Luqman Nordin

CRUD REST API passpord with Laravel API Resource

#bash
mkdir laravel-api
composer create-project laravel/laravel:^8 .
composer require laravel/passport --with-dependencies
php artisan migrate
php artisan passport:install


Configure Passport Module

We need to focus on some nitty-gritty to configure the Passport package in the Laravel application. First, open app/Models/User.php file and include HasApiTokens trait inside the User model, as mentioned below.
<?php
namespace App\Models;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Laravel\Passport\HasApiTokens;
class User extends Authenticatable
{
    use HasFactory, Notifiable, HasApiTokens;
    /**
     * The attributes that are mass assignable.
     *
     * @var array
     */
    protected $fillable = [
        'name',
        'email',
        'password',
    ];
    /**
     * The attributes that should be hidden for arrays.
     *
     * @var array
     */
    protected $hidden = [
        'password',
        'remember_token',
    ];
    /**
     * The attributes that should be cast to native types.
     *
     * @var array
     */
    protected $casts = [
        'email_verified_at' => 'datetime',
    ];
}

Next, open app/Providers/AuthServiceProvider.php file and register the registerPolicies() method inside the boot() function, It will evoke the required routes.

<?php

namespace App\Providers;

use Illuminate\Support\ServiceProvider;
use Laravel\Passport\Passport;

class AppServiceProvider extends ServiceProvider
{
    /**
     * Register any application services.
     *
     * @return void
     */
    public function register()
    {
        //
    }

    /**
     * Bootstrap any application services.
     *
     * @return void
     */
    public function boot()
    {
        //
        Passport::routes();
    }
}

Register the PassportServiceProvider class in providers array inside the config/app.php file:

'providers' => [
        ...
        ... 
        ...
        Laravel\Passport\PassportServiceProvider::class,
    ],

Configure driver for the Passport, get inside the config/auth.php file and make the changes as shown below.

<?php
    return [
    ....
    ....
    
        'guards' => [
            'web' => [
                'driver' => 'session',
                'provider' => 'users',
            ],
    
            'api' => [
                'driver' => 'passport',
                'provider' => 'users',
            ],
        ],
    
    ....
    ....
]

Create Controller Class and Resource Class

#bash
php artisan make:controller UserController --api --resource
php artisan make:resource UserResource

Controller code for Resource 

<?php

namespace App\Http\Controllers;

use App\Models\User;
use Illuminate\Http\Request;
use App\Http\Resources\UserResource;

class UserController extends Controller
{
    /**
     * Display a listing of the resource.
     *
     * @return \Illuminate\Http\Response
     */
    public function index()
    {
        //
        // $users = User::all();
        $users = User::paginate();
        return UserResource::collection($users);
    }

    /**
     * Store a newly created resource in storage.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return \Illuminate\Http\Response
     */
    public function store(Request $request)
    {
        //
        $this->validate($request, [
            'name' => 'required|min:4',
            'email' => 'required|email|unique:users',
            'password' => 'required|min:8',
        ]);
        $request['password'] = bcrypt($request->password) ;
        $user = User::create($request->all());
        $request['remember_token'] = $user->createToken('LaravelAuthApp')->accessToken;
        $user->update($request->only(['remember_token']));
        $user->token = $request['remember_token'];
        return new UserResource($user);
    }

    /**
     * Display the specified resource.
     *
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
    public function show(User $user)
    {
        //
        return new UserResource($user);
    }

    /**
     * Update the specified resource in storage.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
    public function update(Request $request, User $user)
    {
         // check if currently authenticated user is admin
        if ($user->role_id !== 1) {
            return response()->json(['error' => 'You not Admin'], 403);
        }
        $this->validate($request, [
            'name' => 'required|min:4',
            'email' => 'required|email|unique:users,email,'.$user->id,
            'password' => 'required|min:8',
        ]);
        // $user->update($request->all());
        if(!empty($request->password)){
            $request['password'] = bcrypt($request->password) ;
            $user->update($request->only(['name', 'email','password']));
        }else{
            $user->update($request->only(['name', 'email']));
        }
        return new UserResource($user);
    }

