I am new to laravel passport API authentication. I have a website and i am developing a mobile application also , so i need to create some APIs for my mobile application, i have installed laravel passport and done all the configurations.
Now when i register or login i will send user details with token generated to the mobile application through API.
in my website there is a dashboard for users,this dashboard is only accessible after user loged in. i have created some APIs for getting dashboard data for mobile user,this user related data need token authentication,so when i check the API through postman with 'Bearer xxxxx' , it works fine.
My API routes are given below
Route::post('user/login', 'API\UserController@login');
Route::post('user/register', 'API\UserController@register');
Route::post('projects/home_page', 'API\ProjectController@homePage');
Route::post('projects/filter', 'API\ProjectController@filter');
Route::post('projects/load_more', 'API\ProjectController@loadMore');
Route::get('master/terms_conditions', 'API\MasterItemsController@termsAndConditions');
Route::get('master/about_us', 'API\MasterItemsController@aboutUs');
Route::get('master/policy', 'API\MasterItemsController@policy');
Route::get('master/contact_info', 'API\MasterItemsController@contactInfo');
Route::post('master/categories', 'API\MasterItemsController@categories');
Route::get('tours/home_page', 'API\InvestmentTourController@homePage');
Route::post('tours/filter', 'API\InvestmentTourController@filter');
Route::post('tours/load_more', 'API\InvestmentTourController@loadMore');
Route::post('tours/view', 'API\InvestmentTourController@view');
Route::post('projects/view', 'API\ProjectController@view');
Route::post('master/cities', 'API\MasterItemsController@cities');
Route::group(['middleware' => 'auth:api'], function () {
Route::post('user/details', 'API\UserController@details');
Route::post('user/update/profile', 'API\UserController@updateProfile');
Route::post('user/projects/count', 'API\UserController@numberOfProjects');
Route::post('user/projects/list', 'API\UserController@projectList');
Route::post('user/projects/favourites', 'API\UserController@favouriteProjects');
Route::post('user/investments/count', 'API\UserController@numberOfInvestments');
Route::post('user/investments/list', 'API\UserController@investmentsList');
Route::post('user/become_investor', 'API\UserController@favouriteProjects');
Route::post('user/send_verification_email', 'API\UserController@sendVerificationEmail');
Route::post('user/investments/accept_reject', 'API\UserController@investmentAcceptOrReject');
Route::post('user/investments/add_investment', 'API\UserController@investmentAcceptOrReject');
Route::post('user/projects/set_as_favourite', 'API\UserController@setAsFavourite');
/** Project routes **/
Route::post('user/projects/add', 'API\ProjectController@add');
Route::post('user/projects/investments', 'API\ProjectController@investments');
Route::post('master/types', 'API\MasterItemsController@types');
Route::post('master/stages', 'API\MasterItemsController@stages');
Route::post('master/investment_types', 'API\MasterItemsController@investmentTypes');
Route::get('master/commitment', 'API\MasterItemsController@commitment');
Route::get('tours/favourites', 'API\InvestmentTourController@favouriteTours');
Route::get('projects/favourites', 'API\ProjectController@favouriteProjects');
});
a sample code from Usercontroller under API is as below
/**
* API for user login
* @param $post data
* @method POST
* @link api/user/login
* @return JOSN reposnse
**/
public function login(Request $request)
{
$validator = Validator::make($request->all(), [
'email' => 'required|email',
'password' => 'required',
]);
if ($validator->fails()) {
return response()->json(['error' => $validator->errors()], 401);
}
if (Auth::attempt(['email' => request('email'), 'password' => request('password')])) {
$user = Auth::user();
$success['token'] = $user->createToken('MyApp')->accessToken;
$success['user'] = $user;
return response()->json(['success' => $success], $this->successStatus);
} else {
return response()->json(['error' => 'Unauthorised'], 401);
}
}
/**
* API for user registration
* @param $post data
* @method POST
* @link api/user/register
* @return JOSN reposnse
**/
public function register(Request $request)
{
$validator = Validator::make($request->all(), [
'name' => 'required',
'email' => 'required|email',
'phone' => 'required|numeric|min:10',
'password' => 'required',
'c_password' => 'required|same:password',
]);
if ($validator->fails()) {
return response()->json(['error' => $validator->errors()], 401);
}
$input = $request->all();
$input['password'] = bcrypt($input['password']);
$user = User::create($input);
$success['token'] = $user->createToken('MyApp')->accessToken;
$success['name'] = $user->name;
return response()->json(['success' => $success], $this->successStatus);
}
As i told my API client is a mobile application, when mobile request loged in user details, they will request the user details with token generated before (may be at the time loged in or register). Here what i want ot know that how do i know teh token is expired, if expired how do i update it in the mobile application, please let me know if anybody has any idea
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire