Laravel: Setup Laravel Passport
Laravel Passport provides a full OAuth2 server implementation for your Laravel application in a matter of minutes. Passport is built on top of the League OAuth2 server that is maintained by Andy Millington and Simon Hamp.
{
'Accept': 'application/json'
}
Generate the middleware using artisan
php artisan make:middleware ForceJsonRequestMiddleware
Content of ForceJsonRequestMiddleware.php in handle() function. The file locate at App/Http/Middleware/ForceJsonRequestMiddleware.php.
$request->headers->set('Accept', 'application/json');
return $next($request);
Register the middleware to $routeMiddleware array at app/Http/Kernel.php.
'json.response' => \App\Http\Middleware\ForceJsonRequestMiddleware::class,
Then, we’ll also add it to the $middleware array in the same file:
\App\Http\Middleware\ForceJsonRequestMiddleware::class,
That would make sure that the ForceJsonRequestMiddleware middleware is run on every request.
php artisan make:middleware CorsMiddleware
Update the handle() function:
return $next($request)
->header('Access-Control-Allow-Origin', '*')
->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
->header('Access-Control-Allow-Headers', 'X-Requested-With, Content-Type, X-Token-Auth, Authorization');
Register the middleware to $routeMiddleware array at app/Http/Kernel.php.
'cors' => \App\Http\Middleware\CorsMiddleware::class,
Then, we’ll also add it to the $middleware array in the same file:
\App\Http\Middleware\CorsMiddleware::class,
We can use the middlewares in our api.php routing like:
Route::group(['middleware' => ['cors', 'json.response']], function () {
// route path...
});
composer require laravel/passport
Migrating the tables
php artisan migrate
Generate secure access token using artisan
php artisan passport:install
Updating User model
<?php
namespace App\Models;
...
use Laravel\Passport\HasApiTokens; //add the namespace
class User extends Authenticatable
{
use HasApiTokens, HasFactory, Notifiable; //use it here
}
Registering passport routes to AuthServiceProvider, place at boot() function
if (!$this->app->routesAreCached()) {
Passport::routes();
}
Add passport TokenGuard at config/auth.php
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport', //update this line
'provider' => 'users',
],
],
php artisan make:controller Api/AuthController
At top of the controller don’t forget to import used depedencies
use Illuminate\Support\Facades\Validator;
public function login(Request $request) {
$validator = Validator::make($request->all(), [
'email' => 'required|email',
'password' => 'required'
]);
if ($validator->fails()) {
return response()->json([
'success' => false,
'msg' => $validator->errors()->all(),
'data' => []
], 422);
}
$data = $request->only('email', 'password');
if (!auth()->attempt($data)) {
return response()->json([
'success' => false,
'msg' => 'Invalid email or password',
'data' => []
]);
}
$token = auth()->user()->createToken('API Token')->accessToken;
return response()->json([
'success' => true,
'msg' => 'Logged in user data',
'data' => [
'profile' => auth()->user(),
'token' => $token
]
]);
}
public function logout(Request $request)
{
$token = $request->user()->token();
$token->revoke();
return response()->json([
'success' => true,
'msg' => 'You have been successfully logged out',
'data' => []
]);
}
Route::group(['middleware' => ['cors', 'json.response']], function () {
Route::post('/login', [AuthController::class, 'login']);
Route::middleware('auth:api')->group(function () {
Route::post('/logout', [AuthController::class, 'logout']);
});
});
Done!!!!