    /**
     * Remove the specified resource from storage.
     *
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
    public function destroy(User $user)
    {
        //
        $user->delete();
        return response(null, 204);
    }

    public function login(Request $request)
    {
        //
        $data = [
            'email' => $request->email,
            'password' => $request->password
        ];
 
        if (auth()->attempt($data)) {
            $token = auth()->user()->createToken('LaravelAuthApp')->accessToken;
            return response()->json(['token' => $token], 200);
        } else {
            return response()->json(['error' => 'Unauthorised'], 401);
        }
    }
}

API testing and routes api.php

<?php

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\UserController;

/*
|--------------------------------------------------------------------------
| API Routes
|--------------------------------------------------------------------------
|
| Here is where you can register API routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| is assigned the "api" middleware group. Enjoy building your API!
|
*/


Route::middleware('auth:api')->group(function () {
    Route::resource('users', UserController::class);
});

//for registration new user without token to get token
Route::post('/users', [UserController::class, 'store']);
//for login new user without token to get token
Route::post('/users/login', [UserController::class, 'login']);

Register or Create User – public function store(Request $request)

var myHeaders = new Headers();
myHeaders.append("Accept", "application/json");

var formdata = new FormData();
formdata.append("email", "[email protected]");
formdata.append("password", "password");
formdata.append("name", "luqman baru");

var requestOptions = {
  method: 'POST',
  headers: myHeaders,
  body: formdata,
  redirect: 'follow'
};

fetch("http://127.0.0.1:8000/api/users/", requestOptions)
  .then(response => response.text())
  .then(result => console.log(result))
  .catch(error => console.log('error', error));

Login user to get token – 

var myHeaders = new Headers();
myHeaders.append("Accept", "application/json");

var formdata = new FormData();
formdata.append("email", "[email protected]");
formdata.append("password", "ffffffrrrrrrd");

var requestOptions = {
  method: 'POST',
  headers: myHeaders,
  body: formdata,
  redirect: 'follow'
};

fetch("http://127.0.0.1:8000/api/users/login", requestOptions)
  .then(response => response.text())
  .then(result => console.log(result))
  .catch(error => console.log('error', error));

After you get token, you can proceed with others action.
List or get Users – public function index()

var myHeaders = new Headers();
myHeaders.append("Accept", "application/json");
myHeaders.append("Authorization", "Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiIxIiwianRpIjoiZWExODM5ZmJmMzcyZWI5NWE2ZWE5MTFkNmY2ZTRlZjFkODA0NTUwMWFmYzNmMTEzYjdkOWEyNTE3MTYxYzE2ZDBhYjY5ZGE0YTUzZDU1MWIiLCJpYXQiOjE2OTI0MjY3MTQuOTI4ODMxLCJuYmYiOjE2OTI0MjY3MTQuOTI4ODM2LCJleHAiOjE3MjQwNDkxMTQuOTIzNjA4LCJzdWIiOiIxMiIsInNjb3BlcyI6W119.lkJXF9Pjf0qLnyWgZhdNFRWCI8raqWz4VuCTuU4-9RZZYjgj3w2xHPhy1-eLHOtmLsa9L4jDzxvg-3tPesQ_WNSNHTWrB9DmPtV-7lClW0ESNCDVgktkqUU2uARpDQpg4atv9O9Dr76qTUotFtbHJfSNZs9s6FJpzs_5OYQE5IXjojA-HhCcw71nmI-bLuOSr8wZhx-r9x7Yvxu9ws5J94XC83FN491i01NpC45z17o3FlpDR47PLh3z-GUF2DbMmT_u7l9PX426P1g5Tbk0W7RBwTYLFzAVW3bQ3NPPUxuZHYdnLEImBanUHs9ib9upBb1HwJ9OwncuPj7DNb20eQJS26Ft7yVq-FmOCG9h2GptcX0N0HpXthxcF37afSfF110_5TrxiwU8L5QlGXdDBY9sr1Q11kes0P2faZkBEV8PN1X1cIwh6vUvmrW2ZNLroVS2c7vhkgNDCS6k0giYtNKqM-wjLCK47VdCw2HDPCGIw_-oqYrrZyBJjk1AHvAPqSvCAUGJKQt7Q7HCpf_yeZTSXt7sgCmOOVwySLmpFqcoBJQLFVOBsZ8jowufJR_5UTGHICC4fE3rCzTrCUgQ0MWDsviupbi33hb1E9uY8_ZDGB9eCSMTUBcdp-zPKYPK0_vLYzOfSkw6DltqIdQzOYU35ZVoPScTsJx81rSpNRk");

var formdata = new FormData();

var requestOptions = {
  method: 'GET',
  headers: myHeaders,
  body: formdata,
  redirect: 'follow'
};

fetch("http://127.0.0.1:8000/api/users/", requestOptions)
  .then(response => response.text())
  .then(result => console.log(result))
  .catch(error => console.log('error', error));

