First step
Execute the following command:
composer require laravel/passport php artisan migrate php artisan passport:install
Second step
Modify Gurds in the config/auth.php file:
...
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'users',
],
],
...Step 3
app/User.php
<?php
namespace App;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Laravel\Passport\HasApiTokens;
class User extends Authenticatable {
use Notifiable, HasApiTokens;
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name', 'email', 'password',
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password', 'remember_token',
];
/**
* The attributes that should be cast to native types.
*
* @var array
*/
protected $casts = [
'email_verified_at' => 'datetime',
];
}Step 4
app/Repositories/User/UserRepositoryInterface.php
<?php
namespace App\Repositories\User;
use Illuminate\Http\Request;
interface UserRepositoryInterface {
public function register(Request $request);
public function login(Request $request);
public function refreshToken(Request $request);
public function details();
public function logout(Request $request);
public function response($data, int $statusCode);
public function getTokenAndRefreshToken(string $email, string $password);
public function sendRequest(string $route, array $formParams);
public function getOClient();
}Step 5
Create app/Repositories/User /UserRepository.php file
<?php
namespace App\Repositories\User;
use App\User;
use GuzzleHttp\Client;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Laravel\Passport\Client as OClient;
use GuzzleHttp\Exception\ClientException;
use App\Repositories\User\UserRepositoryInterface;
class UserRepository implements UserRepositoryInterface {
const SUCCUSUS_STATUS_CODE = 200;
const UNAUTHORISED_STATUS_CODE = 401;
const BASE_URL = "http://mylemp-nginx";
public function __construct(Client $client) {
$this->http = $client;
}
public function register(Request $request) {
$email = $request->email;
$password = $request->password;
$input = $request->all();
$input['password'] = bcrypt($input['password']);
User::create($input);
$response = $this->getTokenAndRefreshToken($email, $password);
return $this->response($response["data"], $response["statusCode"]);
}
public function login(Request $request) {
$email = $request->email;
$password = $request->password;
if (Auth::attempt(['email' => $email, 'password' => $password])) {
$response = $this->getTokenAndRefreshToken($email, $password);
$data = $response["data"];
$statusCode = $response["statusCode"];
} else {
$data = ['error'=>'Unauthorised'];
$statusCode = self::UNAUTHORISED_STATUS_CODE;
}
return $this->response($data, $statusCode);
}
public function refreshToken(Request $request) {
if (is_null($request->header('Refreshtoken'))) {
return $this->response(['error'=>'Unauthorised'], self::UNAUTHORISED_STATUS_CODE);
}
$refresh_token = $request->header('Refreshtoken');
$Oclient = $this->getOClient();
$formParams = [ 'grant_type' => 'refresh_token',
'refresh_token' => $refresh_token,
'client_id' => $Oclient->id,
'client_secret' => $Oclient->secret,
'scope' => '*'];
return $this->sendRequest("/oauth/token", $formParams);
}
public function details() {
$user = Auth::user();
return $this->response($user, self::SUCCUSUS_STATUS_CODE);
}
public function logout(Request $request) {
$request->user()->token()->revoke();
return $this->response(['message' => 'Successfully logged out'], self::SUCCUSUS_STATUS_CODE);
}
public function response($data, int $statusCode) {
$response = ["data"=>$data, "statusCode"=>$statusCode];
return $response;
}
public function getTokenAndRefreshToken(string $email, string $password) {
$Oclient = $this->getOClient();
$formParams = [ 'grant_type' => 'password',
'client_id' => $Oclient->id,
'client_secret' => $Oclient->secret,
'username' => $email,
'password' => $password,
'scope' => '*'];
return $this->sendRequest("/oauth/token", $formParams);
}
public function sendRequest(string $route, array $formParams) {
try {
$url = self::BASE_URL.$route;
$response = $this->http->request('POST', $url, ['form_params' => $formParams]);
$statusCode = self::SUCCUSUS_STATUS_CODE;
$data = json_decode((string) $response->getBody(), true);
} catch (ClientException $e) {
echo $e->getMessage();
$statusCode = $e->getCode();
