Step-1: Install Laravel (here used Laravel version10.x)
composer create-project laravel/laravel lara-api
Step-2: Create a database in MySQL named “lara-api” and configure .env file for MySQL database
DB_DATABASE=lara-api DB_USERNAME=root DB_PASSWORD=
Step-3: Open the “lara-api” using any Editor like VS Code, run the below command to install Laravel Passport Package
composer require laravel/passport --with-all-dependencies php artisan migrate php artisan passport:install
Step-4: now update the below code in app\Models\User.php file
<?php
namespace App\Models;
// use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
// use Laravel\Sanctum\HasApiTokens;
use Laravel\Passport\HasApiTokens;
class User extends Authenticatable
{
use HasApiTokens, HasFactory, Notifiable;
/**
* The attributes that are mass assignable.
*
* @var array<int, string>
*/
protected $fillable = [
'name',
'email',
'password',
];
/**
* The attributes that should be hidden for serialization.
*
* @var array<int, string>
*/
protected $hidden = [
'password',
'remember_token',
];
/**
* The attributes that should be cast.
*
* @var array<string, string>
*/
protected $casts = [
'email_verified_at' => 'datetime',
];
}
Step-5: now update guards in \config\auth.php
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'users',
],
],
Step-6: Now Make controller using the below command
php artisan make:controller API\UserController
Step-7: Now update in app\Http\Controllers\API\UserController.php file
<?php
namespace App\Http\Controllers\API;
use App\Http\Controllers\Controller;
use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Http\Response;
use Auth;
class UserController extends Controller
{
/**
* The loginUser function is used for login through api.
*/
public function loginUser(Request $request): Response
{
$input = $request->all();
Auth::attempt($input);
$user = Auth::user();
$token = $user->createToken('example')->accessToken; // bearer token will be created here and it has to be set in postman
// return Response(['status' => 200,'token'=> $token],200);
return Response(['status' => 200, 'token' => $token],200);
}
/**
* The getUserDetail function is used for getting user information.
*/
public function getUserDetail(): Response
{
if(Auth::guard('api')->check()){
$user = Auth::guard('api')->user();
return Response(['data' => $user],200);
}
return Response(['data' => 'Unauthorized'],401);
}
/**
* The userLogout function is used for logout the transaction
*/
public function userLogout(): Response
{
if(Auth::guard('api')->check()){
$accessToken = Auth::guard('api')->user()->token();
\DB::table('oauth_refresh_tokens')
->where('access_token_id', $accessToken->id)
->update(['revoked' => true]);
$accessToken->revoke();
return Response(['data' => 'Unauthorized','message' => 'User logout successfully.'],200);
}
return Response(['data' => 'Unauthorized'],401);
}
}
Step-8: Now update in routes\api.php file
<?php
use App\Http\Controllers\API\UserController;
use App\Http\Controllers\Api\ProductController;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;
use App\Http\Requests\StoreProductRequest;
Route::controller(UserController::class)->group(function(){
Route::post('login','loginUser');
});
Route::controller(UserController::class)->group(function(){
Route::get('user','getUserDetail');
Route::get('logout','userLogout');
})->middleware('auth:api');
Step-9: now go to \database\seeders\DatabaseSeeder.php and update the below code to create a user by using the below command php artisan db:seed –database=mysql
<?php
namespace Database\Seeders;
// use Illuminate\Database\Console\Seeds\WithoutModelEvents;
use Illuminate\Database\Seeder;
class DatabaseSeeder extends Seeder
{
/**
* Seed the application's database.
*/
public function run(): void
{
\App\Models\User::factory()->create();
\App\Models\User::factory()->create([
'name' => 'Admin User',
'email' => 'user@gmail.com',
'password' =>bcrypt(123456),
]);
}
}
Step-10: now check the route list mention above in Postman. Note that you have to save the user id and password in the body filed and use the URL http://localhost:8000/api/login to get the bearer token and set it to the authorization menus.