PHP Framework
Laravel
Laravel development: How to implement APIOAuth2 authentication using Laravel Passport?
Laravel development: How to implement APIOAuth2 authentication using Laravel Passport?
Jun 15, 2023 am 10:28 AM
Laravel is a very popular PHP framework. It is easy to use, highly scalable, and has high code readability. Laravel also provides many add-on packages (Packages) to implement various functions, including Laravel Passport, which is an API package for implementing OAuth2 authentication.
OAuth2 is a popular authorization framework that simplifies the authorization process and is widely used in web and mobile applications. In order to use OAuth2, we need to implement an authorization server to generate tokens and allow clients to use the API. Laravel Passport provides us with an easy way to implement OAuth2 authentication.
This article will introduce how to use Laravel Passport to implement OAuth2 authentication. Before starting, it is assumed that the Laravel framework is already installed.
Install Laravel Passport
You can use Composer to install Laravel Passport. Run the following command in the root directory of your Laravel application:
composer require laravel/passport
After the installation is complete, you need to run the following command to create the necessary tables for Laravel Passport:
php artisan migrate
Next run the following command to create the necessary tables for Laravel Passport generates an encryption key:
php artisan passport:install
The generated key will be used to encrypt the generated token.
Set Passport
After completing the installation, you need to configure Laravel Passport in your application. The following are the necessary steps:
Enable Passport
To enable Laravel Passport, you first need to call the Passport::routes() method. This method will register the necessary routes:
//在bootstrap/app.php文件中加入下面這行代碼 LaravelPassportPassport::routes();
Enable automatic token refresh
By default, the token will automatically expire after it expires. If you want to automatically refresh tokens after they expire, you can use Passport::refreshTokensExpireIn() method in AuthServiceProvider. We add the following code snippet to the AuthServiceProvider:
//在AppProvidersAuthServiceProvider.php文件中加入下面這段代碼
use LaravelPassportPassport;
//其他代碼...
public function boot()
{
$this->registerPolicies();
Passport::routes();
Passport::tokensExpireIn(Carbon::now()->addDays(15));
Passport::refreshTokensExpireIn(Carbon::now()->addDays(30));
} In this example, the tokensExpireIn() method sets the token expiration time to 15 days, and the refreshTokensExpireIn()Method sets the expiration time of the automatically refreshed token to 30 days.
Using Passport in the User model
Now you need to enable the Laravel Passport feature in the User model. This can be achieved by using the Passport::use() method on the User class:
//在app/User.php文件中加入下面這段代碼
use LaravelPassportHasApiTokens;
class User extends Authenticatable
{
use HasApiTokens, Notifiable;
}Creating an OAuth2 client
When using OAuth2 authentication in an application, it needs to be generated by an authorization server API token. In order to communicate with the authorization server, a client needs to be created. You can create a client by running the passport:client command:
php artisan passport:client --password
After running this command, you will be prompted to enter the application name. If you do not want to enter a name, you can choose to use the default value and return Just take a car.
After the operation is completed, a client_id and client_secret will be generated. client_id and client_secret will be used to communicate with the authorization server.
Create API Route
After creating the OAuth2 client, you need to create an API route so that the authorization server can access the API.
//在routes/api.php文件中加入以下代碼
Route::middleware('auth:api')->get('/user', function (Request $request) {
return $request->user();
}); In this example, OAuth2 authentication is required for the route specified by using the auth:api middleware. If a valid API token is not provided, this route will return a 401 Unauthorized HTTP response.
Send HTTP request for authentication
You are now ready to send a request to the API and authenticate using OAuth2 credentials.
You can use tools such as Postman to test the API, and the request needs to contain a valid API token. In Postman, it is possible to include an Authorization header in the request, for example:
Authorization: Bearer [access_token]
access_token must be replaced with the previously generated token.
Summary
Laravel Passport is an easy-to-use OAuth2 server that makes it easy to implement API authentication without having to write a lot of code. In this article, we covered the steps on how to implement OAuth2 authentication using Laravel Passport and showed how to create an OAuth2 client and API routes and authenticate via HTTP requests. If your application needs to use API authentication, then Laravel Passport may be one of the ideal choices for you.
