Step-1: Install Laravel (here used Laravel version10.x)
composer create-project laravel/laravel lara-api
Step-2: Create a database in MySQL named “lara-api” and configure .env file for MySQL database
DB_DATABASE=lara-api DB_USERNAME=root DB_PASSWORD=
Step-3: Open the “lara-api” using any Editor like VS Code, run the below command to install Laravel Passport Package
composer require laravel/passport --with-all-dependencies php artisan migrate php artisan passport:install
Step-4: now update the below code in app\Models\User.php file
<?php namespace App\Models; // use Illuminate\Contracts\Auth\MustVerifyEmail; use Illuminate\Database\Eloquent\Factories\HasFactory; use Illuminate\Foundation\Auth\User as Authenticatable; use Illuminate\Notifications\Notifiable; // use Laravel\Sanctum\HasApiTokens; use Laravel\Passport\HasApiTokens; class User extends Authenticatable { use HasApiTokens, HasFactory, Notifiable; /** * The attributes that are mass assignable. * * @var array<int, string> */ protected $fillable = [ 'name', 'email', 'password', ]; /** * The attributes that should be hidden for serialization. * * @var array<int, string> */ protected $hidden = [ 'password', 'remember_token', ]; /** * The attributes that should be cast. * * @var array<string, string> */ protected $casts = [ 'email_verified_at' => 'datetime', ]; }
Step-5: now update guards in \config\auth.php
'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'api' => [ 'driver' => 'passport', 'provider' => 'users', ], ],
Step-6: Now Make controller using the below command
php artisan make:controller API\UserController
Step-7: Now update in app\Http\Controllers\API\UserController.php file
<?php namespace App\Http\Controllers\API; use App\Http\Controllers\Controller; use App\Models\User; use Illuminate\Http\Request; use Illuminate\Http\Response; use Auth; class UserController extends Controller { /** * The loginUser function is used for login through api. */ public function loginUser(Request $request): Response { $input = $request->all(); Auth::attempt($input); $user = Auth::user(); $token = $user->createToken('example')->accessToken; // bearer token will be created here and it has to be set in postman // return Response(['status' => 200,'token'=> $token],200); return Response(['status' => 200, 'token' => $token],200); } /** * The getUserDetail function is used for getting user information. */ public function getUserDetail(): Response { if(Auth::guard('api')->check()){ $user = Auth::guard('api')->user(); return Response(['data' => $user],200); } return Response(['data' => 'Unauthorized'],401); } /** * The userLogout function is used for logout the transaction */ public function userLogout(): Response { if(Auth::guard('api')->check()){ $accessToken = Auth::guard('api')->user()->token(); \DB::table('oauth_refresh_tokens') ->where('access_token_id', $accessToken->id) ->update(['revoked' => true]); $accessToken->revoke(); return Response(['data' => 'Unauthorized','message' => 'User logout successfully.'],200); } return Response(['data' => 'Unauthorized'],401); } }
Step-8: Now update in routes\api.php file
<?php use App\Http\Controllers\API\UserController; use App\Http\Controllers\Api\ProductController; use Illuminate\Http\Request; use Illuminate\Support\Facades\Route; use App\Http\Requests\StoreProductRequest; Route::controller(UserController::class)->group(function(){ Route::post('login','loginUser'); }); Route::controller(UserController::class)->group(function(){ Route::get('user','getUserDetail'); Route::get('logout','userLogout'); })->middleware('auth:api');
Step-9: now go to \database\seeders\DatabaseSeeder.php and update the below code to create a user by using the below command php artisan db:seed –database=mysql
<?php namespace Database\Seeders; // use Illuminate\Database\Console\Seeds\WithoutModelEvents; use Illuminate\Database\Seeder; class DatabaseSeeder extends Seeder { /** * Seed the application's database. */ public function run(): void { \App\Models\User::factory()->create(); \App\Models\User::factory()->create([ 'name' => 'Admin User', 'email' => 'user@gmail.com', 'password' =>bcrypt(123456), ]); } }
Step-10: now check the route list mention above in Postman. Note that you have to save the user id and password in the body filed and use the URL http://localhost:8000/api/login to get the bearer token and set it to the authorization menus.