PHP FrameworkLaravelLaravel development: How to implement APIOAuth2 authentication using Laravel Passport?Laravel development: How to implement APIOAuth2 authentication using Laravel Passport?
Laravel is a very popular PHP framework. It is easy to use, highly scalable, and has high code readability. Laravel also provides many add-on packages (Packages) to implement various functions, including Laravel Passport, which is an API package for implementing OAuth2 authentication.
OAuth2 is a popular authorization framework that simplifies the authorization process and is widely used in web and mobile applications. In order to use OAuth2, we need to implement an authorization server to generate tokens and allow clients to use the API. Laravel Passport provides us with an easy way to implement OAuth2 authentication.
This article will introduce how to use Laravel Passport to implement OAuth2 authentication. Before starting, it is assumed that the Laravel framework is already installed.
Install Laravel Passport
You can use Composer to install Laravel Passport. Run the following command in the root directory of your Laravel application:
composer require laravel/passport
After the installation is complete, you need to run the following command to create the necessary tables for Laravel Passport:
php artisan migrate
Next run the following command to create the necessary tables for Laravel Passport generates an encryption key:
php artisan passport:install
The generated key will be used to encrypt the generated token.
Set Passport
After completing the installation, you need to configure Laravel Passport in your application. The following are the necessary steps:
Enable Passport
To enable Laravel Passport, you first need to call the Passport::routes() method. This method will register the necessary routes:
//在bootstrap/app.php文件中加入下面这行代码 LaravelPassportPassport::routes();
Enable automatic token refresh
By default, the token will automatically expire after it expires. If you want to automatically refresh tokens after they expire, you can use Passport::refreshTokensExpireIn() method in AuthServiceProvider. We add the following code snippet to the AuthServiceProvider:
//在AppProvidersAuthServiceProvider.php文件中加入下面这段代码
use LaravelPassportPassport;
//其他代码...
public function boot()
{
$this->registerPolicies();
Passport::routes();
Passport::tokensExpireIn(Carbon::now()->addDays(15));
Passport::refreshTokensExpireIn(Carbon::now()->addDays(30));
} In this example, the tokensExpireIn() method sets the token expiration time to 15 days, and the refreshTokensExpireIn()Method sets the expiration time of the automatically refreshed token to 30 days.
Using Passport in the User model
Now you need to enable the Laravel Passport feature in the User model. This can be achieved by using the Passport::use() method on the User class:
//在app/User.php文件中加入下面这段代码
use LaravelPassportHasApiTokens;
class User extends Authenticatable
{
use HasApiTokens, Notifiable;
}Creating an OAuth2 client
When using OAuth2 authentication in an application, it needs to be generated by an authorization server API token. In order to communicate with the authorization server, a client needs to be created. You can create a client by running the passport:client command:
php artisan passport:client --password
After running this command, you will be prompted to enter the application name. If you do not want to enter a name, you can choose to use the default value and return Just take a car.
After the operation is completed, a client_id and client_secret will be generated. client_id and client_secret will be used to communicate with the authorization server.
Create API Route
After creating the OAuth2 client, you need to create an API route so that the authorization server can access the API.
//在routes/api.php文件中加入以下代码
Route::middleware('auth:api')->get('/user', function (Request $request) {
return $request->user();
}); In this example, OAuth2 authentication is required for the route specified by using the auth:api middleware. If a valid API token is not provided, this route will return a 401 Unauthorized HTTP response.
Send HTTP request for authentication
You are now ready to send a request to the API and authenticate using OAuth2 credentials.
You can use tools such as Postman to test the API, and the request needs to contain a valid API token. In Postman, it is possible to include an Authorization header in the request, for example:
Authorization: Bearer [access_token]
access_token must be replaced with the previously generated token.
Summary
Laravel Passport is an easy-to-use OAuth2 server that makes it easy to implement API authentication without having to write a lot of code. In this article, we covered the steps on how to implement OAuth2 authentication using Laravel Passport and showed how to create an OAuth2 client and API routes and authenticate via HTTP requests. If your application needs to use API authentication, then Laravel Passport may be one of the ideal choices for you.
The above is the detailed content of Laravel development: How to implement APIOAuth2 authentication using Laravel Passport?. For more information, please follow other related articles on the PHP Chinese website!
Using Laravel: Streamlining Web Development with PHPApr 19, 2025 am 12:18 AMLaravel optimizes the web development process including: 1. Use the routing system to manage the URL structure; 2. Use the Blade template engine to simplify view development; 3. Handle time-consuming tasks through queues; 4. Use EloquentORM to simplify database operations; 5. Follow best practices to improve code quality and maintainability.
Laravel: An Introduction to the PHP Web FrameworkApr 19, 2025 am 12:15 AMLaravel is a modern PHP framework that provides a powerful tool set, simplifies development processes and improves maintainability and scalability of code. 1) EloquentORM simplifies database operations; 2) Blade template engine makes front-end development intuitive; 3) Artisan command line tools improve development efficiency; 4) Performance optimization includes using EagerLoading, caching mechanism, following MVC architecture, queue processing and writing test cases.
Laravel: MVC Architecture and Best PracticesApr 19, 2025 am 12:13 AMLaravel's MVC architecture improves the structure and maintainability of the code through models, views, and controllers for separation of data logic, presentation and business processing. 1) The model processes data, 2) The view is responsible for display, 3) The controller processes user input and business logic. This architecture allows developers to focus on business logic and avoid falling into the quagmire of code.
Laravel: Key Features and Advantages ExplainedApr 19, 2025 am 12:12 AMLaravel is a PHP framework based on MVC architecture, with concise syntax, powerful command line tools, convenient data operation and flexible template engine. 1. Elegant syntax and easy-to-use API make development quick and easy to use. 2. Artisan command line tool simplifies code generation and database management. 3.EloquentORM makes data operation intuitive and simple. 4. The Blade template engine supports advanced view logic.
Building Backend with Laravel: A GuideApr 19, 2025 am 12:02 AMLaravel is suitable for building backend services because it provides elegant syntax, rich functionality and strong community support. 1) Laravel is based on the MVC architecture, simplifying the development process. 2) It contains EloquentORM, optimizes database operations. 3) Laravel's ecosystem provides tools such as Artisan, Blade and routing systems to improve development efficiency.
Laravel framework skills sharingApr 18, 2025 pm 01:12 PMIn this era of continuous technological advancement, mastering advanced frameworks is crucial for modern programmers. This article will help you improve your development skills by sharing little-known techniques in the Laravel framework. Known for its elegant syntax and a wide range of features, this article will dig into its powerful features and provide practical tips and tricks to help you create efficient and maintainable web applications.
The difference between laravel and thinkphpApr 18, 2025 pm 01:09 PMLaravel and ThinkPHP are both popular PHP frameworks and have their own advantages and disadvantages in development. This article will compare the two in depth, highlighting their architecture, features, and performance differences to help developers make informed choices based on their specific project needs.
Laravel user login function listApr 18, 2025 pm 01:06 PMBuilding user login capabilities in Laravel is a crucial task and this article will provide a comprehensive overview covering every critical step from user registration to login verification. We will dive into the power of Laravel’s built-in verification capabilities and guide you through customizing and extending the login process to suit specific needs. By following these step-by-step instructions, you can create a secure and reliable login system that provides a seamless access experience for users of your Laravel application.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
SublimeText3 Linux new version
SublimeText3 Linux latest version
Dreamweaver Mac version
Visual web development tools
ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
SublimeText3 Mac version
God-level code editing software (SublimeText3)