The above is the detailed content of Laravel development: How to implement APIOAuth2 authentication using Laravel Passport?. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undress AI Tool
Undress images for free
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
What are policies in Laravel, and how are they used?
Jun 21, 2025 am 12:21 AM
InLaravel,policiesorganizeauthorizationlogicformodelactions.1.Policiesareclasseswithmethodslikeview,create,update,anddeletethatreturntrueorfalsebasedonuserpermissions.2.Toregisterapolicy,mapthemodeltoitspolicyinthe$policiesarrayofAuthServiceProvider.
What are routes in Laravel, and how are they defined?
Jun 12, 2025 pm 08:21 PM
In Laravel, routing is the entry point of the application that defines the response logic when a client requests a specific URI. The route maps the URL to the corresponding processing code, which usually contains HTTP methods, URIs, and actions (closures or controller methods). 1. Basic structure of route definition: bind requests using Route::verb('/uri',action); 2. Supports multiple HTTP verbs such as GET, POST, PUT, etc.; 3. Dynamic parameters can be defined through {param} and data can be passed; 4. Routes can be named to generate URLs or redirects; 5. Use grouping functions to uniformly add prefixes, middleware and other sharing settings; 6. Routing files are divided into web.php, ap according to their purpose
How do I run tests in Laravel? (php artisan test)
Jun 13, 2025 am 12:02 AM
ToruntestsinLaraveleffectively,usethephpartisantestcommandwhichsimplifiesPHPUnitusage.1.Setupa.env.testingfileandconfigurephpunit.xmltouseatestdatabaselikeSQLite.2.Generatetestfilesusingphpartisanmake:test,using--unitforunittests.3.Writetestswithmeth
What is the purpose of the artisan command-line tool in Laravel?
Jun 13, 2025 am 11:17 AM
Artisan is a command line tool of Laravel to improve development efficiency. Its core functions include: 1. Generate code structures, such as controllers, models, etc., and automatically create files through make: controller and other commands; 2. Manage database migration and fill, use migrate to run migration, and db:seed to fill data; 3. Support custom commands, such as make:command creation command class to implement business logic encapsulation; 4. Provide debugging and environment management functions, such as key:generate to generate keys, and serve to start the development server. Proficiency in using Artisan can significantly improve Laravel development efficiency.
What are controllers in Laravel, and what is their purpose?
Jun 20, 2025 am 12:31 AM
The main role of the controller in Laravel is to process HTTP requests and return responses to keep the code neat and maintainable. By concentrating the relevant request logic into a class, the controller makes the routing file simpler, such as putting user profile display, editing and deletion operations in different methods of UserController. The creation of a controller can be implemented through the Artisan command phpartisanmake:controllerUserController, while the resource controller is generated using the --resource option, covering methods for standard CRUD operations. Then you need to bind the controller in the route, such as Route::get('/user/{id
How do I start the Laravel development server? (php artisan serve)
Jun 12, 2025 pm 07:33 PM
To start the Laravel development server, use the command phpartisanserve, which is provided at http://127.0.0.1:8000 by default. 1. Make sure that the terminal is located in the project root directory containing the artisan file. If it is not in the correct path, use cdyour-project-folder to switch; 2. Run the command and check for errors. If PHP is not installed, the port is occupied or file permissions are problematic, you can specify different ports such as phpartisanserve--port=8080; 3. Visit http://127.0.0.1:8000 in the browser to view the application homepage. If it cannot be loaded, please confirm the port number, firewall settings or try.
How do I use Laravel's validation system to validate form data?
Jun 22, 2025 pm 04:09 PM
Laravelprovidesrobusttoolsforvalidatingformdata.1.Basicvalidationcanbedoneusingthevalidate()methodincontrollers,ensuringfieldsmeetcriterialikerequired,maxlength,oruniquevalues.2.Forcomplexscenarios,formrequestsencapsulatevalidationlogicintodedicatedc
Caching Strategies | Optimizing Laravel Performance
Jun 27, 2025 pm 05:41 PM
CachinginLaravelsignificantlyimprovesapplicationperformancebyreducingdatabasequeriesandminimizingredundantprocessing.Tousecachingeffectively,followthesesteps:1.Useroutecachingforstaticrouteswithphpartisanroute:cache,idealforpublicpageslike/aboutbutno
