Laravel 10 RESTful APIs with JWT Authentication Tutorial | Laravel 10 Development | JSON Web Token

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] Hello friends welcome to Orlando tutor I am Sanjay in this video create a complete course of API development using level and JWT authentication I am 100 sure that after watching this video you will definitely create web apis using level and JWT let's go to slide first so in this video we'll see each aspect of API creation step by step so first we'll start all about project setup database connectivity API controller settings JWT installation and configuration model settings API route setup then we'll move towards API creation so first we'll see registration API 10 login API profile API refresh token API and logout API so there are several things we will cover inside this whole video so first let's start all about project setup so I will go inside official website level.com click on documentation I will prefer composer installation by using composer command I will install the latest version right now that is level version 10. so inside here I will search for composer we can see here we have the composer command I will copy back to slide open a new tab so here we have a composer command by using this composer command we are creating a project of level of the setup name so instead of calling example hyphen app I will call it as level hyphen apis or let's call it as level hyphen GWT apis let's copy this composer command back to project terminal so I am inside YT folder Blitz paste that command press enter we can see that project installation now started so successfully a level projectile installed into a local system if I go to folder structure so we can see that here we have our setup I will open this setup into a vs code editor so visual studio code so successfully I have imported that project into my vs code editor now next so if I go to a checklist this is done now next we need to connect with the database so first I'll create a database go to PhD my admin click on databases tab here I need to pass a database name so I will call it as level hyphen YT hyphen JWT hyphen apis let's copy the name of database click on create button database created back to editor let's open Dot EnV file and search for DB underscore connection so here are those connection string values so in place of database this is our database name in my case the username is admin and password is admin r38123 so successfully this application now connected with this database let's execute this application to browser and fun side terminal let's go inside SATA now I am inside my setup you will use the concept of PHP Artisan serve to start development server so PHP Artisan serve press enter development server started so let's copy project URL to Access Project copy link back to browser open a new tab and this is our successful landing page so successfully now we have set up a level process as well as database also connected now next we to create a API controller class to create ePay controller I will prefer PHP Artisan command and one more thing before creating controller class back to editor I want that go inside app HTTP controllers so I want that API controller class should be created inside of API folder it means we want or APS subfolder in service controllers folder back to terminal let's close this development server BHP artisan make controller first I will pass the folder name that will be API and inside that folder we want API controller press enter now you can see that our API controller class now created back to editor so successfully as you can see that our API controller Labs not created inside this EPA folder let's open that so we can see here that we have our API controller class which is extending controller right now it is empty but we need to create our methods according to our need so as we know that in this course we will create a session API login API profile API refresh token API and logout API so these five apis it means five methods we need to create inside this API controller class so let's create those methods registry API public function let's call it as register this method we hit using post request type and also we pass form data now next I'll create log API so here login API public function and the method will be let's call it as login this method will hit using post request type and also in this path we'll pass email address and password inside form data to successfully two methods now created in the third method it will profile API so public function profile this method we hit using get request type and also while calling this API we need to pass authorization token value and that token value will be JWT now next we want for refresh token method means API public function and let's call it as refresh token this method also we hit using get request type and final one we need that is for logout API so public function let's call it as log out so this is all about full logout API this method will be accessible choosing get request type so in these methods two methods are open that is register and login it means that to access these methods we don't need any login there is no need of token but while calling profile API refresh token method logout method we need a JW token inside our authorizing header and also that token value will be a value token value so this is all done with API controller settings let's go to our checklist so this is all about we done with API controller settings now after controller settings then we see the steps of GWT installation inside this tab we need to follow few things to install GWT inside level so let's go to browser first I will go inside this blogging website online webtoblog.com inside this blog here we have an article which demonstrates all about restful apis development using lateral and JWT so let's open into a new tab and here is the article so I will scroll down so we can see step number one I will use this composer command to install GWT inside our setup so let's copy that command back to terminal we are inside our setup pasting that command composer require time one forward slash durability hyphen auth press enter in a while it will start the JWT installation into our setup now successfully as we can see that JWT installation now completed let's go to blogging website inside article so here we have step number two that is where to open app.php which will be inside config folder need to search providers and this is the line of code which we need to add inside providers array so let's copy this line I will copy let's go to our folder structure go inside config open up app.php and inside app.php find providers which is at the bottom of this file inside providers just add that line of code let's again back to article next we need to search for aliases and inside Elias's array we're to add these three lines of code it's a simple copy go here this is all about aliases and here I will add those three lines of code after step number two we need to follow step number three so in this step print to publish or file that is jwt.php this is the basic settings file of JWT let's copy this PHP Artisan command I will copy back terminal paste that command so this command is going to publish the JWT file means jwt.php file from this path to our config folder press enter now we can see that this file has been published from this folder to this folder this file is the basic settings file let's go to Editor to verify go inside config folder now we'll see a file called jwt.php This is the basic settings of JWT now let's move to article in the fourth step way to execute this command called PHP Artisan migrate after running this command we will migrate all the pending migrations and create table structure inside our database so let's copy that command back to terminal PHP Artisan migrate pressing enter now we can see that all tables means all migrations now completed if I go back to our database click on structure now we can see that these all the tables are created using migration back to article so step number four also completed let's go to step number five so in this step we're going to generate our JWT secret token value so let's copy that command PHP Artisan JWT Colon c grade back to terminal or before executing that command if I type PHP artisan now inside this command list if I go up then we can see here we have a command called JWT JWT column secret so this is the command V to execute to create a JWT auth secret key value so here let's clear terminal PHP audition JWT cologne regret and before running this command if I back to editor let's open Dot EnV file so for EnV to go add the project root dot EnV now in this dot Envy file we can see that we don't have any secret token value but once we execute this command it will generate a secret token value a secret key value and automatically it will add that key value inside this dot EnV file let's press enter heat generated let's go here now we can see that here we have our JWT secret key so successfully now we have completed one more step that is Step number five now let's go inside step number six so we need to open auth Dot PHP from config folder inside that file we need to search for guards and inside cards we need to add this API so let's go here and open author.php go inside config orthod.php search for guards here it is and inside this cards array we need to add this API let's copy that go here after this web I will put that code so this is all about API here we have driver equal to JWT and provider equal to users so successfully this is all about for stop number six now in Step number seven where to update our user model what is user model so user model is a by default model class which level provides to interact with the user stable so here and this file we can find inside models folder so scroll down so first let's open our user model so I will go inside app models and here we have chooser.php so first I will go and copy this JWT subject I will copy and put Hereafter has API tokens then I will copy this JWT subject implements code copy that go here so after this authentic cable next we need to add implements JWT subject go here in next scroll down there are two methods we to add at the bottom of user model class go inside user model class at the bottom right now we can see we have some error so let's define these two methods once we add then we can see that error removed so this is all about JWT settings and its installation what we have seen step by step so successfully once we follow all these steps like from Step 1 to step 7 so after successful completion now we have a middleware available with the name call auth Api so it means that whenever we create apis and we won't add some of the apis route will be protected so we can use auth API as a middleware because after installation of GWT and following all about the installation guide now this middle is available to protect our protected apis let's back to our checklist so successfully now we have seen all about JWT installation and its configuration and also we had seen all about model settings so we know that bioseness user model will create our apis to interact with users table so before using this model we need to load here inside this controller file so use user model so successfully now we have imported this model class file into a API controller class so let's go back to checklist also we have done the model settings now next we need to create our API routes back to editor so to create our API routes I will prefer api.php so where we can find api.php api.phine we can find inside routes folder now we can see api.php so here let's import first all about API controller class so use API controller now let's go here API routes so before creating API routes first we need to go inside controller class and we need to understand that which apis are open and which apis are protected so if we analyze all these methods then we may say that registration and login method are open it means we don't want any token or any login value but in these apis like profile refresh token Lookout API these are protected methods so here while declaring these methods inside our api.php we don't need any material concept but while Declaration of these routes inside api.php we use the concept of middleware to protect these methods from JWT token value so let's go here inside this api.php so route I will use post method to call our register method post register let's call it as API controller class and from that controller class we'll call register method so successfully this is all about four register method in the same way we need to create for login API means login method will call using post method login API controller class and from that class we'll call login method so these two methods are open so we don't need any middleware now next As We Know for profile API refresh token API logout API these methods are protected so what we can do here route and create a group here let's pass an array we need to pass a key here that is middleware and as we know that after installation of JWT we have a available middleware as auth API so it will be auth API and in the second value of this group method in the second value of this group method we need to define a callback function and inside this callback function we need to Define our protected API routes so first I will call our profile method so route I'll use get method by using get method we can call our profile API method so let's call it as profile I will call Api controller class and from that controller class I will call Profile method so in the same pattern we need to call let's say route get method here we have for the refresh token API controller class and from that controller class we'll call the phase token methods so just copy go here and put it here and finally route I will use get method to call logout API API controller API controller and from this class I will call logout method so successfully we can see that two API routes are open you don't need any token value but before calling all these routes all these apis we need a token value and that token value will generate from this login API let's go to our checklist so successfully now we also completed all about API route setup so finally now we need to start all about the creation of apis so first I will start with registration API let's go to editor API controller class here we have register method so as we know that inside register method we need values to create any user like name email so let's go to our database table click on users go to structure so we want values for name email and password it means these fields are required so also we need to actually add data validation inside this register method and one more thing before accessing those values from request parameter request form data we're going to use request object so I will go inside this request method and add here request it means to access form data from our apis I will use this request object so by the help of this request object also we can call validate method to provide data validation so request object will call validate method it's an array here so as we know that to create any user we need values for name email and password so here name email and password so here the validation rule is required I will copy put in front of email value and password and two more rules I need for this email that is any email value that we will pass should be a valid email address so email and also that once we pass in email address value that we registered so throughout the application inside users table email address should be a unique value so it will be unique and here we need to pass the table name called users so this rule says that the email value what we enter should be unique inside this users table so this is all about done with register method it means data validation so here I will add a single line comment that is data validation and one more rule I will add with this password and that will be confirmed so after that data validation let's use the concept of user model so here either we can create an object of user model to save our data into table or we can use the concept of model directly so I will use the concept of model directly so here user I'll use create method inside this area means inside this method I will pass an array and inside this array we need to pass a set of data so as we know that to create any user we need values for name email and password so here name email and password these are the keys like name email and password is coming from form data but these Keys like inside this create method these fields are of the table column names so here in this name value we'll get from request from this name form data in the same way let's go for email value while this request object email value and for password instead of saving a plain text value inside our database we want to convert a plain text value into a hashed value so here I will use the concept of hash make method so here it's a facade so hash I'll use make method and here I will pass the plain text value that is request and password so before using this hash go here and let's import that so use hash it will come from a facade folder and now we can see that this hash is coming from eliminate support for such and hash so simply I will import it here before using it and we are calling make method to convert oblain text value into hash format value so finally this is all about to data save and finally we need to prepare a response here so response equals to Let's return response Json method status equals to true and it's a message equals to user created successfully so successfully this is all about register method of this API controller class so I need to open Postman tool to actually do a quick unit testing so successfully I have opened Postman here so let's start development server first PHP partition serve press enter development server started I will copy this project URL copy link back to postman put it here so before calling our any apis from this api.php we to add API prefix it means to call register API login API or any of the API the URL will be project URL it means 127 0.0.1 8000 port forward slash API and forward slash our API route so if we want to call register API so here it will be project URL forward slash API forward slash register showing the same pattern we need to call other apis as well so let's go here so I need to add four slash API forward slash register let's go to headers where to select post request type headers I will pass accept way to pass the value application Json so this is our first header accept equals to application.json needs to go inside body select form data and in this form data I need to pass the name email and password so name email and password so let's pass values so I will pass my name email password from one to six so successfully now we are passing a validator to this API let's go back to code first save this api.php as well as go inside API controller class so here we have data validation data save method and this is our response and I think that here we have mistake that semicolon was missing so all looks good back to our Postman let's click on send button so here we have some error that is the password field confirmation does not match and this error is coming because inside our password field here we have a root called confirmed so once we add this confirmed rule it will start here we need to add one more key that is password underscore confirmation so let's add that password underscore confirmation and in this field she should be small so in this field we need to pass the same value what we have inside our password field so before passing all these values let's uncheck click on send button we can see that validation is working and also if we pass a invalid email value click on send button then we can see that email field must contain a valid email address so everything is working here let's pass the valid data to this registry API method click on send button user created let's go back to our table click on browse now we can see that inside our users table we have created now first user and saved inside that let's quickly create one more user I will use the same email address let's press send button now we can see the email has already been taken and this is because that we have added a rule called unique let's change here so after updating the email value let's click on send button choose a created so this is all about our user register API so successfully this is now also completed now we'll create login API and this API is very important because by the help of this API we generate a JWT token value after generation of that token then we'll use to protect our apis like profile refresh token and logout so let's go back to editor go inside API controller class I will work for this login method so same this method will hit using post request type and also we pass form data to get access over form data we need to use request object so here request let's create an object of that so first I will start with data validation so inside login method we need to pass email address and password so once we pass data validation then we'll use the concept of JWT auth and attempt method so by combining JWT auth and its static method called attempt will generate a valid token value so here it will be JWT auth and attempt method then finally after generation of token value then we'll prepare our response so let's first start with data validation request of that will call validate method pass the error here so email and password these two Fields will come inside of form data so we want that these fields should be required let's copy the rule go inside password paste it here and also we need one more rule for this email address status email so successfully this is all about validation now let's go here it means we pass validation we don't have any error so now next I will use the concept of JWT auth and a static method of heat that is attempt inside this attempt method we need to pass a set of data inside an array that is email address and password so automatically this method will validate user data that the combination of email address and password exists inside our table if it exists then automatically it will return a JW token value otherwise a null value will be returned so before using this JWT auth go here and let's import first so use JWT auth if I scroll down so we can see here Diamond JWT Earth facets and JWT auth or so let's go here inside the login method token equals to JWT auth and I will call attempt method and inside this atom method we need to pass an array here email and password inside this email we need to pass the email value from request that is email and here request and password so all we have done with this attempt method now once token will be generated let's go here and prepare response here so return response Json personally here Alice status equals to true message choose a logged in successfully and I will add one more key with the name called token and inside this we need to pass our token value and before that what we can do here first I will check that if it is not empty it means we have some value otherwise in case of failed response we'll have the null value so this is all about when we have the value so go inside if log pasting it here now in case of failed response return response Json and here it's a status equals to false message equals to invalid details or we may call it as invite login details pass a semicolon here so successfully this is all about the logic of login method and here we have one more request guys please subscribe to our YouTube channel so that we can create such stuff of interesting and amazing videos to after creation of login API method let's do our quick unit testing back to postman I will copy this project URL I will open into a new tab pasting it here now instead of calling register I will call login I'm going to select post request type then I need to go inside headers accept application Json go inside body go inside body select form data and inside body mean to pass email address and password so here email and password so inside email let's pass the email value what we have registered so I will copy this one put it here and password is from 1 to 6 but before passing these values let's uncheck that click on send button validation is working fine let's pass these two values click on send button now we can see that status equals to True user logged in successfully and this is our newly created JWT token value but in some cases let's do uh some mistake here this is invalid email value click on send button now we can see invaried login details so successfully now we have created one more API to generate a token value via login API back to our checklist so successfully now we have completed one more API that is login API next after login API now I'm going to work over profile API refers to open API and logout API these apis are protected apis it means before calling all these API is way to pass this token value inside authorization header so let's go here first inside API controller class now I will work on this profile API so once we pass authorization token value inside header so once the token value will be validated using auth API middleware let's go to api.php so once we call this API call profile and pass authorization token value so before hitting this method first this middleware will work it will validate that what the token value we have passed inside header is valid or not if it is valid that it will go inside this profile method and side profile method we have auth helper function which is a lateral helper function provided to get all about user profile information so as simple as that we need to go inside profile method and here it's a user data we'll use the concept of auth helper function or type a function and call user method so here is return response [Music] Json let's say status equals to true message profile data and here let's say user equals to user data so successfully after getting user data now we have prepared a response and returning into a Json format save all these changes keep in mind this API we can hit once we use and pass or authorization token value let's go back to postman copy this login API file open a new tab so in place of login let's call it as profile this API will hit using get request type so go inside headers it's accept application Json and in this headers I will pass one more header with the name called authorization so here authorization inside this authorization we need to pass the value and that value will be a valid token so here this is the token what we have generated so let's copy go here inside this profile API URL authorization BMR space for that token value and before clicking on the send button let's uncheck that click on send here now we can see unauthenticated it means to call this API URL we need we must need a valid token value I will go and check here and let's do a mistake here let's remove this e which seems that it is the invalid token click on send button again we are getting unauthenticated let's add e here this time we are passing authorization header as well as a valid token click on send button now we can see that status equals to True message equals to profile data and here we have all about the profile information so this is all about the completion of profile API next we'll work on this refresh token API so what is the use of that so as we know that by using this login API here we have generated a token value but it's at some cases we need a new token value we don't need this old token value so by using the concept of refresh token it means automatically it will generate a new token value and also it destroys the old value let's see in action back to editor go inside API controller class go inside this refresh token method to hear new token equals to this method is also protected it means V to pass authorization token value inside header so new token equals to auth helper function and I will call refresh method once we call this method it will generate a new token value with this same pattern but the existing token value it means this is the existing One automatically gets deleted so here return response Json status equals to true message let's say access token generated or we can see new access token generated and here it's token equals to new token value so successfully this is all about our response with the new token value let's call this refresh API so here we need to call and also we need to pass our authorization token value back to postman I will copy this profile API URL we had to hit our refs API using get request so select get here go inside headers accept application Json [Music] inside header I need to pass the token value so this is our old value it means existing token value so I will copy go here I will add one more header with the name called authorization and inside authorization let's pass here called Bearer space token value so once we click and also we need to change here so let's copy refresh in place of profile and put it here so once we click on send button it will go and generate a new token value and also destroy the existing token value click on send button new token now generated but this is the same token we are using inside this profile API let's use click on send button now we can see unauthenticated it means the new token value not deleted the existing token value so if I copy the new token let's go inside our profile API Bearer space token click on start button now we can see the same profile information so successfully now we have completed one more API that is refresh token API now final one we'll see all about the concept of logout API so let's go back to editor now we'll use the concept of last method of this API controller class that is logout so here also we'll use the concept of auth helper function and called logout method so automatically once we go load method it will destroy all the tokens what we have generated here so return response Json status equals to 2 message equals to user logged out successfully save these changes go here let's copy refresh token API while open a new tab pasting it here select get request type instead of calling refresh I will call logout let's go inside headers I will pass accept here application Json and inside header I need to pass so this is the new giant token value so let's copy from this refresh API copy this token value go here inside this logout so authorization Builder space token value click on send button now we can see user logged out it means the new token value what we have generated also destroyed using this logout API now the same token value we have used inside this profile API click on send button now you can see unauthenticated so this is all about the concept of registration API login API to file API refresh token API and log out API so this is the complete course where we have used the concept of JWT authentication and level version 10 to create restful web apis so this is all about the com concept of creating apis with the very basic concept of a JWT and level so I think that this course was really amazing from that we get all the concepts to create apis using level and cheerability authentication so please share this video as much as you can like this video subscribe to YouTube channel and do comment that is a positive response so for this video session guys thank you for watching and have a great day

Info

Channel: Online Web Tutor

Views: 4,899

Rating: undefined out of 5

Keywords: Laravel 10 APIs Development, Laravel 10 RESTful APIs Development, Laravel APIs Development with JWT, Laravel REST APIs development using JSON Web Token, Step-by-Step Laravel 10 APIs Development Tutorial, RESTful APIs Development Using Laravel 10 and JWT, What is JWT in Laravel, How To Create APIs in Laravel with JWT Authentication, What is Laravel JWT Authentication, Online Web Tutor

Id: B22TQawAYYM

Channel Id: undefined

Length: 45min 8sec (2708 seconds)

Published: Tue Sep 19 2023