googleads
Create A REST API In Laravel With Authentication Using Passport
Laravel Web Development

Create A REST API In Laravel With Authentication Using Passport

APIs will always use tokens to authenticate users. The reason behind this approach is, usually, there is no session state provided between the requests. To avoid this, Laravel introduced Laravel Passport which makes API authentication an easy task by providing a full OAuth2 server implementation for the entire application.

In this tutorial, we are going to discuss about how we can write REST API in Laravel with Passport authentication. As we all know, REST is the most efficient and widely used standard for API creation. Laravel is also evolved as the best supporting platform for creating APIs. Authentication of APIs are very imperial factor for any application so to achieve the high-level authentication Laravel uses a powerful concept called ‘Laravel Passport’.

Let’s see how we can create a REST API in Laravel with authentication using passport,

Create A Fresh Application

Will start with creating a new Laravel application, now run the following command to create the application

 

After that, we have to install Passport package using the following command

 

Once the package is installed, we have to update the config/app.php file by adding the following service provider

config/app.php

 

After the successful registration of passport service provider, we have to run migration files. It will add several new tables in the database. To run the migration, use the following command

 

Next is the process of installing a passport in our application. We can use the following command to install a passport.

 

We need to generate encryption keys to get a secure access token and you can create it by running the above command.

In next step, we have to configure passport. We have to make changes in three files to do the passport configuration.

  1. Add the Laravel\Passport\HasApiTokens trait to the App\User model. It will provide some helper methods to our model, which is helpful for us to check the authenticated user’s token and scopes. 

 

Best To Read: Top 10 Laravel Blogs You Must Not Miss

 

app/user.php

 

 

  1. We have to add the Passport::routes method in the boot method of the AuthServiceProvider. The reason why we are adding it here is, that it will register the necessary routes that are required to issue access and revoke the access tokens.
 

 

  1. Next, in our config/auth.php file, we have to set the driver option from “API authentication guard” to passport. This will enable our application to use the Passport’s token guard at the time of authenticating API requests.
 

Create API Routes 

Next step is to create API routes, Laravel provides api.php file for writing all the web services route which you can find it inside the route directory. 

 

Create Controller 

We need to create a controller and some API methods inside the controller.

 

Related: How To Create A Custom Validation Rule In Laravel

 

Testing API

We have various client tools to test but here I am preferably using Postman so I have attached the screenshots for your reference below.  And, one thing we have to note down here is that for both signup and login APIs, we have to set the header as below:

Accept: application/json

Sign up

Login

Though Laravel’s token system was fine enough—but it wasn’t much secure. But Passport mechanism we have discussed here will provide full OAuth2 server implementation for your Laravel application. I hope this article will give you a clear idea on implementing Laravel Passport API authentication.

Like to read more from Laravel Developers? Don’t miss out to read more from the great minds in the industry!

Contact us today to get free 20 hrs of consulting & proof of concept from experts” 

 

The following two tabs change content below.

Nithin Kumar C N

Passionate Senior Software Developer, Expert in PHP, Laravel, JQuery, Angular, With 6 years of experience in web development, he strongly committed himself in delivering authentic applications. Also, he continuously update himself with new technologies & features which drives him to come up with blogs on unique topic.

Leave a Reply

Your email address will not be published. Required fields are marked *