Laravel Sanctum is useful for building token-based APIs and tedious authentication systems for single-page applications, mobile applications.
Laravel Sanctum stores user API tokens in a single database table and authenticates incoming HTTP requests
Download Laravel App
composer create-project --prefer-dist laravel/laravel my-app
C:\xampp\htdocs\laravel>composer create-project --prefer-dist laravel/laravel my-app
Connecting our Database
open .env file root directory.
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=laraveldb
DB_USERNAME=root
DB_PASSWORD=
Add Laravel Sanctum Library in Laravel
https://laravel.com/docs/9.x/sanctum
composer require laravel/sanctum
C:\xampp\htdocs\laravel>composer require laravel/sanctum
publish the sanctum configuration file
php artisan vendor:publish --provider="Laravel\Sanctum\SanctumServiceProvider"
C:\xampp\htdocs\laravel>php artisan vendor:publish --provider="Laravel\Sanctum\SanctumServiceProvider"
app/Http/Kernel.php
'api' => [
\Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
'throttle:api',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
Database Migration
php artisan migrate
C:\xampp\htdocs\laravel\laravelproject>php artisan migrate
Migration table created successfully.
check database table
check user model app/Models/User.php
Add Table in Database
php artisan make:migration create_products_table
C:\xampp\htdocs\laravel\my-app>php artisan make:migration create_products_table
database/migrations/create_products_table.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | //database/migrations/create_products_table.php<?phpuse Illuminate\Database\Migrations\Migration;use Illuminate\Database\Schema\Blueprint;use Illuminate\Support\Facades\Schema;return new class extends Migration{ public function up() { Schema::create('products', function (Blueprint $table) { $table->id(); $table->string('name'); $table->text('detail'); $table->timestamps(); }); } public function down() { Schema::dropIfExists('products'); }}; |
C:\xampp\htdocs\laravel\my-app>php artisan make:model Product
update app/Models/Product.php
app/Models/Product.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | //app/Models/Product.php<?phpnamespace App\Models;use Illuminate\Database\Eloquent\Factories\HasFactory;use Illuminate\Database\Eloquent\Model;class Product extends Model{ use HasFactory; protected $fillable = [ 'name', 'detail' ];} |
Build Auth Controller
create three new controllers
app/Http/Controllers/API/BaseController.php
app/Http/Controllers/API/ProductController.php
app/Http/Controllers/API/RegisterController.php
app/Http/Controllers/API/BaseController.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 | //app/Http/Controllers/API/BaseController.php<?phpnamespace App\Http\Controllers\API;use Illuminate\Http\Request;use App\Http\Controllers\Controller as Controller;class BaseController extends Controller{ /** * success response method. * * @return \Illuminate\Http\Response */ public function sendResponse($result, $message) { $response = [ 'success' => true, 'data' => $result, 'message' => $message, ]; return response()->json($response, 200); } /** * return error response. * * @return \Illuminate\Http\Response */ public function sendError($error, $errorMessages = [], $code = 404) { $response = [ 'success' => false, 'message' => $error, ]; if(!empty($errorMessages)){ $response['data'] = $errorMessages; } return response()->json($response, $code); }} |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 | //app/Http/Controllers/API/RegisterController.php<?phpnamespace App\Http\Controllers\API; use Illuminate\Http\Request;use App\Http\Controllers\API\BaseController as BaseController;use App\Models\User;use Illuminate\Support\Facades\Auth;use Validator;class RegisterController extends BaseController{ /** * Register api * * @return \Illuminate\Http\Response */ public function register(Request $request) { $validator = Validator::make($request->all(), [ 'name' => 'required', 'email' => 'required|email', 'password' => 'required', 'c_password' => 'required|same:password', ]); if($validator->fails()){ return $this->sendError('Validation Error.', $validator->errors()); } $input = $request->all(); $input['password'] = bcrypt($input['password']); $user = User::create($input); $success['token'] = $user->createToken('MyApp')->plainTextToken; $success['name'] = $user->name; return $this->sendResponse($success, 'User register successfully.'); } /** * Login api * * @return \Illuminate\Http\Response */ public function login(Request $request) { if(Auth::attempt(['email' => $request->email, 'password' => $request->password])){ $user = Auth::user(); $success['token'] = $user->createToken('MyApp')->plainTextToken; $success['name'] = $user->name; return $this->sendResponse($success, 'User login successfully.'); } else{ return $this->sendError('Unauthorised.', ['error'=>'Unauthorised']); } }} |
php artisan make:resource ProductResource
C:\xampp\htdocs\laravel\my-app>php artisan make:resource ProductResource
app/Http/Resources/ProductResource.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 | //app/Http/Resources/ProductResource.php<?phpnamespace App\Http\Resources;use Illuminate\Http\Resources\Json\JsonResource;class ProductResource extends JsonResource{ /** * Transform the resource into an array. * * @param \Illuminate\Http\Request $request * @return array|\Illuminate\Contracts\Support\Arrayable|\JsonSerializable */ public function toArray($request) { return [ 'id' => $this->id, 'name' => $this->name, 'detail' => $this->detail, 'created_at' => $this->created_at->format('d/m/Y'), 'updated_at' => $this->updated_at->format('d/m/Y'), ]; //return parent::toArray($request); }} |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 | //app/Http/Controllers/API/ProductController.php<?phpnamespace App\Http\Controllers\API; use Illuminate\Http\Request;use App\Http\Controllers\API\BaseController as BaseController;use App\Models\Product;use Validator;use App\Http\Resources\ProductResource;class ProductController extends BaseController{ /** * Display a listing of the resource. * * @return \Illuminate\Http\Response */ public function index() { $products = Product::all(); return $this->sendResponse(ProductResource::collection($products), 'Products retrieved successfully.'); } /** * Store a newly created resource in storage. * * @param \Illuminate\Http\Request $request * @return \Illuminate\Http\Response */ public function store(Request $request) { $input = $request->all(); $validator = Validator::make($input, [ 'name' => 'required', 'detail' => 'required' ]); if($validator->fails()){ return $this->sendError('Validation Error.', $validator->errors()); } $product = Product::create($input); return $this->sendResponse(new ProductResource($product), 'Product created successfully.'); } /** * Display the specified resource. * * @param int $id * @return \Illuminate\Http\Response */ public function show($id) { $product = Product::find($id); if (is_null($product)) { return $this->sendError('Product not found.'); } return $this->sendResponse(new ProductResource($product), 'Product retrieved successfully.'); } /** * Update the specified resource in storage. * * @param \Illuminate\Http\Request $request * @param int $id * @return \Illuminate\Http\Response */ public function update(Request $request, Product $product) { $input = $request->all(); $validator = Validator::make($input, [ 'name' => 'required', 'detail' => 'required' ]); if($validator->fails()){ return $this->sendError('Validation Error.', $validator->errors()); } $product->name = $input['name']; $product->detail = $input['detail']; $product->save(); return $this->sendResponse(new ProductResource($product), 'Product updated successfully.'); } /** * Remove the specified resource from storage. * * @param int $id * @return \Illuminate\Http\Response */ public function destroy(Product $product) { $product->delete(); return $this->sendResponse([], 'Product deleted successfully.'); }} |
routes/api.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | //routes/api.php<?phpuse Illuminate\Http\Request;use Illuminate\Support\Facades\Route;use App\Http\Controllers\API\RegisterController;use App\Http\Controllers\API\ProductController;//Route::middleware('auth:sanctum')->get('/user', function (Request $request) {// return $request->user();//});Route::middleware('auth:sanctum')->group( function () { Route::resource('products', ProductController::class);});Route::controller(RegisterController::class)->group(function(){ Route::post('register', 'register'); Route::post('login', 'login');}); |
C:\xampp\htdocs\laravel\my-app>php artisan serve
Check API Results in Postman
https://www.postman.com/downloads/
POST method : http://127.0.0.1:8000/api/register
POST method : http://127.0.0.1:8000/api/login
After testing auth APIs copy token value and paste to Authorization tab then select Bearer Token
POST method : http://localhost:8000/api/products
GET method : http://127.0.0.1:8000/api/products
POST method : http://localhost:8000/api/products/1
key value
_method PUT
DELTE method : http://127.0.0.1:8000/api/products/1
