Laravel development: How to implement APIOAuth2 authentication using Laravel Passport?

Laravel is a very popular PHP framework. It is easy to use, highly scalable, and has high code readability. Laravel also provides many add-on packages (Packages) to implement various functions, including Laravel Passport, which is an API package for implementing OAuth2 authentication.

OAuth2 is a popular authorization framework that simplifies the authorization process and is widely used in web and mobile applications. In order to use OAuth2, we need to implement an authorization server to generate tokens and allow clients to use the API. Laravel Passport provides us with an easy way to implement OAuth2 authentication.

This article will introduce how to use Laravel Passport to implement OAuth2 authentication. Before starting, it is assumed that the Laravel framework is already installed.

Install Laravel Passport

You can use Composer to install Laravel Passport. Run the following command in the root directory of your Laravel application:

composer require laravel/passport

After the installation is complete, you need to run the following command to create the necessary tables for Laravel Passport:

php artisan migrate

Next run the following command to create the necessary tables for Laravel Passport generates an encryption key:

php artisan passport:install

The generated key will be used to encrypt the generated token.

Set Passport

After completing the installation, you need to configure Laravel Passport in your application. The following are the necessary steps:

Enable Passport

To enable Laravel Passport, you first need to call the Passport::routes() method. This method will register the necessary routes:

//在bootstrap/app.php文件中加入下面这行代码
LaravelPassportPassport::routes();

Enable automatic token refresh

By default, the token will automatically expire after it expires. If you want to automatically refresh tokens after they expire, you can use Passport::refreshTokensExpireIn() method in AuthServiceProvider. We add the following code snippet to the AuthServiceProvider:

//在AppProvidersAuthServiceProvider.php文件中加入下面这段代码
use LaravelPassportPassport;

//其他代码...

public function boot()
{
    $this->registerPolicies();

    Passport::routes();

    Passport::tokensExpireIn(Carbon::now()->addDays(15));

    Passport::refreshTokensExpireIn(Carbon::now()->addDays(30));
}

In this example, the tokensExpireIn() method sets the token expiration time to 15 days, and the refreshTokensExpireIn()Method sets the expiration time of the automatically refreshed token to 30 days.

Using Passport in the User model

Now you need to enable the Laravel Passport feature in the User model. This can be achieved by using the Passport::use() method on the User class:

//在app/User.php文件中加入下面这段代码
use LaravelPassportHasApiTokens;

class User extends Authenticatable
{
    use HasApiTokens, Notifiable;
}

Creating an OAuth2 client

When using OAuth2 authentication in an application, it needs to be generated by an authorization server API token. In order to communicate with the authorization server, a client needs to be created. You can create a client by running the passport:client command:

php artisan passport:client --password

After running this command, you will be prompted to enter the application name. If you do not want to enter a name, you can choose to use the default value and return Just take a car.

After the operation is completed, a client_id and client_secret will be generated. client_id and client_secret will be used to communicate with the authorization server.

Create API Route

After creating the OAuth2 client, you need to create an API route so that the authorization server can access the API.

//在routes/api.php文件中加入以下代码
Route::middleware('auth:api')->get('/user', function (Request $request) {
    return $request->user();
});

In this example, OAuth2 authentication is required for the route specified by using the auth:api middleware. If a valid API token is not provided, this route will return a 401 Unauthorized HTTP response.

Send HTTP request for authentication

You are now ready to send a request to the API and authenticate using OAuth2 credentials.

You can use tools such as Postman to test the API, and the request needs to contain a valid API token. In Postman, it is possible to include an Authorization header in the request, for example:

Authorization: Bearer [access_token]

access_token must be replaced with the previously generated token.

Summary

Laravel Passport is an easy-to-use OAuth2 server that makes it easy to implement API authentication without having to write a lot of code. In this article, we covered the steps on how to implement OAuth2 authentication using Laravel Passport and showed how to create an OAuth2 client and API routes and authenticate via HTTP requests. If your application needs to use API authentication, then Laravel Passport may be one of the ideal choices for you.

The above is the detailed content of Laravel development: How to implement APIOAuth2 authentication using Laravel Passport?. For more information, please follow other related articles on the PHP Chinese website!