Select user by id – public function show(User $user)

var myHeaders = new Headers();
myHeaders.append("Accept", "application/json");
myHeaders.append("Authorization", "Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiIxIiwianRpIjoiZWExODM5ZmJmMzcyZWI5NWE2ZWE5MTFkNmY2ZTRlZjFkODA0NTUwMWFmYzNmMTEzYjdkOWEyNTE3MTYxYzE2ZDBhYjY5ZGE0YTUzZDU1MWIiLCJpYXQiOjE2OTI0MjY3MTQuOTI4ODMxLCJuYmYiOjE2OTI0MjY3MTQuOTI4ODM2LCJleHAiOjE3MjQwNDkxMTQuOTIzNjA4LCJzdWIiOiIxMiIsInNjb3BlcyI6W119.lkJXF9Pjf0qLnyWgZhdNFRWCI8raqWz4VuCTuU4-9RZZYjgj3w2xHPhy1-eLHOtmLsa9L4jDzxvg-3tPesQ_WNSNHTWrB9DmPtV-7lClW0ESNCDVgktkqUU2uARpDQpg4atv9O9Dr76qTUotFtbHJfSNZs9s6FJpzs_5OYQE5IXjojA-HhCcw71nmI-bLuOSr8wZhx-r9x7Yvxu9ws5J94XC83FN491i01NpC45z17o3FlpDR47PLh3z-GUF2DbMmT_u7l9PX426P1g5Tbk0W7RBwTYLFzAVW3bQ3NPPUxuZHYdnLEImBanUHs9ib9upBb1HwJ9OwncuPj7DNb20eQJS26Ft7yVq-FmOCG9h2GptcX0N0HpXthxcF37afSfF110_5TrxiwU8L5QlGXdDBY9sr1Q11kes0P2faZkBEV8PN1X1cIwh6vUvmrW2ZNLroVS2c7vhkgNDCS6k0giYtNKqM-wjLCK47VdCw2HDPCGIw_-oqYrrZyBJjk1AHvAPqSvCAUGJKQt7Q7HCpf_yeZTSXt7sgCmOOVwySLmpFqcoBJQLFVOBsZ8jowufJR_5UTGHICC4fE3rCzTrCUgQ0MWDsviupbi33hb1E9uY8_ZDGB9eCSMTUBcdp-zPKYPK0_vLYzOfSkw6DltqIdQzOYU35ZVoPScTsJx81rSpNRk");

var formdata = new FormData();

var requestOptions = {
  method: 'GET',
  headers: myHeaders,
  body: formdata,
  redirect: 'follow'
};

fetch("http://127.0.0.1:8000/api/users/2", requestOptions)
  .then(response => response.text())
  .then(result => console.log(result))
  .catch(error => console.log('error', error));

Update user – public function update(Request $request, User $user)

