This is Core service what provide the following functionality
- Registration
- Authentication
- Authorization
HTTP Basic Authentication provides a quick way to authenticate users of your application without setting up a dedicated "login" page. To get started, attach the auth.basic middleware to your route. The auth.basic middleware is included with the Laravel framework, so you do not need to define it:
# POST Request:
curl -d "email={email}&password={password}" -X POST http://localhost:8080/auth/basic/user
# Sample Response
{
"id": 1,
"name": "admin",
"email": "[email protected]",
"email_verified_at": null,
"api_token": "qiXVi2e17k58VU0Mxl1PDpl7IwfbNsL4cbjRaq9RPICXzcHdPgoOVlHN98Sl",
"current_team_id": null,
"profile_photo_path": null,
"created_at": "2020-11-23T17:56:06.000000Z",
"updated_at": "2020-11-26T11:57:30.000000Z",
"profile_photo_url": "https:\/\/ui-avatars.com\/api\/?name=admin&color=7F9CF5&background=EBF4FF"
}
You may also use HTTP Basic Authentication without setting a user identifier cookie in the session, which is particularly useful for API authentication. To do so, define a middleware that calls the onceBasic method. If no response is returned by the onceBasic method, the request may be passed further into the application:
# POST Request:
curl -d "email={email}&password={password}" -X POST http://localhost:8080/auth/basic/user
# Sample Response
{
"id": 1,
"name": "admin",
"email": "[email protected]",
"email_verified_at": null,
"api_token": "qiXVi2e17k58VU0Mxl1PDpl7IwfbNsL4cbjRaq9RPICXzcHdPgoOVlHN98Sl",
"current_team_id": null,
"profile_photo_path": null,
"created_at": "2020-11-23T17:56:06.000000Z",
"updated_at": "2020-11-26T11:57:30.000000Z",
"profile_photo_url": "https:\/\/ui-avatars.com\/api\/?name=admin&color=7F9CF5&background=EBF4FF"
}
- Set a new Guard in auth.php
'token-api' => [ 'driver' => 'token', 'provider' => 'users', 'hash' => false, // if use use hashed token set it `true` ], - Create a column in users table
api_tokenvarchar(80) unique and nullable - Populate that column for the target user you want to login via api, either
'api_token' => Str::random(60), if you want to use hashed value then'api_token' => hash('sha256', Str::random(60)), - Get the token manually from user table or user the following request to get the token
# Request to get api_token curl -d "email={email}&password={password}" -X POST http://localhost:8080/auth/token/api_token # Response { "access_token": "qiXVi2e17k58VU0Mxl1PDpl7IwfbNsL4cbjRaq9RPICXzcHdPgoOVlHN98Sl", "token_type": "bearer", "expires_in": "never" } - Use above token for following routes
# Uset api_token in GET or Post or Bearer # add above header in your following rquests # Request to get User Profile via GET GET: http://localhost:8080/auth/token/user?api_token={token} # Request to get User Profile via POST curl -d "api_token={token}" -X POST http://localhost:8080/auth/token/user
Request:
# Request to get JWT token
curl -d "email={email}&password={password}" -X POST http://localhost:8080/auth/jwt/login
# Response
{
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwODAvYXBpL2dldEp3dFRva2VuIiwiaWF0IjoxNjA2MzE2MzcxLCJleHAiOjE2MDYzMTk5NzEsIm5iZiI6MTYwNjMxNjM3MSwianRpIjoieks0QTlacjZ2d3JnRTZvcyIsInN1YiI6MSwicHJ2IjoiMjNiZDVjODk0OWY2MDBhZGIzOWU3MDFjNDAwODcyZGI3YTU5NzZmNyJ9.8ncvNbIxP-14vuUadNpCjofNAYXIlylu-pXg2Iq7JHE",
"token_type": "bearer",
"expires_in": 3600,
"user": {User Object}
}
# Header: "authorization: bearer {access_token}"
# add above header in your following rquests
# Request to get User Profile
GET: http://localhost:8080/auth/jwt/user
# Request to get refresh JWT token
GET: http://localhost:8080/auth/jwt/refresh
# Request to destory JWT token
GET: http://localhost:8080/auth/jwt/logout
Please execute these in the same order for the very first time
- Run
composer require laravel/passport - Run
php artisan migrate - Run
php artisan passport:install - Run
php artisan passport:install --uuids - Run
php artisan passport:keys - Run
php artisan vendor:publish --tag=passport-migrations - Update
\App\Providers\AuthServiceProvider::bootmethod and add the following lines# Passport related settings Passport::routes(); Passport::loadKeysFrom('/secret-keys/oauth'); Passport::tokensExpireIn(now()->addDays(15)); Passport::refreshTokensExpireIn(now()->addDays(30)); Passport::personalAccessTokensExpireIn(now()->addMonths(6)); # If you want to use hashed client secrets then enable the following line # Passport::hashClientSecrets(); - Run
php artisan vendor:publish --tag=passport-views
- Run
php artisan passport:client
- Requesting a Token :
http://localhost:8080/oauth/authorizehttp://localhost:8080/oauth/authorize?client_id=9219f786-e166-4583-98a5-b09c5f1abb36&redirect_uri=http%3A%2F%2Flocalhost%2Fcallback&response_type=code&scope=&state=asdfadsf
- Endpoint:
http://localhost:8080/graphql - Available
Types- Wine
- Article
- Author
- Available
Queries- wine or wines
- article or articles
- author or authors
{ article (id: 9) { id, title, user { name, email } }, wine (id: 1) { id, name, color } } - Available
Mutations - updateWineColor
mutation wine { updateWineColor(id: 1, color: "blue") { id, name, color } }, mutation Author { updateAuthorEmail(id: 1, email: "[email protected]") { id, name, email } }
- Docker
- Git
- PHP FPM 7.4
- Nginx 1.17
- Node 13.7
- Composer 2.0
- Laravel 8
- Type
./dev.shto bring the menu and follow the instruction - Create
app/.envfile fromapp/.env.example - Import database file from root directory
backup - Browse
http://localhost:8080 - Login with
admin@localhost/12345678
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent