Laravel Sanctum | Laravel 9 Sanctum | Laravel API Authentication | Laravel 9 Rest API Authentication

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
[Music] hello and welcome to tech tool india in this video i am going to explain you about laravel api's authentication for authentication we are going to use laravel sanctum in this video if you are new to the channel please do subscribe our channel for future videos on laravel in the last video we have seen how we can make the laravel api crud operation if you have not watched that video you can click on the i button or get the video link in the description so without wasting any time let's get started in level 9 laravel sanctum comes in built with composer if you go to the composer.json for level 9 you can see this laravel sanctum is required as a dependency but if you're using any old version what you need to do you need to go to laravel sanctum documentation and you just need to install this dependency via composer and after installing this dependency via composer you just need to publish this service provider after that you need to run a migration which will create a table called personal access token this table is used to store the token for each user level sanctum allow to create multiple tokens for each user by which we can define the scope of the user for that particular token so let's get started and see how we can use this laravel sanctum in level 9. we have already installed laravel line apis and made the cred operation if you go to the apis we have create post apis get api and if i hit this i'll get this to response of the post so right now it's an open api there is a no middleware for authentication anyone can access this api in order to write the middleware or author authentication for these apis we need to create authentication controller in order to create a token for each user for that what we'll do we will go to the apis we'll create two we'll create one controller for authentication of the apis by running the command php artisan make controller api will make auth controller for all the api's authentication routes let's create this if you see this creates auth controller we need to do tool now we need to define two routes for register and sign in so we'll create one register root call it auth register and give it a controller auth controller so we need to use this auth controller you can see i have imported this auth controller via auto import you can use this auth controller on the very top of the page and use this class next we need to define which function you want to use for this so we will call it create user we have defined our auth register root the next is auth login root and we'll call it login user so we have defined these routes next we need to create this controller function let's go to the controller and let's define create user request so we'll just simply put it as a request and request parameter let's create this by creating a function name create user which will accept request as a parameter all the form requests will come here what we need to do next here we need to validate the request in order to validate what we'll do will create a validate user validate user and what will write here validator and as soon as i use this validator you can see on top of controller we have validator use the validator class and i'll pass here the data data is all the data which is coming through request the rules next we need to write the rules rules will be required a name parameter which is required there should be an email parameter which again is a required parameter and it should be an email next is it should be a unique of users table column should be email and since it's a create request we don't want to accept any ids here all right so we have written this for email the next should be a password always required for a user so we'll just simply put it as a required next if this validation will fail we need to written a response of error with json so we'll simply check this validate user if this fails so we need to written a response json response will simply follow our response like status should be a false message should be validation error and there should be all errors in array like validate user errors so this will hold all the errors and the response code will be four not one so this will be our validation before moving ahead we need to put all this inside a try catch block i'll just move quickly this in a try block so that we can catch the response and written proper handle proper catch if we found anything so the message will be whatever the catch message will be here we'll simply use that get message and we don't want this all right so we have validated our input next what we need to do we need to use we need to create a user so to create a user what we are going to use the user model inside this we have to pass all the parameter which is coming through request so we have a name email and password so the password should be used as a hashed password so for that we are using as make and the value will be the request of password so this will be this will create the user so in order to import use this user we need to import the user model and in order to use this hash we need to use import this hash facade here so we have imported hash we have imported users we have imported the validators so three imports will do all this here once the user is created what we need to do we need to return the user with api token in order to create the token with sanctum as sanctum isn't built in laravel 9 we need to use has api token in user model so let's open and if you go to the user model you see this has epi tokens this is a treat clause based on the laravel sanctum what it does it actually opens a function called create token which will create a token for this particular user so the next thing we need to return a response we'll simply copy the above code for response and update it based on like it's a 200 response stated should be true message should be user created successfully and the token should be now we need to return a token so what we'll do we'll use this user and then we'll use our create token method create token and in that we need to pass what kind of token it is and it should be a plain text token all right so this will return a token let's save this let's go to our let's test like how this function should be working let's test this function to test this we need to use this auth register in apis so we'll create a new will use a post method we'll put this copy the url from here paste it here after api we need to use auth register inside a form data what we need to do inside body we need to pass the form data and here we are passing the name email and password password would be all right so we have this auth register apis to test let's send this request as you can see we got this status as true user got created successfully and received token next what we need to do we need to test if this particular user can be authenticated by using this token for that if you go to the post right now it's an open api anyone can access but as soon as i apply a middleware here middleware for earth earth and auth using sanctum so i as soon as i apply this and go to this api and hit it you see this call this is calling at unauthenticated and giving it response 401 unauthorized for this we need to pass a bra token authentication and in that if i put this token i just copy this token and put inside our beer token let's see if this is going to work for us it's working so as you can see as soon as you apply this middleware earth sanctum the token is required if you do not pass pass the token it will give you authentication error as soon as you put the token it will pass the request and give you the response so it's very simple as we did on the register we need to create a login user function in auth controller in order to create token while login so what we need to do log in the user will create the function name it login user use the similar request as a parameter use the try catch block as above copy this response type here in the catch block and put it here in the login again we need to validate a user so what we'll do here we just copy the same validation and just remove this name parameter from here because in login we just required only email and the password if there is any validation error this will happen in order to check a login credential what we need to do here we need to use auth attempt by using auth attempt if there is a invalid credential it will give you a false response so what we are going to use here we will check if auth attempt giver false response we need to return a response with error of wrong username and password or email and password so what we'll do we will only take email and password so here we need to pass an array of email and password so this will take only email and password and if this attempt fails and what then we need to return a response saying username or password does not match right so we need to give this response and if it pass then what we need to do we need to find the user which will be email should be the request of email and this should be first if it is passed like if authenticated then we need to create token again so the similar response will be returned after authentication so what we'll do here we will return this user logged in user logged in successfully and then we'll return the api token so this should work for login let's test this as well let's go to our postman duplicate this request tab and inside a body we need to pass email and password instead of register we need to test our login let's send this great this is also working let's test this token go to our first remove this send this it gives you the unauthenticated put it out token send the request it gives you the response so that's it that's how we can create a sanctum authentication for the apis it's really very easy we just need a route for registering and creating api token for those users and wherever we want to put this sanctum authentication method middleware it will just apply the sanctum authentication middleware and restrict any open user to access your apis hope this video will be informative for you if you found this video informative please do subscribe our channel like this video share this video with your friends if you face any issue while integrating this sanctum in your project please do let us know on the comment section till the next video keep watching keep learning thank you for watching [Music] you
Info
Channel: TechTool India
Views: 19,788
Rating: undefined out of 5
Keywords: laravel sanctum, laravel, sanctum, laravel 8 sanctum, laravel sanctum authentication, laravel sanctum api authentication, laravel 8, laravel sanctum spa, laravel 7, laravel airlock, laravel 7 sanctum, laravel sanctum tutorial, laravel api, laravel tutorial, laravel 8 rest api with sanctum, laravel sanctum register and login, laravel sanctum spa authentication, laravel8, laravel package, laravel passport, laravel sanctum api, laravel airlock auth, sanctum laravel 7
Id: GAB_BqFZNOA
Channel Id: undefined
Length: 20min 39sec (1239 seconds)
Published: Thu May 05 2022
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.