var myHeaders = new Headers();
myHeaders.append("Accept", "application/json");
myHeaders.append("Authorization", "Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiIxIiwianRpIjoiZWExODM5ZmJmMzcyZWI5NWE2ZWE5MTFkNmY2ZTRlZjFkODA0NTUwMWFmYzNmMTEzYjdkOWEyNTE3MTYxYzE2ZDBhYjY5ZGE0YTUzZDU1MWIiLCJpYXQiOjE2OTI0MjY3MTQuOTI4ODMxLCJuYmYiOjE2OTI0MjY3MTQuOTI4ODM2LCJleHAiOjE3MjQwNDkxMTQuOTIzNjA4LCJzdWIiOiIxMiIsInNjb3BlcyI6W119.lkJXF9Pjf0qLnyWgZhdNFRWCI8raqWz4VuCTuU4-9RZZYjgj3w2xHPhy1-eLHOtmLsa9L4jDzxvg-3tPesQ_WNSNHTWrB9DmPtV-7lClW0ESNCDVgktkqUU2uARpDQpg4atv9O9Dr76qTUotFtbHJfSNZs9s6FJpzs_5OYQE5IXjojA-HhCcw71nmI-bLuOSr8wZhx-r9x7Yvxu9ws5J94XC83FN491i01NpC45z17o3FlpDR47PLh3z-GUF2DbMmT_u7l9PX426P1g5Tbk0W7RBwTYLFzAVW3bQ3NPPUxuZHYdnLEImBanUHs9ib9upBb1HwJ9OwncuPj7DNb20eQJS26Ft7yVq-FmOCG9h2GptcX0N0HpXthxcF37afSfF110_5TrxiwU8L5QlGXdDBY9sr1Q11kes0P2faZkBEV8PN1X1cIwh6vUvmrW2ZNLroVS2c7vhkgNDCS6k0giYtNKqM-wjLCK47VdCw2HDPCGIw_-oqYrrZyBJjk1AHvAPqSvCAUGJKQt7Q7HCpf_yeZTSXt7sgCmOOVwySLmpFqcoBJQLFVOBsZ8jowufJR_5UTGHICC4fE3rCzTrCUgQ0MWDsviupbi33hb1E9uY8_ZDGB9eCSMTUBcdp-zPKYPK0_vLYzOfSkw6DltqIdQzOYU35ZVoPScTsJx81rSpNRk");

var formdata = new FormData();

var requestOptions = {
  method: 'PUT',
  headers: myHeaders,
  body: formdata,
  redirect: 'follow'
};

fetch("http://127.0.0.1:8000/api/users/2", requestOptions)
  .then(response => response.text())
  .then(result => console.log(result))
  .catch(error => console.log('error', error));

 delete user – public function destroy(User $user)

var myHeaders = new Headers();
myHeaders.append("Accept", "application/json");
myHeaders.append("Authorization", "Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiIxIiwianRpIjoiZWExODM5ZmJmMzcyZWI5NWE2ZWE5MTFkNmY2ZTRlZjFkODA0NTUwMWFmYzNmMTEzYjdkOWEyNTE3MTYxYzE2ZDBhYjY5ZGE0YTUzZDU1MWIiLCJpYXQiOjE2OTI0MjY3MTQuOTI4ODMxLCJuYmYiOjE2OTI0MjY3MTQuOTI4ODM2LCJleHAiOjE3MjQwNDkxMTQuOTIzNjA4LCJzdWIiOiIxMiIsInNjb3BlcyI6W119.lkJXF9Pjf0qLnyWgZhdNFRWCI8raqWz4VuCTuU4-9RZZYjgj3w2xHPhy1-eLHOtmLsa9L4jDzxvg-3tPesQ_WNSNHTWrB9DmPtV-7lClW0ESNCDVgktkqUU2uARpDQpg4atv9O9Dr76qTUotFtbHJfSNZs9s6FJpzs_5OYQE5IXjojA-HhCcw71nmI-bLuOSr8wZhx-r9x7Yvxu9ws5J94XC83FN491i01NpC45z17o3FlpDR47PLh3z-GUF2DbMmT_u7l9PX426P1g5Tbk0W7RBwTYLFzAVW3bQ3NPPUxuZHYdnLEImBanUHs9ib9upBb1HwJ9OwncuPj7DNb20eQJS26Ft7yVq-FmOCG9h2GptcX0N0HpXthxcF37afSfF110_5TrxiwU8L5QlGXdDBY9sr1Q11kes0P2faZkBEV8PN1X1cIwh6vUvmrW2ZNLroVS2c7vhkgNDCS6k0giYtNKqM-wjLCK47VdCw2HDPCGIw_-oqYrrZyBJjk1AHvAPqSvCAUGJKQt7Q7HCpf_yeZTSXt7sgCmOOVwySLmpFqcoBJQLFVOBsZ8jowufJR_5UTGHICC4fE3rCzTrCUgQ0MWDsviupbi33hb1E9uY8_ZDGB9eCSMTUBcdp-zPKYPK0_vLYzOfSkw6DltqIdQzOYU35ZVoPScTsJx81rSpNRk");

var formdata = new FormData();

var requestOptions = {
  method: 'DELETE',
  headers: myHeaders,
  body: formdata,
  redirect: 'follow'
};

fetch("http://127.0.0.1:8000/api/users/9", requestOptions)
  .then(response => response.text())
  .then(result => console.log(result))
  .catch(error => console.log('error', error));

Posted

in

by

luqman

Tags:

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *