Laravel 11 using Sanctum REST API Authentication Tutorial

In Laravel 11, the Sanctum Auth package allows users to create a Login and register a REST API by token-based authentication.

Let’s start installing and configuring Passport auth to create token-based authentication:

Prerequisites

Ensure the following tools are installed:

Git: Version control system. Download from git-scm.com.
PHP: Laravel requires PHP 7.3 or higher. Check version with:
```
php -v
```
Composer: Dependency manager for PHP. Download from getcomposer.org.
Web Server: Laravel includes a built-in server for development. For production, use Apache or Nginx.
Database: Install a supported DBMS like MySQL, PostgreSQL, or SQLite.
Postman: A Tool for Testing APIs. Download from postman.com.

Laravel Sanctum Setup

Step 1: Create a Laravel Project (if not already done)

composer create-project --prefer-dist laravel/laravel sanctum-auth-example

Step 2: Install Laravel Sanctum

composer require laravel/sanctum

Step 3: Configure Sanctum

Update app/Models/User.php and add the HasApiTokens trait:

use Laravel\Sanctum\HasApiTokens;

class User extends Authenticatable
{
    use HasApiTokens, HasFactory, Notifiable;
    // ...
}

Also, implement your custom user ID logic inside the model’s boot() method.

Step 4: Create the Users Table

Generate a migration:

php artisan make:migration create_user_table

Update the generated migration file to define the structure of the users, password_reset_tokens, and sessions tables.

Step 5: Configure Authentication Guard

Edit config/auth.php:

'guards' => [
    'web' => [
        'driver' => 'session',
        'provider' => 'users',
    ],
    'api' => [
        'driver' => 'sanctum',
        'provider' => 'users',
    ],
],

Step 6: Configure Database

Update your .env file:

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=your_db_name
DB_USERNAME=your_db_user
DB_PASSWORD=your_db_password

Step 7: Run Migrations

php artisan migrate

Step 8: Install Sanctum API Boilerplate

php artisan install:api

Step 9: Define API Routes

In routes/api.php:

use App\Http\Controllers\API\AuthenticationController;

Route::controller(AuthenticationController::class)->group(function () {
    Route::post("register", "register");
    Route::post("login", "login");
    Route::post("login/out", "logOut");
    Route::get("get-user", "userInfo")->middleware("auth:api");
});

Step 10: Create Authentication Controller

php artisan make:controller API/AuthenticationController

Implement register, login, and userInfo methods using Laravel's validation, authentication, and token features.

Step 11: Start Development Server

php artisan serve

Open the Postman application and call these API for testing:

* Register a User:

Open Postman.
Set the request type to POST.
Enter http://yourdomain.com/api/register in the address bar (replace yourdomain.com with your actual domain).
Go to the Body tab.
Choose x-www-form-urlencoded and select JSON.
Enter the user registration data in JSON format, including name, email, and password.
Click on the Send button to register the user.

* Login:

Set the request type to POST.
Enter the URL of your Laravel application followed by /api/login (e.g., http://yourdomain.com/api/login).
Go to the Body tab.
Select x-www-form-urlencoded and set the format to JSON.
Enter the user’s credentials (email and password) in JSON format.
Click on the Send button to log in. You will receive a token in the response if the login is successful.

* Get User Info:

Set the request type to GET.
Enter the URL of your Laravel application followed by /api/get-user (e.g., http://yourdomain.com/api/get-user).
Go to the Headers tab.
Add a new header with the key Authorization and the value, where <token> the token is obtained during the login process.
Click on the Send button to get the user information.

Souy Soeng

Laravel 11 using Sanctum REST API Authentication Tutorial

Laravel 11 using Sanctum REST API Authentication Tutorial

Post a Comment

Souy Soeng