Today’s topic is Laravel 8 REST API with Passport Authentication Tutorial.
Laravel REST API is required when you are working for a mobile application or any frontend framework such as react js and Vue JS. In this post, we learn how to make authentication API in Laravel 8.
If you are new to Laravel or REST API don’t worry. This tutorial helps you to create an API with Laravel 8. Just you need to flow this post step by step.
We all this stuff do in fresh Laravel Application. But you can add this to your running application without any problem.
So let’s start.
Step:1 Create a new Laravel 8 Application
For beginners, I am going to create a fresh new Laravel application. If you have already a project skip this step.
laravel new newapp
Step: 2 Install Package
Install Passport package via the Composer package manager using the following command.
composer require laravel/passport
The Passport service provider has some migration tables with the framework, so we should migrate your database after installing the package using the following command.
php artisan migrate
Now, needed to generate secure access tokens so we should run the command. passport:install.
this command will create “personal access” and “password grant” clients which will be used to generate access tokens:
php artisan passport:install
Step: 3 Add HasApiTokens in User.php
This will provide some helper methods to your model which allow inspecting the authenticated user’s token and scopes.
App\Models\User.php
<?php
namespace App\Models;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Laravel\Passport\HasApiTokens; /** USE HasApiTokens **/
class User extends Authenticatable
{
use HasApiTokens, HasFactory, Notifiable; /** USE HasApiTokens **/
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name',
'email',
'password',
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password',
'remember_token',
];
/**
* The attributes that should be cast to native types.
*
* @var array
*/
protected $casts = [
'email_verified_at' => 'datetime',
];
}
Step: 4 Update Config
Now, config auth to tell Laravel to use the passport as a driver.
config/auth.php
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'users',
],
],
Step 5: Create BaseController Files
In this step, we create a BaseController to send responses of API, such as success and error. This controller makes it easier to send response format. To create run the flowing command.
php artisan make:controller API\BaseController
BaseController.php
<?php
namespace App\Http\Controllers\API;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller as Controller;
class BaseController extends Controller
{
/**
* success response method.
*
* @return \Illuminate\Http\Response
*/
public function sendResponse($result, $message)
{
$response = [
'success' => true,
'data' => $result,
'message' => $message,
];
return response()->json($response, 200);
}
/**
* return error response.
*
* @return \Illuminate\Http\Response
*/
public function sendError($error, $errorMessages = [], $code = 404)
{
$response = [
'success' => false,
'message' => $error,
];
if(!empty($errorMessages)){
$response['data'] = $errorMessages;
}
return response()->json($response, $code);
}
}
Step 6: Create LoginController Files
Now create a LoginController to handle user login API.
php artisan make:controller API\LoginController
LoginController.php
<?php
namespace App\Http\Controllers\Api;
use App\Http\Controllers\API\BaseController as BaseController;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Validator;
use Auth;
class LoginController extends BaseController
{
public function login(Request $request)
{
$validator = Validator::make($request->all(), [
'email' => 'required|email',
'password' => 'required',
]);
if($validator->fails()){
return $this->sendError('Validation Error.', $validator->errors());
}
if(Auth::attempt(['email' => $request->email, 'password' => $request->password])){
$user = Auth::user();
$success['token'] = $user->createToken('MyApp')-> accessToken;
$success['name'] = $user->name;
return $this->sendResponse($success, 'Login successfully.');
}
else{
return $this->sendError('Unauthorised.', ['error'=>'Unauthorised']);
}
}
}
Step 7: Create RegisterController Files
Now create a RegisterController to handle user Register API.
php artisan make:controller API\RegisterController
RegisterController.php
<?php
namespace App\Http\Controllers\Api;
use Illuminate\Http\Request;
use App\Http\Controllers\API\BaseController as BaseController;
use App\Models\User;
use Illuminate\Support\Facades\Auth;
use Validator;
class RegisterController extends BaseController
{
public function register(Request $request)
{
$validator = Validator::make($request->all(), [
'name' => 'required',
'email' => 'required|email|unique:users',
'password' => 'required',
]);
if($validator->fails()){
return $this->sendError('Validation Error.', $validator->errors());
}
$input = $request->all();
$input['password'] = bcrypt($input['password']);
$user = User::create($input);
$success['token'] = $user->createToken('MyApp')->accessToken;
$success['name'] = $user->name;
return $this->sendResponse($success, 'User register successfully.');
}
}
Step 9: Update Route
<?php
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;
/*
|--------------------------------------------------------------------------
| API Routes
|--------------------------------------------------------------------------
|
| Here is where you can register API routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| is assigned the "api" middleware group. Enjoy building your API!
|
*/
Route::post('login', 'API\LoginController@login');
Route::post('register', 'API\RegisterController@register');
Route::middleware('auth:api')->group(function () {
Route::get('user-list', 'API\UserController@Userlist');
});
Step 8: Check the login and register API
Register API

Login API

Almost done, Now create a user controller to access data from the database with middleware route.
Step 8: Create UserController Files
Run this command to generate a new controller
php artisan make:controller API\UserController
UserContoller.php
<?php
namespace App\Http\Controllers\API;
use App\Http\Controllers\API\BaseController as BaseController;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use App\Models\User;
class UserController extends BaseController
{
public function Userlist(Type $var = null)
{
$user = User::all();
return $this->sendResponse($user, 'User List.');
}
}
User List API

Don’t forget to pass two value in header, Accept and Authorization. In Accept pass “application/json” and In Authorization pass “Bearer Login_token” (Bearer one space and login token)
You should pass this two value in header for every route. Which are under middleware.
So finally we completed Laravel 8 REST API with Passport Authentication Tutorial.
Hope I will help you.

Brijpal Sharma is a web developer with a passion for writing tech tutorials. Learn JavaScript and other web development technology.