laravel 11 sanctum api authentication example code
Created at 03-Dec-2024 ,
By samar
Learn how to implement API authentication in Laravel 11 using Sanctum. This guide includes an example AuthController that demonstrates user registration, login, logout, and token management for secure API authentication.
First create laravel project using below command
composer create-project laravel/laravel laravel-api
Update your database configuration details in php .env file as per your requirements.
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=laravel_api
DB_USERNAME=root
DB_PASSWORD=password
Now add sanctum api to your laravel application
php artisan install:api
Create controller class AuthController using php artisan command
php artisan make:controller API/AuthController
app/Http/Controllers/API/AuthController.php
<?php
namespace App\Http\Controllers\API;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use App\Models\User;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator;
class AuthController extends Controller
{
public function register(Request $request) {
$request->validate([
'name' => 'required|max:255',
'email' => 'required|email|unique:users',
'password' => 'required|confirmed'
]);
$input = $request->all();
$user = User::create($input);
if($user) {
$token = $user->createToken($user->name)->plainTextToken;
return response()->json([
'success' => true,
'user' => $user,
'access_token' => $token
], 200);
}else {
return response()->json([ 'success' => false, 'error' => 'error while creating account'], 401);
}
}
public function login(Request $request) {
$input = $request->all();
$validation = Validator::make($request->all(), [
'email' => 'required|email|exists:users',
'password' => 'required'
]);
if($validation->fails()) {
return response()->json([
'success' => false,
'error' => $validation->errors()
], 401);
}
$user = User::where('email', $input['email'])->first();
if($user && Hash::check($input['password'], $user->password)) {
return response()->json([
'success' => true,
'token' => $user->createToken($user->name)->plainTextToken
], 200);
}else {
return response()->json([
'success' => false,
'error' => 'Invalid credentials!'
], 401);
}
}
public function logout(Request $request) {
$request->user()->tokens()->delete();
return response()->json([
'success' => true,
'message' => 'You have logged out successfully'
]);
}
}
-
Api.php code for user authentication
use App\Http\Controllers\API\AuthController; Route::get('/user', function (Request $request) { return $request->user(); })->middleware('auth:sanctum'); Route::post('/register', [AuthController::class, 'register']); Route::post('/login', [AuthController::class, 'login']); Route::post('/logout', [AuthController::class, 'logout'])->middleware('auth:sanctum'); -
Add HasApiTokens trait to user model
app/Models/User.php
use Laravel\Sanctum\HasApiTokens; class User extends Authenticatable { /** @use HasFactory<\Database\Factories\UserFactory> */ use HasApiTokens, HasFactory, Notifiable; -
Things to remember while hitting an API URL using postman in laravel sanctum
- Endpoint URL: The base URL and the endpoint you want to call.
- HTTP Method: Identify the correct method (GET, POST, PUT, DELETE, etc.)
- Bearer Token: Add the token in the Authorization tab. Add bearer token to protected url
- Add application/json to Accept header in headers tab.
- Pass data to form-data tab in body tab.
If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.
Don't forget to share this article! Help us spread the word by clicking the share button below.
We appreciate your support and are committed to providing you valuable and informative content.
We are thankful for your never ending support.
Random Code Snippet Queries: Laravel
- Laravel recursive function in controller
- Connection could not be established with host smtp.gmail.com :stream_socket_client(): unable to connect to tcp://smtp.gmail.com:587 (Connection refused)"
- How to update record after save method in Laravel
- Method Illuminate\Database\Eloquent\Collection::lists does not exist
- How to send email in laravel
- Call to a member function pluck() on null
- How to restore deleted records in laravel
- How to insert ckeditor data into database in Laravel?
- How to pass query string with pagination in laravel
- How to get data from two tables in laravel
- Extra Filter Query on Relationships in Laravel
- How to check email is valid or not in Laravel
- Laravel create default admin user
- Get comma separated email from input array
- Display success message in laravel
- Method chaining in Laravel
- Get laravel version
- Generate unique username in Laravel
- How to get only time from created_at in laravel
- Class App\Http\Controllers\Admin\UserController Does Not Exist
- 419 page expired error in Laravel
- Extract only time from datetime in laravel
- Route group with URI prefix using middleware and route name prefixes
- How to add script on specific view file in laravel while extending layout
- How to get last record from object collection in laravel