Skip to content

Instantly share code, notes, and snippets.

@deepak-cotocus

deepak-cotocus/Create-Rest-API-with-Laravel-5.5-Passport-Authentication.md

Last active August 22, 2020 05:18
Show Gist options
  • Save deepak-cotocus/de9d30afd33a46ea4fb535eaeb6a7fec to your computer and use it in GitHub Desktop.
Save deepak-cotocus/de9d30afd33a46ea4fb535eaeb6a7fec to your computer and use it in GitHub Desktop.
Download ZIP
How to Create API Rest with Laravel 5.5 Passport Authentication (Part 1)
Raw
Create-Rest-API-with-Laravel-5.5-Passport-Authentication.md

LARAVEL already makes it easy to perform authentication via traditional login forms, but what about APIs? APIs typically use tokens to authenticate users and do not maintain session state between requests. Laravel makes API authentication a breeze using Laravel Passport, which provides a full OAuth2 server implementation for your Laravel application in a matter of minutes. Passport is built on top of the League OAuth2 server that is maintained by Alex Bilbie.

STEP 1: Installation

install Passport via the Composer package manager: composer require laravel/passport=~4.0

STEP 2: Migrate yore Database

The Passport service provider registers its own database migration directory with the framework, so you should migrate your database after registering the provider. The Passport migrations will create the tables your application needs to store clients and access tokens: php artisan migrate

STEP 3:

command to create the encryption keys needed to generate secure access tokens. In addition, the command will create "personal access" and "password grant" clients which will be used to generate access tokens: php artisan passport:install

STEP 4:

After running this command, add the Laravel\Passport\HasApiTokens trait to your App\User model. This trait will provide a few helper methods to your model which allow you to inspect the authenticated user's token and scopes:

<?php

namespace App;

use Laravel\Passport\HasApiTokens;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use HasApiTokens, Notifiable;
}

STEP 5:

Next, you should call the Passport::routes method within the boot method of your AuthServiceProvider. This method will register the routes necessary to issue access tokens and revoke access tokens, clients, and personal access tokens:

<?php

namespace App\Providers;

use Laravel\Passport\Passport;
use Illuminate\Support\Facades\Gate;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;

class AuthServiceProvider extends ServiceProvider
{
    /**
     * The policy mappings for the application.
     *
     * @var array
     */
    protected $policies = [
        'App\Model' => 'App\Policies\ModelPolicy',
    ];

    /**
     * Register any authentication / authorization services.
     *
     * @return void
     */
    public function boot()
    {
        $this->registerPolicies();

        Passport::routes();
    }
}

STEP 6:

Finally, in your config/auth.php configuration file, you should set the driver option of the api authentication guard to passport. This will instruct your application to use Passport's TokenGuard when authenticating incoming API requests:

'guards' => [
    'web' => [
        'driver' => 'session',
        'provider' => 'users',
    ],

    'api' => [
        'driver' => 'passport',
        'provider' => 'users',
    ],
],

My basic recommendation for learning : API Authentication (Passport)

Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment