Laravel 8 REST API With Sanctum Authentication

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] hey what's going on guys so in this video we're going to be creating a restful api with authentication using laravel 8 and laravel sanctum for access tokens so basically we're going to have a crud api we're going to be able to create read update delete and search products and then we're going to implement authentication towards the end so that we can basically log in you know send a request to a login route get an access token and then use that access token to access protected routes such as being able to create a product update delete a product all right so even if you don't have much experience with laravel that's fine i'm going to explain things as we go talk about you know routes controllers models artisan and all the basics of laravel alright so let's get started here so this is the laravel sanctum documentation we're going to come back to this a little later authentication will be the last thing we do i am using postman to work with the api to send requests so you can use that or you can use insomnia or some other tool that you like for http requests and then of course you need php installed so get that installed on your system as well as composer which is the package manager or dependency manager for php that's how we're going to set up our laravel site and then as far as the database you can use whatever you want i'm going to be using sqlite in this video just because it's easy to set up and it doesn't require any of you guys to install mysql or postgres and i have this sqlite browser tool on my system so i can see what's in my sqlite databases but you don't need to install this all right so i'm going to open up my terminal and like i said you need to have composer installed so let's say composer and then create dash project and this is a laravel project so we want to say laravel slash laravel and then whatever we want to call this folder that we're going to create which i'm going to call laravel sanctum dash api and that should just generate a new project for us and let's go ahead and once that's done we'll cd into that folder and i'm going to open up vs code in that folder okay so now you can see i have all the folders and files on the side here now before i do anything in bs code i'm going to run the the server so basically uh laravel comes with a really handy cli called artisan and it allows you to you know create controllers models migrations you can prototype things really quickly it also has a dev server so if we run php artisan and then serve that should start our application on localhost 8000. so if we were to go to a browser now and go to http localhost let's go to localhost port 8000 and you should see just the laravel landing page here now we're not building a web app with views we're building an api so we're not really going to be working in the browser we're going to be working with postman so let's get let's get back into vs code here and first thing we'll do is just set up our database so if we go to our dot env file here you can see all the different environment variables right here db connection the default is mysql and if you want to use mysql that's that's actually absolutely fine just make sure that you have the correct information here i'm going to go ahead and use sqlite so let's say sqlite and we should be able to just get rid of these three lines here and save now we do need to create the database file so inside this folder called database we'll create a file called database dot sqlite and that should be all we need to do to get set up and we should be able to you know work with that database and like i said if you want to use postgres or you know mysql or sql server that's fine so now let's open up the routes folder and there's there's a web.php this is basically for your web app if you were using views if you were using for instance the the blade template engine um you can see this is a get request to the index page and it returns that welcome view that's actually what we saw in the browser now we're not dealing with views we're building an api our view would be some kind of front end like like a react front end or a mobile app or something like that so we're using this routes api dot php file so in here if we want we can create a route by saying route and then colon colon whatever the the method in this case a get so http method of get and let's say slash products now since we're in the api.php file this route is actually api slash products and then we can have a function and uh let's put semicolons i'm probably going to forget semicolons here and there because i don't use them in javascript anymore but what we can do in this function let's just return we'll just return a string and say just products so now if i go to postman i should be able to make a request a get request to i actually have it right here so localhost 8000 api products get requests and you can see i get a 200 response and i get my product string all right so that's how we can create routes now ultimately we're not going to want to have our you know our logic in here we're going to have controllers for that or a controller but for now we're just kind of messing with things i'm just trying to you know show you step by step so as far as mvc goes which is the model view control controller design pattern that laravel uses you have models i know a lot of you guys know this but you have models for your data dealing with your database you have controllers which will take in requests and send out responses and call the model when when you want to work with data and then you have the view which is the user interface which in this case we don't have the view would be something else you know react or view or and i might even do a video where we add a front end to this but right now we're just dealing with an api so first thing i want to do here is or the next thing i want to do is create a model for our products because we're going to want a table in our database called products with you know an id a name whatever we want to add so we can use artisan for that so let's say php artisan and we want to make colon model and i'm going to call this product and then i'm going to add dash dash migration because i want to create a migration file and in that file we'll have all the different columns or fields that we want this isn't going to actually create the call the database table yet it's just going to create the migration file and the model so you can see model created successfully also created migration so if you look over here the app folder there's a models folder with a product dot php so that's our product model so we don't need to do anything with that right now but let's go into database and go into migrations and you can see that there's actually some other migrations too so there's a create users table password reset this is just stuff that comes by default with laravel this one is the one we just created the create products table so a migration has it's a class with two methods up and down basically up is what's going to run when you run the migration in this case it's going to create a products table it's going to create an id and some time stamps and down so if we were to roll back or reverse the migration it would just drop the products table now i want to change this because obviously we don't just want an id and time stamps that's that would be kind of weird we want at least like a name so let's say table and we'll make this a string so table string we'll call this name and then let's copy that down a couple times and let's do so we'll have a name let's do a description and we'll make the description nullable so it's not it's optional and then let's do a price and the price will make that let's say decimal and the the documentation will have you know all the different types and i'm just going to add 5 2 here so we're going to have two decimal places and i think that's let's just keep it simple for now we'll just do actually we'll add a slug so a slug just a url friendly version of of the of the name so let's save that and our migrations are ready to run so we actually want to run all of these even the ones that laravel included by default so let's just clear this up and we can run php artisan and then we want to do just migrate all right so you can see here looks like it was successful if you do see any error messages here it's probably because you you put the wrong password for your database or you know screwed something up in the in the migration so just make just look at the error message if you have any issues now we should have those tables in our database i'm going to go ahead and open up my little sqlite tool here this db browser and just open up my database so i can just go ahead and navigate to it so i believe it's in dev laravel database right here database sqlite and you can see we have a bunch of tables we have a users table migrations these are stuff that this stuff comes with laravel the products is the one we just created and i apologize i don't know how to make this bigger so you can see it but we have products with an id field a name slug description price created at updated at all right so we know that that was created now to add something to it let's create a route here so we'll make this a post request and let's make it to slash products and let's have a function and in here let's uh let's go ahead and return now actually before we do this let's put that on hold i just want to bring the model in first so up here we can say use app and it's going to be backslash models backslash and then whatever we called the model in this case product and then we can use that so for instance in this get request let's return let's say return from our model and our model has a whole bunch of methods on it let's call all which will actually just obviously get all of the products all right so we'll save that and now if i make a get request to the same one we made before to api products i'll just get an empty array obviously you know we don't have anything in there but we got a 200 response which is good now to create a product let's go into this post request and let's return from here product and let's say create and then inside create we should be able to add an array we'll add some brackets and let's say name so name we're going to set that to product one and yeah and then we'll do what else do we have a slug slug and we'll set that to just like product dash one and then a description so description i'll just say this is product one and then what else do we have a price so price we'll set that to i don't know 99.99 and save now if i try to make a post request i'm going to open up a new tab here in postman make a post request to this same url same endpoint and i should get i'm going to get this error that says add name to fillable property to allow mass assignment so basically i can't add a name i can't add any fields unless i specify that in my model so if we go into app models product.php what we have to do is add a fillable or let's say protected so protected property of fillable and that's just an array of strings of fields that we can add like the name the slug what else description and whoops and the price so we want to add those as fillable fields and there's other stuff you can put in here like you can do protected table so if your table isn't called products you could specify maybe you called it my underscore products or something like that um so you can specify you know things like that and it's all in the documentation but now that i've added that in the model we should be able to then make this request and you can see we get back the new product and if i go over to my get request and send i should have one in there and even if we look in our database here i should be able to see products browse table and you can see this it's really small but it says product one so we have all of our fields in our database and if you want to use if you're using postgres you can use pgadmin or phpmyadmin whatever and check your database alright so now we obviously don't want to keep doing this we want to have a controller where we take in a request and we take the data in instead of just hard coding it so let's um let's generate a controller so let's go down here and say php artisan make colon controller and we're going to call this product controller now i could just run this and it would create the file in the class but i wanted to create a set of methods that are basically just crud methods create read update and delete so we can add dash dash api and it should add those for us it won't add the actual functionality but it'll add the methods so if we now go into let's see we can close that so if we go into app http controllers you'll see a product controller and here's the first method index this displays a listing of the resource there's nothing in it well we're going to add that ourself but it created basically like a shell for us store is for creating show is for getting one resource or one product in our case update and destroy we're also going to add a search so let's start off here by bringing our model in just like we brought here in fact we don't need this in our route anymore so i'm just going to cut that out and bring it into our controller and then just exactly what we did here in this this route where we said return you know product all i'm going to cut that as well and put that right in the index because that's what we want to happen here okay so we'll save that now in order to you know hook this index method up to the route we can simply instead of doing function we can put in some brackets and we need to bring in our controller now so up here let's say use and it's going to be app slash http slash controllers slash and then product controller like that and then we should be able to go here and say product controller colon colon class and then the second value here is going to be the method which in our case is going to be index all right so let's comment this post out for a second and again this is just going to map this route to this method in this controller so let's save that and let's see what's this so i forgot to wrap that alright so this should do the same thing if we go back to postman and send we should still we're now getting our products just like we were before except it's happening in the controller we're not you know fetching it right from the route which is what we want now for the for the post request for the store or the create right here we're gonna see we can actually uh wait a minute what am i doing let's just take let's uncomment this for a second i'm going to grab that and put that in here because we're going to be doing a create except we don't want to hard code this stuff in here what we can do is get it from the request which is actually passed in okay so when we send the request and we add body data it's going to come in through here so we should be able to add in request create and then request all like that because we're gonna send anything that anything that's allowed that we send should get put in here and created so let's save that let's go back to our routes here and let's get rid of this function and pass in some brackets and we're going to do the same thing and say product controller class and then the method that we're using which is going to be store okay so we'll save that and just double check that i think yeah that should be good so let's go back into postman and to our post request now if i just send as is we get this weird error um because we're not we don't have our fields they're required and i'm going to show you how to give how to do a much better um response than this and when you send it when you do a post request or a put or anything like that you're going to want to put in your headers when you're using laravel the accept key and then for the value here is going to be application application json all right now in the body let's go ahead and add let's see uh at this xww form url encoded you could also do raw json but this is easier so let's do a name and we'll say product one and what else do we have a slug let's say product dash actually this would be product two not one so let's do two and then we have what else a description which will say this is product 2 and then finally a price and we'll say 299 99 okay so if i go ahead and send you'll see i'll get back the new product and if i go back to my get request here and send i should have two products total now for the validation like let's say we don't send this data so we get this ugly message which you obviously don't want to show this you know in production so what we can do is go back to our store method here and we should be able to just say request validation and then here we can pass in an array of you know what we want to validate so let's say we want the name to be required and you can do other types of validation as well name required let's say slug is going to be required and price is going to be required all right so just doing that it should give us a better message so let's go back here and send validation doesn't exist did i do did i do oh it's i'm sorry it's validate not validation makes more sense anyway so validate let's send and now we get back a nice formatted message you know the given data was invalid we have each error for each field so we definitely want to do that and if you don't have that accept key right here let me just take that off and send you get you get back just the laravel landing page and i'm not sure why but we have to we have to add that so make sure you have that accept all right now next we have the just getting the single resource so for that we're going to return we're going to take our product model and we're going to find and see how the ids passed in to the show method we could just find by the id so pretty simple we can just use this right here and just say get product slash 2 and that didn't work and that's because i didn't create the route now i just want to show you instead of if you just have a basic crud application with just these methods you can actually use a resource instead of putting you know all these single routes later on we're going to need these because we need to kind of separate them out for authentication but for now let's just comment this out and ignore it and i'm going to say route colon colon resource and in here we can say products so products is our resource and then we should be able to just put in here our product controller class like that and i believe that now it'll give us all of our routes in fact we can check our routes down here so if we do and we can say php artisan route co we should be able to do route colon list and now you can see all the different routes we have so we have a get request to api products that will call the index method post requests we'll call store we have a get request to products slash and then the product or id that'll call show and so on so if you just have a basic crud api you can just use this instead of doing all your separate routes so now that should work if we go back and we say api products 2 now we get product 2. all right cool so next thing let's do let's do our update so if we go to our controller and go to update now i want to first of all get the product and then update it and then return it so let's say product and let's set that to product find and we want to find by the id right so that will get it now we can take that product and we can update that to we want to pass in our request and we want to pass in or we want to call all so that will update it then we just want to return it so we'll return the product so now i should be able to go and do a put request so i'll open up a new tab i'm going to let's see um actually you know what let's duplicate the post so we'll duplicate that so that we have this in the body and i'm just going to update the price to let's say 199 for a product two so in the in the here we have to use a put request and it's going to be product slash 2 because that's what we want to update and we're updating the price so let's send that and now you can see the price is now 199. if i go back here to my get request and i send my price is 199. all right so the update is done now we just want to do the delete or the destroy um so for the destroy that's going to be pretty simple we're just going to do product colon colon destroy and pass in the id and that should do it uh actually let's return i think it returns a one if it's deleted or zero if it's not but let's try that out so i'm actually going to create another product just to delete so in my post request here let's open these up and we'll just call this we'll just change the name here to test and send so that's test it has the id of three if i go to my get request you'll see actually want to get all of our products so you'll see three tests now i'm gonna go over to [Music] uh i'll just yeah we'll just do the update we'll change this to delete and we're gonna delete three and send we get back a 200 response we get a one back and if i go back to the get request and send you'll see now there's only one and two so product three has been deleted all right so we have a a crud api now create read update and delete i do want to just add a search uh a search method here so let's just copy this whole thing this delete or destroy and let's say this will search for for a name and it's going to have a param of name which is going to be a string it's going to return a response and then let's change destroy to search and instead of an id it's going to take in a name and then instead of destroy we're going to say where so we're able to do this where and then get and you can put in a condition here like where the name is equal to the name now this if we do it like this it's going to have to match exact which i don't want because you might type in part of a product name and you still want to get that back so we're going to have to use a like query here so we just pass in a second second argument of like and then here we have to concatenate on we're going to use the percent like that and then concatenate name basically what we're saying is if it starts with whatever name is and then also it can end with it as well so it can be anywhere within it all right so let's save that now we do need to create that route that's not included in the resources so what i'll do is just paste this in and let's say this is for the search method and this is for product slash search slash and then we want to pass in a name so let's save that and let's go back to postman now both of our products are called product one and product two so let's create a new one and we'll call it uh let's call it iphone 12. and we'll change the slug to iphone 12 and change this change the price that's way too low so let's send that all right so now we have an iphone 12 field and what i want to do is search for that so i'm going to go back to the first tab here and you can see that that's in here it's id4 and i should be able to make a get request to slash search slash and then i can type in anything here like let's just do iph and send and you'll see i get back my results with which has the iphone 12. if i do let's say search uh pro and send i should get product one and product two because that matches the name all right so now we can search but let's just put this back to products good so i think that i think now we're ready to do the authentication with with sanctum so let's head over to the documentation and there's a few things we need to do so first of all we need to install it with composer and then we need to need to publish this sanctum configuration and migration files and then migrate all right so let's um let's install it first so i'm gonna just i'm gonna close everything out right now and just open up my console here and let's say composer require laravel slash sanctum so that should install the package if you look in your composer.json you should see that right here then what we want to do is the migration so i'm going to grab that from the documentation right here let's just grab that paste that in so that should have created the migration let's check it out so if we go in database migrations and just make this a little bigger so this right here create personal access tokens this is the migration that was created so basically it's going to create a new table and a database called personal access tokens and it will have all these fields now we have to obviously migrate so let's say php artisan migrate and that should add it to the database in fact we can check it out right here uh let's see i have to reload this you can see our products personal access tokens so there is a table now obviously there's no tokens but there is a table for it now okay now let's see let's go back to the docs now we need to add this this right here if you plan to authenticate a single page application you should add sanctum's middleware so we are going to do that and this is going to be in the kernel.php file so i'm going to grab this and go into my app folder so it's app http kernel.php and you want to go down to where you have your middleware groups in this api and i'm just going to replace that so basically just added this to it and we'll save that and we should be all set i think we're all set to start creating like our register and stuff overriding default models oh we do have to add a couple lines to the um to the user model where is it yeah right here so this line use laravel sanctum has api tokens we just want to put that in our user model and then add it here so let's go to uh our user model which is right here and we're going to just add that line and then we're going to add right here has has api tokens and then i think we should be good let's just see what else we got here token abilities yeah so we can create the token i'm going to create my own register and log in and log out okay so to protect the routes we do this route middleware but should we do that now let's see yeah i guess i guess we can do that now so this right here i'm going to grab that and let's go to our routes file our routes api and we i'm going to paste this in so basically we should be able to protect um i don't we don't need the request let's just get rid of that and get rid of this and let's say we wanted to protect the search route right here so we could take that i'm not going to actually keep this protected but i'll just copy it and comment it out and put it in here and now it should be protected so if i save that and now i try to go make a search so remember search and i'll just say slash test and i get not found hmm so route middleware oh wait this isn't what we want you know what i don't think this is right because this is just for slash user um you know what we're going to do is get rid of this and use a group so let's say route group and inside here we're going to pass in some brackets with middleware is that what i did yeah middleware and then some brackets and then in here we want to do off colon sanctum and then we have our function yeah wait that's not right what did i mess up here group that shouldn't be there all right let's try that so if we go back and i try to do a search and i'm to get this weird error just because i i didn't send the accept header so we want to say accept and we want that to be application json send and there we go so i get a message that says unauthenticated so that's how we can protect our routes is basically just put them in here so let's say protected routes and then up here let's say public routes so we'll do that now we have these reso i'm going to get rid of the search because that's not protected that's a public route but we have these resources here the resource routes so we're going to have to break these up a little bit so i'm going to comment that out and i guess i'll just put that up here so you guys have it but here we want to just we want to basically break those all up we already have the index and store ones here now the index is public so we'll take that and put that up with the public routes uncomment it the store we're going to put that in pro in the protected routes okay because that's our post request only authenticated users should be able to do that okay and then what else do we have we have our show so we can copy this down this is going to be our show it's going to be product slash and then whatever the id uh what else do we have we have our update and delete which are going to be protected i know we don't have our login or register or anything yet but i'm just adding the routes and protecting them so this is going to be a put so put request to products id and that's going to call the update like that and then we have our delete or destroy so destroy is going to get called when we call a delete request so delete request to product slash id yeah so that looks good so all of these are protected you need a token to be able to do these and these aren't so if i go back and i try to create a new post right here let's say i don't know test product test product this is a test now if i try to send this i get unauthenticated if i go to my get request i should be able to do that because that's a that's a public route so send and i can get all my products i just can't add one all right so now let's start to do the authentication now we're going to need a new controller for this so let's create a new controller we'll say php artisan make controller and we want to make a controller called auth or you can call it user controller whatever and that's it we're not going to like generate api methods or anything and then let's go into our new controller so app http controllers auth controller and we're going to create a public let's say public function register and this will take in let's say request and then a request variable now i do need to bring a couple things in here one is going to be the user model so we'll say use app models models user and then i'm also going to bring in response so i can create a custom response and then also we need to hash passwords so we're going to use bcrypt which comes from i think it's illuminate and then support facades hash and we should be able to use bcrypt all right so in here let's get the the the body from the response and and validate it uh and put it into a variable called fields so we'll say fields set that to request and then validate and here we'll pass in some brackets let's say name so the user will have a name and that name is going to be required and it's going to be a string and then let's do an email so email will be uh required string and also it should be unique so let's say unique but we need to specify it's unique to the users table and the email field and then what else password so the password is going to be required string and let's say confirmed and what that'll do is it'll make it so you have to send a password underscore confirm a confirmation field as well so now let's create the user so we'll say user equals the user model create and then pass in here we wanted some brackets and then for the name that's going to equal or that's going to be the fields so fields name so whatever is passed in and then the email is going to be the fields email and then we have the password now the password has to be hashed so here we're going to call bcrypt and then pass in fields password like that all right so that'll create the user now uh let's see let's just take a look at this so to create our token let's say token and set that and now on user we should have this create token which takes in like a key or just this could be anything let's say my app token and then we want to get the plain text token so that should give us the token now as far as the response let's set a variable called response and we're going to set that to have the user so the user information in it which is going to be the fields no not the fields user the user from the database so just user and then the token so the token is going to be just that token variable that was created yeah so that's our response now that just puts it in a variable we want to return response and pass in our response variable and let's make it a 201 which is just you know so everything's successful and something was created so i think that's that's correct so we have to create a route for this so i'm just going to grab it's going to be a post request so i'll just grab this and it's going to be public obviously because it's a register and it's going to call the register method in the in the auth controller so we want to change this from product controller to auth controller and set this to post slash register now we do have to bring the auth controller in so up here let's copy this down and set this to auth controller so we'll save that let's go into postman and we'll make a post request to http let's see i think i have it down here so it's just api slash register not auth register and in the headers we want to add an accept and we want to accept application json now if i send without any body data i'm going to get this error here the given what's it say the get my coffee's away the given data was invalid we have each error for each field so let's go ahead and add our fields so we want to register with a name i'll just say brad and then for email i'll use brad at gmail.com and then password let's say one two three four five six now if i try to send this it's still going to give me an error because i need a password confirmation so password underscore confirmation and now if i send that you can see i get back the user with my user info here and my token okay so this token i should be able to use to access protected routes such as the the add a new product so what i'll do is copy this and go to my post here remember without a token if i send i get on unauthenticated so if i go to authorization and choose bearer token