Most systems nowadays require authentication to access the resources. For API we use tokens to authenticate the users and do not maintain the session state between the requests. Laravel provides the package “Passport” for API authentication, which provides the OAuth2 server implementation for the application.
composer require laravel/passport php artisan migrate php artisan passport:install
Models/User.php
use Laravel\Passport\HasApiTokens;
app/providers/authserviceproviders.php
use Laravel\Passport\Passport;
protected $policies = [
'App\Models\Model' => 'App\policies\ModelPolicy'
];
config/auth.php
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'users'
],
]
namespace App\Http\Controllers\API;
namespace App\Http\Controllers\API;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request
use App\Models\User;
function register(Request $request){
$user = User::create([
'name' => $request->name,
'email' => $request->email,
'password' => \Hash::make($request->password),
'role' => 'user',
]);
$token = $user->createToken('token')->accessToken;
return response()->json(['token' => $token, 'user' => $user]);
}
api.php
Route::post('/login', [LoginController::class, 'login']);