How to Use Multi Authentication API using Laravel 8?
Jan 05, 2022 . Admin
Hello Dev,
In this post, i will show you Laravel provide easy way to create api. We will create multiple authentication api in laravel 8.We will show how to use multiple authentication guards in a laravel 8 api.This article will give you multiple authentication guard drivers (including API) in laravel 8.
In this tutorial, I would like share with you build a multiple guards authentication api in laravel 8. if you have authentication in your mobile app than you can easily do it using passport. Laravel 8 Passport provide way to create auth token for validating users. how to setup multi-auth for laravel 8 apis.
So let's see bellow solution:
Here i will give you many example how to use multiple authentication api in laravel 8.
Step 1 : Create Laravel Fresh ApplicationUse this command then download laravel project setup :
composer create-project --prefer-dist laravel/laravel blogStep 2 : Setup Database
DB_CONNECTION=mysql DB_HOST=127.0.0.1 DB_PORT=3306 DB_DATABASE=here your database name DB_USERNAME=here database username DB_PASSWORD=here database passwordStep 3 : Install Laravel Passport
composer require laravel/passport
After successfully install package, we require to get default migration for create new passport tables in our database. so let's run bellow command.
php artisan migrate
Next, we need to install passport using command, Using passport:install command, it will create token keys for security. So let's run bellow command:
php artisan passport:installStep 4 - Create Client Table
php artisan make:model Client -m
database/migrations/2021_12_28_064135_create_clients_table.php
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class CreateClientsTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('Clients', function (Blueprint $table) {
$table->id();
$table->string('name');
$table->string('email')->unique();
$table->string('password');
$table->timestamps();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::dropIfExists('Clients');
}
}
Use this command to run migration
php artisan migrateStep 5 - Passport Configuration
app/Models/User.php
<?php
namespace App\Models;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Laravel\Passport\HasApiTokens;
class User extends Authenticatable
{
use HasApiTokens, HasFactory, Notifiable;
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name',
'email',
'password',
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password',
'remember_token',
];
/**
* The attributes that should be cast to native types.
*
* @var array
*/
protected $casts = [
'email_verified_at' => 'datetime',
];
}
app/Models/Client.php
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Laravel\Passport\HasApiTokens;
class Client extends Authenticatable
{
use HasFactory, Notifiable, HasApiTokens;
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name', 'email', 'password',
];
}
Step 6 - Add Passport in AuthServiceProvider
app/Providers/AuthServiceProvider.php
<?php
namespace App\Providers;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Illuminate\Support\Facades\Gate;
use Laravel\Passport\Passport;
class AuthServiceProvider extends ServiceProvider
{
/**
* The policy mappings for the application.
*
* @var array
*/
protected $policies = [
// 'App\Models\Model' => 'App\Policies\ModelPolicy',
];
/**
* Register any authentication / authorization services.
*
* @return void
*/
public function boot()
{
$this->registerPolicies();
Passport::routes();
Passport::tokensCan([
'user' => 'User Type',
'client' => 'Client User Type',
]);
}
}
Step 7 - Create Auth Guard
config/auth.php
// Add Guards
'guards' => [
'user' => [
'driver' => 'session',
'provider' => 'users',
],
'user-api' => [
'driver' => 'token',
'provider' => 'users',
],
'client' => [
'driver' => 'session',
'provider' => 'clients',
],
'client-api' => [
'driver' => 'token',
'provider' => 'clients',
],
],
// Add Provider
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
'clients' => [
'driver' => 'eloquent',
'model' => App\Models\Client::class,
],
],
Step 8 - Add Scope Middleware
app/Http/Kernel.php
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* @var array
*/
protected $routeMiddleware = [
'scopes' => \Laravel\Passport\Http\Middleware\CheckScopes::class,
'scope' => \Laravel\Passport\Http\Middleware\CheckForAnyScope::class,
];
Step 9 - Create Custom route File
routes/api/client.php
<?php
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\LoginController;
/*
|--------------------------------------------------------------------------
| API Routes
|--------------------------------------------------------------------------
|
| Here is where you can register API routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| is assigned the "api" middleware group. Enjoy building your API!
|
*/
Route::post('client/login',[LoginController::class, 'clientLogin'])->name('clientLogin');
Route::group( ['prefix' => 'client','middleware' => ['auth:client-api','scopes:client'] ],function(){
// authenticated staff routes here
Route::get('dashboard',[LoginController::class, 'clientDashboard']);
});
routes/api/user.php
<?php
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\LoginController;
/*
|--------------------------------------------------------------------------
| API Routes
|--------------------------------------------------------------------------
|
| Here is where you can register API routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| is assigned the "api" middleware group. Enjoy building your API!
|
*/
Route::post('user/login',[LoginController::class, 'userLogin'])->name('userLogin');
Route::group( ['prefix' => 'user','middleware' => ['auth:user-api','scopes:user'] ],function(){
// authenticated staff routes here
Route::get('dashboard',[LoginController::class, 'userDashboard']);
});
Step 10 - Register Routes File In RouteServiceProvider
app/Http/Controllers/LoginController.php
$this->routes(function () {
Route::prefix('api')
->middleware('api')
->namespace($this->namespace)
->group(base_path('routes/api/client.php'));
Route::prefix('api')
->middleware('api')
->namespace($this->namespace)
->group(base_path('routes/api/user.php'));
});
Step 11 - Create Login Controller
app/Http/Controllers/LoginController.php
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Models\User;
use App\Models\Client;
use Hash;
use Validator;
use Auth;
class LoginController extends Controller
{
public function userDashboard()
{
$users = User::all();
$success = $users;
return response()->json($success, 200);
}
public function clientDashboard()
{
$users = Client::all();
$success = $users;
return response()->json($success, 200);
}
public function userLogin(Request $request)
{
$validator = Validator::make($request->all(), [
'email' => 'required|email',
'password' => 'required',
]);
if($validator->fails()){
return response()->json(['error' => $validator->errors()->all()]);
}
if(auth()->guard('user')->attempt(['email' => request('email'), 'password' => request('password')])){
config(['auth.guards.api.provider' => 'user']);
$user = User::select('users.*')->find(auth()->guard('user')->user()->id);
$success = $user;
$success['token'] = $user->createToken('MyApp',['user'])->accessToken;
return response()->json($success, 200);
}else{
return response()->json(['error' => ['Email and Password are Wrong.']], 200);
}
}
public function clientLogin(Request $request)
{
$validator = Validator::make($request->all(), [
'email' => 'required|email',
'password' => 'required',
]);
if($validator->fails()){
return response()->json(['error' => $validator->errors()->all()]);
}
if(auth()->guard('client')->attempt(['email' => request('email'), 'password' => request('password')])){
config(['auth.guards.api.provider' => 'client']);
$client = client::select('clients.*')->find(auth()->guard('client')->user()->id);
$success = $client;
$success['token'] = $client->createToken('MyApp',['client'])->accessToken;
return response()->json($success, 200);
}else{
return response()->json(['error' => ['Email and Password are Wrong.']], 200);
}
}
}
Run laravel project bellow command
php artisan serve
Now you can open bellow URL on your postman app:
// User Login localhost:8000/user/login // User Dashboard localhost:8000/user/dashboard // Client Login localhost:8000/client/login // Client Dashboard localhost:8000/Client/dashboard
make sure in details api we will use following headers as listed bellow:
'headers' => [
'Accept' => 'application/json',
'Authorization' => 'Bearer '.$accessToken,
]
It will help you...