$data = ['error'=>'OAuth client error'];
}
return ["data" => $data, "statusCode"=>$statusCode];
}
public function getOClient() {
return OClient::where('password_client', 1)->first();
}
}Step Six
app/Http/Requests/UserLoginRequest.php
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Contracts\Validation\Validator;
use Illuminate\Http\Exceptions\HttpResponseException;
class UserLoginRequest extends FormRequest {
const UNPROCESSABLE_ENTITY = 422;
public function rules() {
return [
'email' => 'required|email',
'password' => 'required',
];
}
protected function failedValidation(Validator $validator) {
throw new HttpResponseException(response()->json($validator->errors(), self::UNPROCESSABLE_ENTITY));
}
}Step Seven
app/Http/Requests/UserRegisterRequest.php
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Contracts\Validation\Validator;
use Illuminate\Http\Exceptions\HttpResponseException;
class UserRegisterRequest extends FormRequest {
const UNPROCESSABLE_ENTITY = 422;
public function rules() {
return [
'name' => 'required',
'email' => 'required|email|unique:users',
'password' => 'required',
'c_password' => 'required|same:password',
];
}
protected function failedValidation(Validator $validator) {
throw new HttpResponseException(response()->json($validator->errors(), self::UNPROCESSABLE_ENTITY));
}
}Step 8
app/Providers/AppServiceProvider.php
<?php
namespace App\Providers;
use App\Repositories\User\UserRepository;
use App\Repositories\User\UserRepositoryInterface;
use Illuminate\Support\ServiceProvider;
class AppServiceProvider extends ServiceProvider {
/**
* Register any application services.
*
* @return void
*/
public function register() {
$this->app->bind(UserRepositoryInterface::class, UserRepository::class);
}
/**
* Bootstrap any application services.
*
* @return void
*/
public function boot() {
//
}
} Step 9
app/Providers/AuthServiceProvider.php
<?php
namespace App\Providers;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Laravel\Passport\Passport;
class AuthServiceProvider extends ServiceProvider {
/**
* The policy mappings for the application.
*
* @var array
*/
protected $policies = [
// 'App\Model' => 'App\Policies\ModelPolicy',
];
/**
* Register any authentication / authorization services.
*
* @return void
*/
public function boot() {
$this->registerPolicies();
Passport::routes();
}
}Step 10
app/Http /Controllers/UserController.php
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Http\Requests\UserLoginRequest;
use App\Http\Requests\UserRegisterRequest;
use App\Repositories\User\UserRepositoryInterface;
class UserController extends Controller {
const SUCCUSUS_STATUS_CODE = 200;
const UNAUTHORISED_STATUS_CODE = 401;
public function __construct(UserRepositoryInterface $userRepository) {
$this->userRepository = $userRepository;
}
public function login(UserLoginRequest $request) {
$response = $this->userRepository->login($request);
return response()->json($response["data"], $response["statusCode"]);
}
public function register(UserRegisterRequest $request) {
$response = $this->userRepository->register($request);
return response()->json($response["data"], $response["statusCode"]);
}
public function details() {
$response = $this->userRepository->details();
return response()->json($response["data"], $response["statusCode"]);
}
public function logout(Request $request) {
$response = $this->userRepository->logout($request);
return response()->json($response["data"], $response["statusCode"]);
}
public function refreshToken(Request $request) {
$response = $this->userRepository->refreshToken($request);
return response()->json($response["data"], $response["statusCode"]);
}
}Step 11
##routes/api.php<?php
use Illuminate\Support\Facades\Route;
Route::post('login', 'UserController@login');
Route::post('register', 'UserController@register');
Route::post('refreshtoken', 'UserController@refreshToken');
Route::group(['middleware' => ['auth:api']], function () {
Route::post('logout', 'UserController@logout');
Route::post('details', 'UserController@details');
});Recommended tutorial: "Laravel Tutorial 》
The above is the detailed content of Laravel Passport builds API authentication and authorization. For more information, please follow other related articles on the PHP Chinese website!
Laravel's Primary Function: Backend DevelopmentApr 15, 2025 am 12:14 AMLaravel's core functions in back-end development include routing system, EloquentORM, migration function, cache system and queue system. 1. The routing system simplifies URL mapping and improves code organization and maintenance. 2.EloquentORM provides object-oriented data operations to improve development efficiency. 3. The migration function manages the database structure through version control to ensure consistency. 4. The cache system reduces database queries and improves response speed. 5. The queue system effectively processes large-scale data, avoid blocking user requests, and improve overall performance.
Laravel's Backend Capabilities: Databases, Logic, and MoreApr 14, 2025 am 12:04 AMLaravel performs strongly in back-end development, simplifying database operations through EloquentORM, controllers and service classes handle business logic, and providing queues, events and other functions. 1) EloquentORM maps database tables through the model to simplify query. 2) Business logic is processed in controllers and service classes to improve modularity and maintainability. 3) Other functions such as queue systems help to handle complex needs.
Laravel's Versatility: From Simple Sites to Complex SystemsApr 13, 2025 am 12:13 AMThe Laravel development project was chosen because of its flexibility and power to suit the needs of different sizes and complexities. Laravel provides routing system, EloquentORM, Artisan command line and other functions, supporting the development of from simple blogs to complex enterprise-level systems.
Laravel (PHP) vs. Python: Development Environments and EcosystemsApr 12, 2025 am 12:10 AMThe comparison between Laravel and Python in the development environment and ecosystem is as follows: 1. The development environment of Laravel is simple, only PHP and Composer are required. It provides a rich range of extension packages such as LaravelForge, but the extension package maintenance may not be timely. 2. The development environment of Python is also simple, only Python and pip are required. The ecosystem is huge and covers multiple fields, but version and dependency management may be complex.
Laravel and the Backend: Powering Web Application LogicApr 11, 2025 am 11:29 AMHow does Laravel play a role in backend logic? It simplifies and enhances backend development through routing systems, EloquentORM, authentication and authorization, event and listeners, and performance optimization. 1. The routing system allows the definition of URL structure and request processing logic. 2.EloquentORM simplifies database interaction. 3. The authentication and authorization system is convenient for user management. 4. The event and listener implement loosely coupled code structure. 5. Performance optimization improves application efficiency through caching and queueing.
Why is Laravel so popular?Apr 02, 2025 pm 02:16 PMLaravel's popularity includes its simplified development process, providing a pleasant development environment, and rich features. 1) It absorbs the design philosophy of RubyonRails, combining the flexibility of PHP. 2) Provide tools such as EloquentORM, Blade template engine, etc. to improve development efficiency. 3) Its MVC architecture and dependency injection mechanism make the code more modular and testable. 4) Provides powerful debugging tools and performance optimization methods such as caching systems and best practices.
Which is better, Django or Laravel?Mar 28, 2025 am 10:41 AMBoth Django and Laravel are full-stack frameworks. Django is suitable for Python developers and complex business logic, while Laravel is suitable for PHP developers and elegant syntax. 1.Django is based on Python and follows the "battery-complete" philosophy, suitable for rapid development and high concurrency. 2.Laravel is based on PHP, emphasizing the developer experience, and is suitable for small to medium-sized projects.
Which is better PHP or Laravel?Mar 27, 2025 pm 05:31 PMPHP and Laravel are not directly comparable, because Laravel is a PHP-based framework. 1.PHP is suitable for small projects or rapid prototyping because it is simple and direct. 2. Laravel is suitable for large projects or efficient development because it provides rich functions and tools, but has a steep learning curve and may not be as good as pure PHP.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.
EditPlus Chinese cracked version
Small size, syntax highlighting, does not support code prompt function
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
Dreamweaver CS6
Visual web development tools
SAP NetWeaver Server Adapter for Eclipse
Integrate Eclipse with SAP NetWeaver application server.
