1<?php
2
3namespace App\Http\Controllers;
4
5
6use Illuminate\Http\Request;
7use App\User;
8
9class AuthController extends Controller
10{
11 public $loginAfterSignUp = true;
12
13 public function register(Request $request)
14 {
15 $user = User::create([
16 'name' => $request->name,
17 'email' => $request->email,
18 'password' => bcrypt($request->password),
19 ]);
20
21 $token = auth()->login($user);
22
23 return $this->respondWithToken($token);
24 }
25
26 public function login(Request $request)
27 {
28 $credentials = $request->only(['email', 'password']);
29
30 if (!$token = auth()->attempt($credentials)) {
31 return response()->json(['error' => 'Unauthorized'], 401);
32 }
33
34 return $this->respondWithToken($token);
35 }
36 public function getAuthUser(Request $request)
37 {
38 return response()->json(auth()->user());
39 }
40 public function logout()
41 {
42 auth()->logout();
43 return response()->json(['message'=>'Successfully logged out']);
44 }
45 protected function respondWithToken($token)
46 {
47 return response()->json([
48 'access_token' => $token,
49 'token_type' => 'bearer',
50 'expires_in' => auth()->factory()->getTTL() * 60
51 ]);
52 }
53
54}
55
56
1# Database Preparation
2// add api_token to users table
3Schema::table('users', function ($table) {
4 $table->string('api_token', 80)->after('password')
5 ->unique()
6 ->nullable()
7 ->default(null);
8});
9
10// Create token for existing users, code can also be added to registerController
11 $token = Str::random(60);
12 $user = User::find(1);
13 $user->api_token = hash('sha256', $token); // <- This will be used in client access
14 $user->save();
15
16
17
18//config/auth.php
19 'guards' => [
20 'web' => [
21 'driver' => 'session',
22 'provider' => 'users',
23 ],
24
25 'api' => [
26 'driver' => 'token', // <- Add this entry
27 'provider' => 'users',
28 'hash' => false,
29 ],
30 ],
31
32
33
34//routes/api.php
35 // Add "middleware('auth:api')" as below
36 Route::middleware('auth:api')->get('/user', function (Request $request) {
37 return $request->user();
38 });
39
40
41
42//client access example (in Vue js)
43
44axios.get('http://example.com/api/user',
45 {
46 headers: {
47 'Accept': 'application/json',
48 'Authorization': 'Bearer '+ 'user-api-token'
49 }
50}
51 )
52 .then(function (response) {
53 // handle success
54 console.log(response);
55})
56 .catch(function (error) {
57 // handle error
58 console.log(error);
59})
60
61
1public function login(Request $request){
2 $fields = $request->validate([
3
4 'email'=>'required|string|email',
5 'password'=>'required|string'
6 ]);
7
8 //Check email
9
10 $user= User::where('email', $fields['email'])->first();
11
12 //Check Password
13 if(!$user || !Hash::check($fields['password'], $user->password) ){
14 return response([
15 'message'=>'Invalid Credentials'
16 ], 401);
17 }
18
19 $token = $user->createToken('myapptoken')->plainTextToken;
20
21 $response= [
22 'user' => $user,
23 'token'=> $token
24 ];
25
26 return response($response, 201);
27 }
28
1<?php
2
3//custom made middleware for token generation and user authentication
4
5//below code for Middleware file in /app/Http/Middleware
6namespace App\Http\Middleware;
7use Closure;
8use \App\Admin;
9use Illuminate\Support\Facades\Auth;
10
11class ApiAuthenticate {
12 public function handle($request, Closure $next) {
13
14 $token = $request->bearerToken(); //set as Authorization -> Bearer token... in api requests
15
16 if ($token) {
17
18 $user = Admin::where('remember_token', $token)->first();
19
20 $request->request->add(['user' => $user]); //to fetch logged in user details in other apis
21
22 if ($user) {
23 return $next($request); //pass on the params to controller
24 } else {
25 return response()->json('Token expired.');
26 }
27
28 } else{
29
30 if (Auth::guard('admin')->attempt(['email' => $request->email, 'password' => $request->password], $request->get('remember'))) {
31
32 $remember_token = \Str::random(60);
33
34 $user = Auth::user();
35 $user->last_login = new \DateTime();
36 $user->remember_token = $remember_token;
37 $user->save();
38
39 $remember_token = Admin::where('id', Auth::user()->id)->value('remember_token');
40 //remember_token is fetched separately, as it set hidden in its Model
41
42 $data = ['remember_token'=>$remember_token]; //to use as Authorization -> Bearer remember_token, in other apis.
43 return response()->json($data);
44 }
45
46 }
47
48 return response()->json('Incorrect Credentials');
49 // return $next($request);
50
51 }
52}
53
54
55//pass below line in /routes/api.php
56Route::post('leads', 'Api\UserController@index')->middleware('auth_api');
57
58
59//use below code in Controller file
60<?php
61
62namespace App\Http\Controllers\API;
63
64use App\Http\Controllers\Controller;
65use Illuminate\Http\Request;
66
67class UserController extends Controller
68{
69 /**
70 * Display a listing of the resource.
71 *
72 * @return \Illuminate\Http\Response
73 */
74 public function index(Request $request)
75 {
76 $data = ['user'=> 'data'];
77 return response()->json($data);
78 }
79
80}
81
82//also don't forget to pass this Middleware class in /app/Http/Kernel.php
83protected $routeMiddleware = [
84
85 'auth_api' => \App\Http\Middleware\ApiAuthenticate::class,
86 ];
87
1$data = $request->all();
2Auth::attempt(['email'=>$data['email'] , 'password'=>$data['password']])