In this lesson, build up the back end for an OAuth server using the Laravel Passport package that provides a complete OAuth 2 server implementation.
- [Presenter] Laravel, as you might guess, provides for us a variety of tools to get started rather Quickly with OAuth 2.0. To begin, we need to install the auth-scaffold Laravel provides for us so we can login to the Laravel application. Run the command, php artisan make:auth in your terminal application so it'll generate the authentication scaffolding. Now we need to add a composer package for our site for supporting OAuth 2.0.
This package is going to be, composer require laravel/passport After this installs, we need to run some migrations to ensure we add some new database fields. So we'll run, php artisan migrate. Now passport is also going to install a custom artisan command to install itself. So we can run, php artisan passport:install.
You'll note it generates two clients for us, each of which include an ID and a secret. In this case, we don't necessarily care what kind of clients they created. Just understand that they created a client with a corresponding ID and a corresponding secret. Now let's open up the user model class. We'll open up our text editor, and open up app, user.php. Here we can include the trait for including our API tokens into the model.
On line 5, we'll add, use Laravel\ Passport\HasApiTokens; And then on line 11, we can add HasApiTokens to our included traits. After this, we'll need to add the passport routes provider to our list of service providers. So open up the route service provider located in app, Providers, RouteServiceProvider.
As usual, we need to import a class into our namespace, so we'll add, on line 5, use Laravel\ Passport\Passport. And inside of line 42, inside of our map() function, we'll add Passport::routes. Okay, we're getting closer. We've added Passport, which is a wrapper for OAuth 2.0 implementation.
We added it so that the user model knows how to use the tokens generated. And we added the routes for the service to our application. Now we need to add to our auth configuration, that we're using Passport. Open up the auth config file, located in config, and we'll scroll down to line 45 where we have the api authentication guards, and we'll change the driver for it to rather than being token, to being passport.
This is pretty much the entire back end that we need to build out for OAuth in Laravel. For the front end, we'll set it up in the next video. The Laravel documentation also includes information on deploying this with a real view-based front end, although we're not going to cover it. But feel free to take a look at it if you feel that you need a real front end.
- Reviewing the basics of an API
- Basic pieces of the Laravel framework
- Reading, adding, editing, and deleting a record
- API errors and exceptions
- Transforming your API data
- Returning nested and sideloaded data
- Creating a logging middleware
- Authenticating to your API
- Basic and advanced endpoint testing