there's already a token in there let's paste this one in and send and i was able to create that test product all right so uh if i if this token is wrong like if i put a 1 on it and i send it's going to be unauthenticated so i need to use this particular token now when you log out you want to delete the token because they do get stored in the database so let's create a log out function real quick which should be pretty easy so let's say public public function log out and let's say request variable request and to log out we just do this auth so we can do auth user and tokens so we can get all the use any user token that that particular user has and we can then delete those tokens and then as far as a response let's just return we'll just return um i don't know message so whoops message let's say you can say like token destroyed we'll just we'll just say logged out all right so we'll try that so i'm gonna remember we have this token here now the log out i keep forgetting to forget to create the routes log out is going to be authenticated right or protected because we only want to access it if we're authenticated so let's do route post log out auth controller and call logo all right now if i go back here i'm going to just open up a new tab and actually i'll use the one i registered no yeah i'll use this one i guess we'll just uncheck these and we don't have an authorization token in there in the in the authorization right now so let's just try it api slash logout it should give me unauthenticated now if i go to my authorization and i put in bearer token and i put in my token that's not it i just grab i think this was it all right so if i put my token in here okay that was the same one but let's go ahead and send and now i'm logged out so with that token i shouldn't be able to now create a new product because i'm logged out that token no longer exists so even with the token in here if i try to send this this new product it's unauthenticated okay so we're able to register we're able to log or i'm sorry we're able to yeah register and log out now we want to log in so let's let's actually copy the whole register here because a lot of it is similar and let's paste it right underneath and change this to login and let's see so to log in we have our fields we don't need the name we just need the email and password now we're not creating a user here we first want to do a check on the email so we'll just say check email and let's say user equals and user colon colon will say where i do need a little help from my cheat sheet here so we'll say where the email is equal to fields email and we want to do this first even though it's unique and there shouldn't be more than one of the same email we just want to get the first one so that will check the email let's just push this over a little bit all right so that'll check the email now for the password let's say check password and this is going to be inside of an if statement so first we want to check if no user because if there's no if there's no match here if there's no email match this user won't exist we also want to check for a wrong password so let's say if not and we're going to run this through hash because obviously the i'm sorry hash check because the password in the database is hashed and let's say the fields the fields password so whatever the user tries to type in we want to match that against the user from the database password and that will give us you know if this is not true and this is not true that means it's a bad login so in this case let's return let's say return a response you don't have to use this response it just formats it nicely but we'll just pass this in here and let's put a message and say we'll just say bad bad creds and then let's add a 401 which is an unauthorized status whoops all right so if the password if the email match is here the user will get put here if it doesn't match the password we're gonna get a response and then if both of these pass it's going to keep going it's going to create the token and the same responses as when we registered all right so let's try to log in now with the brad at gmail or whatever you used so i'm going to go back to let's see this is the log out i'm going to change this to log in and again i forgot the route so this is going to be a public route so just copy down register login this is going to call log in and let's see so we have login get rid of this token here that's no good anyway get rid of that we don't need anything here and then body let's add email password so i'm going to try with the wrong password first remember i'm making a post request to log in and i get email has been taken wait a minute that we shouldn't get that oh you know why because i have um unique right here so we we don't want this and we don't want uh confirmed either because remember this is login this is not registration so just that should be fine all right so let's try that again undefined constant user uh define constant user so right here i forgot my dollar sign all right last time this should work sorry about that all right it's all falling apart towards the end so i get bad creds good and i get i should have a 401 unauthorized now if i change the password to be correct i should get the correct response which is the user which is the token i can then use that token to do things like let's say delete a product right here delete product three if i send it without the token i get unauthenticated but if i put in the bearer token pass that in and send that should have deleted it so i don't get that unauthenticated actually i might have already deleted that one so let's see id3 should not be there it's not all right so that should do it we basically have a crud api create read update delete we can search we have token authentication so you can log in get a token or register and get a token and then use that to access any protected routes that are in here okay so anything you want to protect you just simply put the route inside of here and then you log out and that'll trash the token so that it can't be used anymore so you know this video i'm not sure how long it is probably about an hour or so but we did a lot in that amount of time so laravel is pretty powerful you can do things pretty quickly um but hopefully you guys enjoyed this and hopefully it was clear i know it was a little hectic towards the end or maybe it wasn't maybe i'm just thinking that but but that's it guys thanks for watching i appreciate it and i'll see you next time

Info

Channel: Traversy Media

Views: 175,782

Rating: 4.9677939 out of 5

Keywords: Laravel, Laravel 8, Laravel REST API, REST API, Laravel Authentication, Laravel Sanctum, Laravel JWT

Id: MT-GJQIY3EU

Channel Id: undefined

Length: 54min 13sec (3253 seconds)

Published: Wed Mar 31 2021