API Token Creation for Authentication in Laravel 5.5

by Noor Ali  January 12, 2017

IIn this article, I will discuss Laravel API token authentication, a very important topic in web app and website security. I will demonstrate the basis of API token authentication and how easily you could implement the idea in your project.

API Token Authentication Laravel

What is API Token Authentication

The traditional process of interacting with a website is that you login from the login page. Next, you perform you desired actions and then log out. However, in the case of REST API, the process is quite different. The traditional procedure does not work in the case of RESTful APIs because the methods used on login page does not make any sense. You need to use api_token instead.

All you need to do is to append the api_token to the query string before making a request and the  request is authenticated.

Now what Laravel 5.5 offers is quite interesting! You can easily implement this idea using the Passport library.

To demonstrate the idea, I will make a simple application, in which users can register themselves, and by using their api tokens, will try to post some data into the database.

Prerequisites

For the purpose of this tutorial, I assume that you have a Laravel application installed on a web server. My setup is:

  • Laravel 5.5
  • PHP 7.0
  • MySQL

Since I don’t want o get sidetracked by server management during this tutorial, I decided to host the test app on a Cloudways managed server. In addition to a great hosting stack, they also take care of server management issues and provide pre installed Git and Composer. I suggest you sign up for a free account and then follow this GIF for setting up the server and the Laravel application.

Laravel Passport

Install Laravel Passport package in your application using run following command

After install successfully Passport package in our Laravel application i need to set their Service Provider. so, open your config/app.php file and add following Line in the ‘providers’

Configure the Database

Now setup the MySQL database and configure it in Laravel.

In the project root, you will find the .env and config/database.php files. Add the database credentials (username, DB name, and password) to setup the database and allow the Laravel app access it.

Migrations

After set providers array now run the migration command

Install Laravel Passport

After Migrations of tables is successfully completed now run the install passport command

Configuration of  Passport

After install of Passport , next move to next Three step to configure it .

First open app/User.php file and update with following code.

Second go to the app/Providers/AuthServiceProvider.php  and update following code

Third update the config/auth.php with following code

Laravel Auth 

Set API Route

Go in routes folder and open api.php

Create the Controller

create one PassportController.php controller in app/Http/Controllers/API/ root.

 

Testing the App

Finally, run the php artisan server command and check application.The first step is to register a user. To do this, visit the URL of the application.

 

Test all API in any API testing tool,  like Postman testing API and others tools.

Conclusion

In this tutorial, I demonstrated how you could use api_token for setting up secure communication within your app. If you would like to clarify a point discussed above or would like to extend the conversation, please leave a comment below.

Start Creating Web Apps on Managed Cloud Servers Now!

Easy Web App Deployment for Agencies, Developers and E-Commerce Industry

About Noor Ali

Noor Ali is an Associate Software Engineer at Cloudways. He loves to solve technical problems through programming and mathematics.

Stay Connected:

You Might Also Like...