In this post, I am going to explain how to use sanctum api in laravel 8. Laravel 8 Sanctum provides a simple authentication system for SPAs (Single page applications), mobile applications token based APIs.
Sanctum API allows each user of your application to generate multiple API tokens for their account. You can create mobile based API using sanctum, its provide fully restful api and for use in laravel to follow basic steps which is given below.
Step 1: Install Laravel 8
In this step I am going to explain how to install fresh laravel 8, If you have already istalled then ignore installation steps, I am going to explain from scratch so, we need to get fresh Laravel 8 application using bellow command, So open your terminal OR command prompt and run bellow command:
1 2 3 | composer create-project --prefer-dist laravel/laravel blog |
Step 2: Install Sanctum
In this step we need to install sanctum via the Composer package manager, so open your terminal and fire bellow command:
1 2 3 | composer require laravel/sanctum |
After successfully installation of package, we need to publish configuration file for that just use below command.
1 2 3 | php artisan vendor:publish --provider="Laravel\Sanctum\SanctumServiceProvider" |
we require to get default migration for create new sanctum tables in our database. so let’s run bellow command.
1 2 3 | php artisan migrate |
Next, we need to add middleware for sanctum api, so let’s add as like bellow:
app/Http/Kernel.php
1 2 3 4 5 6 7 8 9 | .... 'api' => [ \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class, 'throttle:api', \Illuminate\Routing\Middleware\SubstituteBindings::class, ], |
Step 3: Sanctum Configuration
In this step, we need to configuration on three place model, service provider and auth config file.
In model we added HasApiTokens class of Sanctum,
In auth.php, we added api auth configuration.
app/Models/User.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 | <?php namespace App\Models; use Illuminate\Contracts\Auth\MustVerifyEmail; use Illuminate\Database\Eloquent\Factories\HasFactory; use Illuminate\Foundation\Auth\User as Authenticatable; use Illuminate\Notifications\Notifiable; use Laravel\Sanctum\HasApiTokens; class User extends Authenticatable { use HasFactory, Notifiable, HasApiTokens; /** * The attributes that are mass assignable. * * @var array */ protected $fillable = [ 'name', 'email', 'password', ]; /** * The attributes that should be hidden for arrays. * * @var array */ protected $hidden = [ 'password', 'remember_token', ]; /** * The attributes that should be cast to native types. * * @var array */ protected $casts = [ 'email_verified_at' => 'datetime', ]; } |
Step 4: Add Post Table and Model
Now, we need to create migration for posts table using Laravel 8 php artisan command, so first fire bellow command:
1 2 3 | php artisan make:migration create_posts_table |
After this command you will find one file in following path database/migrations and you have to put bellow code in your migration file for create posts table.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 | <?php use Illuminate\Support\Facades\Schema; use Illuminate\Database\Schema\Blueprint; use Illuminate\Database\Migrations\Migration; class CreatePostsTable extends Migration { /** * Run the migrations. * * @return void */ public function up() { Schema::create('posts', function (Blueprint $table) { $table->id(); $table->string('title'); $table->text('detail'); $table->timestamps(); }); } /** * Reverse the migrations. * * @return void */ public function down() { Schema::dropIfExists('posts'); } } |
After create migration we need to migrate for creating database table for posts using migrate command.
1 2 3 | php artisan migrate |
app/Models/Post.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | <?php namespace App\Models; use Illuminate\Database\Eloquent\Factories\HasFactory; use Illuminate\Database\Eloquent\Model; class Post extends Model { use HasFactory; /** * The attributes that are mass assignable. * * @var array */ protected $fillable = [ 'title', 'detail' ]; } |
Step 5: Create API Routes
In this step, we will create api routes. Laravel provide api.php file for write web services route. So, let’s add new route on that file.
routes/api.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 | <?php use Illuminate\Http\Request; use Illuminate\Support\Facades\Route; use App\Http\Controllers\API\RegisterController; use App\Http\Controllers\API\PostController; /* |-------------------------------------------------------------------------- | API Routes |-------------------------------------------------------------------------- | | Here is where you can register API routes for your application. These | routes are loaded by the RouteServiceProvider within a group which | is assigned the "api" middleware group. Enjoy building your API! | */ Route::post('register', [RegisterController::class, 'register']); Route::post('login', [RegisterController::class, 'login']); Route::middleware('auth:sanctum')->group( function () { Route::resource('posts', PostController::class); }); |
Step 6: Create Post Controller Files
In this step, now we need to create new controller as BaseController, PostController and RegisterController, i created new folder “API” in Controllers folder because we will make alone APIs controller, So let’s create both controller:
app/Http/Controllers/API/BaseController.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 | <?php namespace App\Http\Controllers\API; use Illuminate\Http\Request; use App\Http\Controllers\Controller as Controller; class BaseController extends Controller { /** * success response method. * * @return \Illuminate\Http\Response */ public function sendResponse($result, $message) { $response = [ 'success' => true, 'data' => $result, 'message' => $message, ]; return response()->json($response, 200); } /** * return error response. * * @return \Illuminate\Http\Response */ public function sendError($error, $errorMessages = [], $code = 404) { $response = [ 'success' => false, 'message' => $error, ]; if(!empty($errorMessages)){ $response['data'] = $errorMessages; } return response()->json($response, $code); } } |
app/Http/Controllers/API/RegisterController.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 | <?php namespace App\Http\Controllers\API; use Illuminate\Http\Request; use App\Http\Controllers\API\BaseController as BaseController; use App\Models\User; use Illuminate\Support\Facades\Auth; use Validator; class RegisterController extends BaseController { /** * Register api * * @return \Illuminate\Http\Response */ public function register(Request $request) { $validator = Validator::make($request->all(), [ 'name' => 'required', 'email' => 'required|email', 'password' => 'required', 'c_password' => 'required|same:password', ]); if($validator->fails()){ return $this->sendError('Validation Error.', $validator->errors()); } $input = $request->all(); $input['password'] = bcrypt($input['password']); $user = User::create($input); $success['token'] = $user->createToken('MyApp')->plainTextToken; $success['name'] = $user->name; return $this->sendResponse($success, 'User register successfully.'); } /** * Login api * * @return \Illuminate\Http\Response */ public function login(Request $request) { if(Auth::attempt(['email' => $request->email, 'password' => $request->password])){ $user = Auth::user(); $success['token'] = $user->createToken('MyApp')->plainTextToken; $success['name'] = $user->name; return $this->sendResponse($success, 'User login successfully.'); } else{ return $this->sendError('Unauthorised.', ['error'=>'Unauthorised']); } } } |
app/Http/Controllers/API/PostController.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 | <?php namespace App\Http\Controllers\API; use Illuminate\Http\Request; use App\Http\Controllers\API\BaseController as BaseController; use App\Models\Post; use Validator; use App\Http\Resources\Post as PostResource; class PostController extends BaseController { /** * Display a listing of the resource. * * @return \Illuminate\Http\Response */ public function index() { $posts = Post::all(); return $this->sendResponse(PostResource::collection($posts), 'Posts retrieved successfully.'); } /** * Store a newly created resource in storage. * * @param \Illuminate\Http\Request $request * @return \Illuminate\Http\Response */ public function store(Request $request) { $input = $request->all(); $validator = Validator::make($input, [ 'title' => 'required', 'detail' => 'required' ]); if($validator->fails()){ return $this->sendError('Validation Error.', $validator->errors()); } $post = Post::create($input); return $this->sendResponse(new PostResource($post), 'Post created successfully.'); } /** * Display the specified resource. * * @param int $id * @return \Illuminate\Http\Response */ public function show($id) { $post = Post::find($id); if (is_null($post)) { return $this->sendError('Post not found.'); } return $this->sendResponse(new PostResource($post), 'Post retrieved successfully.'); } /** * Update the specified resource in storage. * * @param \Illuminate\Http\Request $request * @param int $id * @return \Illuminate\Http\Response */ public function update(Request $request, Post $post) { $input = $request->all(); $validator = Validator::make($input, [ 'title' => 'required', 'detail' => 'required' ]); if($validator->fails()){ return $this->sendError('Validation Error.', $validator->errors()); } $post->title = $input['title']; $post->detail = $input['detail']; $post->save(); return $this->sendResponse(new PostResource($post), 'Post updated successfully.'); } /** * Remove the specified resource from storage. * * @param int $id * @return \Illuminate\Http\Response */ public function destroy(Post $post) { $post->delete(); return $this->sendResponse([], 'Post deleted successfully.'); } } |
Step 7: Create Eloquent API Resources
This is a very important step of creating rest api in laravel 8. you can use eloquent api resources with api. it will helps you to make same response layout of your model object. we used in PostController file. now we have to create it using following command:
1 2 3 | php artisan make:resource Post |
app/Http/Resources/Post.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 | <?php namespace App\Http\Resources; use Illuminate\Http\Resources\Json\JsonResource; class Post extends JsonResource { /** * Transform the resource into an array. * * @param \Illuminate\Http\Request $request * @return array */ public function toArray($request) { return [ 'id' => $this->id, 'title' => $this->title, 'detail' => $this->detail, 'created_at' => $this->created_at->format('d/m/Y'), 'updated_at' => $this->updated_at->format('d/m/Y'), ]; } } |
Now we are ready to to run full restful api and also passport api in laravel. so let’s run our example so run bellow command for quick run:
1 2 3 | php artisan serve |
I hope you found your best…
I’m a full-stack developer. My hobby and profession to write blog and programming tips that helps to others. I am a great admirer of PHP, Laravel, Codeigniter, AngularJS, Vue.js, Javascript, JQuery, WordPress, Plugin Development, Theme Development and Bootstrap from the early stage.
Leave a Reply