Crating My first Api Using $Git -3 [Enabling Laravel Passport]

in LeoFinance7 days ago (edited)

As I have always said, plans don't just work out as planned. Just after my previous post, guess what? I got sick for a complete 4 days which led me to not learning, coding, nor blog. All I had to do was sleep, eat, and take my medications. But I'm fine now so let's resume back to our lesson.

This part of my ongoing lessons is to add Passport to my Laravel project. Just before I dive deep into completing this, let's check out what and why Passport is used for. Below is the result I came across.

Laravel Passport is an OAuth 2.0 server implementation for API authentication using Laravel. Since tokens are generally used in API authentication, Laravel Passport provides an easy and secure way to implement token authorization on an OAuth 2.0 server.

Personally, I see Passport as a Laravel feature that enables easy API authentication in Laravel projects. So, guys, let's being by adding and installing Passport into our project.

My aim in this lesson is to create API endpoints using Laravel passport and below are screenshots showing a Login and Signup endpoints created.

Login Endoint

Screenshot 35.png

Signup Endpoint

Screenshot 36.png

Adding Laravel Passport

Requiring our Laravel passport that we'll be using API
  • composer require laravel/passport
Migrating the Database
  • php artisan migrate
Inatall passport
  • php artisan passport:install

Editing My Project Files To Complete Adding Passport

  • User.php file
    Inside my project model folder, I edited the user.php file.

Firstly, I imported use Laravel\Passport\HasApiTokens; just below the Namespace. I also included the HasApiTokens inside the user class extension.

use Laravel\Passport\HasApiTokens;
class User extends Authenticatable
    use Notifiable, HasApiTokens;

  • AuthServiceProvider.php inside Providers folder

I manually added Passport::routes(); inside boot() funtion.

public function boot()
  • auth.php file inside Config folder
    I defined passport as the driver instead of Tokens. Below is the complete code after manually changing Tokens to passport;
 'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        'api' => [
            'driver' => 'passport',
            'provider' => 'users',
            'hash' => false,

Creating Auth Controller

Before we create our API routes, we need to have our AuthController.php file and this would be created via command prompt.

  • php artisan make:controller /Api/AuthController

After it was created, I need to write functions for login and signup. For this lesson, we'll only write those functions to display texts.

class AuthController extends Controller
    public function login(){
        echo"Login EndPoint Requested";

    public function signup(){
        echo"signup EndPoint Requested";

    public function logout(){
        echo " User LoggedOut";

The above code comprises of three public functions. now let' create our API routes to point at those functions.

  • Inside api.php file found inside Routes folder, I created a group and authorized routes of login and signup pointing to their respective public functions we created inside AuthController.

Below the grouped routes, I also created an unauthorized logout and helloword routes. These two routes require authentication before it could be accessed. This is possible with the help of middleware.

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;
| API Routes
| Here is where you can register API routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| is assigned the "API" middleware group. Enjoy building your API!
        Route::post('login', '[email protected]');
        Route::post('signup', '[email protected]');
    ], function(){
        Route::get('helloworld', '[email protected]');
        Route::post('logout', '[email protected]');

Testing Our Routes With PostMan

After I opened Postman software, pasted my localhost address then appended it with /api/auth/login, it then loaded the login function inside AuthController.php file.

Same with the signup routes

However, you should note that when we try to access our helloworld or logout route, we won't be allowed because we need authorization for it.
Screenshot 37.png

That's all for this tutorials guys, we'll complete the rest of the functions in the next lesson.

Posted Using LeoFinance Beta