleware.

../app/Http/Kernel.php

use Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful;

...

protected $middlewareGroups = [
    ...

    'api' => [
        EnsureFrontendRequestsAreStateful::class,
        'throttle:60,1',
        \Illuminate\Routing\Middleware\SubstituteBindings::class,
    ],
];

...

],

Step 6:To use tokens for users.

use Laravel\Sanctum\HasApiTokens;

class User extends Authenticatable { use HasApiTokens, Notifiable; }

Step 7:Let's create the seeder for the User model

php artisan make:seeder UsersTableSeeder

Step 8:Now let's insert as record

use Illuminate\Support\Facades\DB; use Illuminate\Support\Facades\Hash; ... ... DB::table('users')->insert([ 'name' => 'John Doe', 'email' => '[email protected]', 'password' => Hash::make('password') ]);

Step 9:To seed users table with user

php artisan db:seed --class=UsersTableSeeder

Step 10: create a controller nad /login route in the routes/api.php file:

email)->first(); // print_r($data); if (!$user || !Hash::check($request->password, $user->password)) { return response([ 'message' => ['These credentials do not match our records.'] ], 404); } $token = $user->createToken('my-app-token')->plainTextToken; $response = [ 'user' => $user, 'token' => $token ]; return response($response, 201); } } Step 11: Test with postman, Result will be below { "user": { "id": 8, "name": "Dhawal", "email": "[email protected]", "email_verified_at": null, "created_at": "2023-05-08T06:42:28.000000Z", "updated_at": "2023-05-08T06:42:28.000000Z" }, "token": "11|YRpFwqzNqEFOVnRTHM8vT0Z60gIRWs6BaOxHtGNo" } Step 11: Make Details API or any other with secure route Route::group(['middleware' => 'auth:sanctum'], function(){ //All secure URL's }); Route::post("login",[UserController::class,'index']);