Laravel Sanctum - API TOKEN AUTHENTICATION - [Latest 2021] #laravel

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hi guys welcome to codepatcher and in this video i will discuss laravel sanctum so laravel sanctum provides the authentication system to our application so it uses two type authentication system one is token based and second one second one is the cookie based so in this video we will discuss only uh that and we will focus only the token based authentication system okay so let's start it and first of all we will install uh we will install it okay so uh if if you see uh it says that in recent versions laravel actually started to include this package by default and if you don't have this package by checking the composer.json file then you can install it using the composer required laravel sanctum so in our case i have freshly installed this setup and it it includes it by default and 2.11 version okay so we don't need to install it so let's move to the second step so in the second step it says that using the vendor to vendor publish it generates the migrate file for the sanctum tokens okay so in this migrate file migration file it create the table so it can store all the tokens for the user so let's paste it here the command line and just press enter and uh migration my create migration copy to the database migrations so if you check it here let's refresh it the migration this one is created by the laravel center okay the table name is the personal access token which will store all the tokens generated by laravel sanctum okay so uh let's migrate it so php artisan migrate okay and generate and just press enter so it migrated all the table okay and let's check it out it's using our database laravel and let's refresh it so because we can see the tables so uh you can see here the personal access open and users table along with some other tables so initially it is it is empty obviously and if you check the user table it is also empty so okay so the next step will be to create a controller but before that i want to show you one more thing that laravel sanctum provides one trait that has a function to create a token okay so that trait uh it it is has api token state and that rate if we open it has a several function it has a tokens token can so we can generate the token based on our actions also different actions okay we will talk about later for this on this and we have also create token methods so using this method we will create a token okay and also some other functions like a current access token and with access token so current access token using the current access token we can fetch the current token for the user and with access token we can set the token to the user okay so this is the this needs to be implemented or used by user model user model and it is already does so we don't need to don't need to do anything here okay so let's create our controller using the php artisan command make controller okay let's say auth controller press enter so controller is created successfully and if you see in app http controller folder we can see our controller file is created okay so in this file we will create some methods some method or you can say very precisely two methods one for the register and second one for the login so freshly user can register using this function using the register method and if user once the user is created then if it comes later then he can log in and generate the token and use that use you and can use your application okay so actually i have already created this function somewhere to save the time i'm just only paste it but we will go through what is happening here so let's switch off this command and let's start with the register function so i'm not doing any fancy thing any fancy thing here i just validated the incoming data name email and password here okay and then if it is validated this if this data is valid validated then i create the user from them okay and then i use the create token method from the trade okay which is implemented by user our user model okay using the odd token okay our token is a field it's a token name okay and the plain text token is attribute so actually laravel sanctum i stored the token in a sha format okay sha-256 format but we show the user to the in we have to show the user in different plain text format so we use the plain text token here attribute here and then stored in the token variable and return to the user and in the json format in access token attribute we return the token which which are which we have created and the token type bearer that token type will be bearer and we need to send that token as a video type in the header and our request to access any resource that uses the laravel center also in the login we just validate the user the validate the input data we are taking the email and password to fields okay and using the auth facade here and it's a time method to login it and if it is if login credential is uh are valid then we will we move to the next line and fetch the user details okay so here uh i just want one token at a time for any user so i delete the all the other tokens for that users okay and then i create the freshly new token here and return it to the user savior okay so these are the two simple function okay so we have to also include some file layer for the user model you have to include okay and second one with the hash because we are hashing the password here okay here and third one will be the auth facade we are using here that's it we are good to go now okay so that is uh our auth controller controller okay and next thing next and the next thing we need to add some roots so that we can access our register and login function through that root so let's move to the root folder and let's open the api.php okay so let's add it here root post register okay and we need to give our controller class and it's method name okay like this and same we need to create for the login like this okay we need to prefix with the slash it okay and we are good to go so we can access the rest of uh action using the register uh uri here okay and with the login you're right we can access our login at the top of our our controller okay and you can see it's a some resource slash user so it uses the auth sanctum middleware so whatever if you have any route and you need to authenticate with the uh with this token system then you need to use this middleware earth sanctum okay so if we uh access this resource right now without any user then it will throw an error to us so let's check it out so i am using the insomnia okay so it's a register method uh let's access the user first without any token because we don't have any token it's the old data yeah so i'm using the our local url api prefix okay and user because we have either here user root and if we send it returns the message unauthenticated okay also in headers we uh you need to use the accept uh what type data you are going to accept in your api so you need to declare it accept application json if you don't use it here in header then it will throw a 500 error or some except exception okay so it is must accept attribute in the header okay so let's register first our first user so name email and password we have here three fields here name email and password and for the registration okay and send it so it generates the beta token so let's copy it and for the user resource bearer we need to send as bearer and enabled if you send it returns the user detail okay because if in the user root we are returning the current user okay same apply for the login so for the login we are taking two inputs email and password okay so the register user is our john so let's uh email and password here this is a door basically to add that a test and the password test at the rate one two three okay if you send then it log in if we uh try to use some other user then it will be fair invalid login credential okay and send it to us if we provide the right credential then it returned the access token and using this token we can access our source like this and it returns okay and now if we check our database so our user john doe it's inserted is created in that and we check the personal access token it creates a token and now you can see here it stores the token in sha format okay there's a name of the auth token which we have given at the time after token creation here okay and here's a token able type which model we are using user and the id so that's it uh it's a very simple to implement and it's a way so it's a very lightweight and we can just uh use it and start our building application and authenticate user for this so if you like it then like and subscribe our channel and uh i will be here again very soon thank you thank you so much

Info

Channel: kode patcher

Views: 170

Rating: undefined out of 5

Keywords: laravel tutorial, laravel advance, laravel latest, laravel, laravel interview, laravel relationship, laravel framework, laravel php, SANCTUM, sanctum, laravel sanctum, token auhtentication, laravel api, token auth, laravel token, user token, laravel 8, laravel package, laravel authentication

Id: hsDwvQ7fGw4

Channel Id: undefined

Length: 15min 53sec (953 seconds)

Published: Sun Sep 26 2021