Table of Contents
Laravel 11 – Building API using Sanctum
– Table of Contents
Step 1: Install Laravel 11
Step 2: Install Sanctum API
Step 3: Sanctum Configuration
Step 4: Add Blog Migration and Model
Step 5: Create Eloquent API Resources
Step 6: Create Controller Files
Step 7: Create API Routes
Step 8: Run Laravel App
Step 9: Check following API
Step 1: Install Laravel 11
Open your terminal and Install new Laravel application
Switch to the project folder
Step 2: Install Sanctum API
Run the following command to install Sanctum with API
Step 3: Sanctum Configuration
In app/Models/User.php, we added the HasApiTokens class of Sanctum
namespace AppModels;
// use IlluminateContractsAuthMustVerifyEmail;
use IlluminateDatabaseEloquentFactoriesHasFactory;
use IlluminateFoundationAuthUser as Authenticatable;
use IlluminateNotificationsNotifiable;
use LaravelSanctumHasApiTokens;
class User extends Authenticatable
{
use HasFactory, Notifiable, HasApiTokens;
/**
* The attributes that are mass assignable.
*
* @var array<int, string>
*/
protected $fillable = [
‘name’,
’email’,
‘password’,
];
/**
* The attributes that should be hidden for serialization.
*
* @var array<int, string>
*/
protected $hidden = [
‘password’,
‘remember_token’,
];
/**
* Get the attributes that should be cast.
*
* @return array<string, string>
*/
protected function casts(): array
{
return [
’email_verified_at’ => ‘datetime’,
‘password’ => ‘hashed’,
];
}
}
Step 4: Add Blog Migration and Model
Run the following command to add Blog migration and model
After that go to database/migrations and you will find the created migration file
use IlluminateDatabaseMigrationsMigration;
use IlluminateDatabaseSchemaBlueprint;
use IlluminateSupportFacadesSchema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create(‘blogs’, function (Blueprint $table) {
$table->id();
$table->string(‘title’);
$table->longText(‘detail’);
$table->timestamps();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists(‘blogs’);
}
};
Then go to app/Models/Blog.php
namespace AppModels;
use IlluminateDatabaseEloquentFactoriesHasFactory;
use IlluminateDatabaseEloquentModel;
class Blog extends Model
{
use HasFactory;
protected $fillable = [
‘title’, ‘detail’
];
}
Step 5: Create Eloquent API Resources
Run the following commands to create Blog API Resources
Then go to app/Http/Resources/BlogResource.php
namespace AppHttpResources;
use IlluminateHttpRequest;
use IlluminateHttpResourcesJsonJsonResource;
class BlogResource extends JsonResource
{
// Transform the resource into an array.
public function toArray(Request $request): array
{
return [
‘id’ => $this->id,
‘title’ => $this->title,
‘detail’ => $this->detail,
‘created_at’ => $this->created_at->format(‘d/m/Y’),
‘updated_at’ => $this->updated_at->format(‘d/m/Y’),
];
}
}
Step 6: Create Controller Files
Run the following commands to add BaseController & RegisterController & BlogController
php artisan make:controller API/RegisterController
php artisan make:controller API/BlogController
Then go to app/Http/Controllers/API/BaseController.php and add this code
namespace AppHttpControllersAPI;
use AppHttpControllersController;
use IlluminateHttpRequest;
class BaseController extends Controller
{
// success response method
public function sendResponse($result, $message)
{
$response = [
‘success’ => true,
‘data’ => $result,
‘message’ => $message,
];
return response()->json($response, 200);
}
// return error response
public function sendError($error, $errorMessages = [], $code = 404)
{
$response = [
‘success’ => false,
‘message’ => $error,
];
if(!empty($errorMessages)){
$response[‘data’] = $errorMessages;
}
return response()->json($response, $code);
}
}
Now go to app/Http/Controllers/API/BaseController.php
namespace AppHttpControllersAPI;
use AppHttpControllersController;
use IlluminateHttpRequest;
use AppModelsUser;
use IlluminateSupportFacadesAuth;
use IlluminateHttpJsonResponse;
use IlluminateSupportFacadesValidator;
class RegisterController extends BaseController
{
// Register api
public function register(Request $request): JsonResponse
{
$validator = Validator::make($request->all(), [
‘name’ => ‘required’,
’email’ => ‘required|email’,
‘password’ => ‘required’,
‘c_password’ => ‘required|same:password’,
]);
if($validator->fails()){
return $this->sendError(‘Validation Error.’, $validator->errors());
}
$input = $request->all();
$input[‘password’] = bcrypt($input[‘password’]);
$user = User::create($input);
$success[‘token’] = $user->createToken(‘MyApp’)->plainTextToken;
$success[‘name’] = $user->name;
return $this->sendResponse($success, ‘User register successfully.’);
}
// Login api
public function login(Request $request): JsonResponse
{
if(Auth::attempt([’email’ => $request->email, ‘password’ => $request->password])){
$user = Auth::user();
$success[‘token’] = $user->createToken(‘MyApp’)->plainTextToken;
$success[‘name’] = $user->name;
return $this->sendResponse($success, ‘User login successfully.’);
}
else{
return $this->sendError(‘Unauthorised.’, [‘error’=>‘Unauthorised’]);
}
}
}
Finally, go to app/Http/Controllers/API/BlogController.php
namespace AppHttpControllersAPI;
use AppHttpControllersController;
use IlluminateHttpRequest;
use AppHttpControllersAPIBaseController;
use AppModelsBlog;
use AppHttpResourcesBlogResource;
use IlluminateHttpJsonResponse;
use IlluminateSupportFacadesValidator;
class BlogController extends BaseController
{
// Display a listing of the resource.
public function index(): JsonResponse
{
$blogs = Blog::all();
return $this->sendResponse(BlogResource::collection($blogs), ‘Blogs retrieved successfully.’);
}
// Store a newly created resource in storage.
public function store(Request $request): JsonResponse
{
$input = $request->all();
$validator = Validator::make($input, [
‘title’ => ‘required’,
‘detail’ => ‘required’
]);
if($validator->fails()){
return $this->sendError(‘Validation Error.’, $validator->errors());
}
$blog = Blog::create($input);
return $this->sendResponse(new BlogResource($blog), ‘Blog created successfully.’);
}
// Display the specified resource.
public function show($id): JsonResponse
{
$blog = Blog::find($id);
if (is_null($blog)) {
return $this->sendError(‘Blog not found.’);
}
return $this->sendResponse(new BlogResource($blog), ‘Blog retrieved successfully.’);
}
// Update the specified resource in storage.
public function update(Request $request, Blog $blog): JsonResponse
{
$input = $request->all();
$validator = Validator::make($input, [
‘title’ => ‘required’,
‘detail’ => ‘required’
]);
if($validator->fails()){
return $this->sendError(‘Validation Error.’, $validator->errors());
}
$blog->title = $input[‘title’];
$blog->detail = $input[‘detail’];
$blog->save();
return $this->sendResponse(new BlogResource($blog), ‘Blog updated successfully.’);
}
// Remove the specified resource from storage.
public function destroy(Blog $blog): JsonResponse
{
$blog->delete();
return $this->sendResponse([], ‘Blog deleted successfully.’);
}
}
Step 7: Create API Routes
In this step we will create API routes for login, register, and blogs.
Go to routes/api.php
use IlluminateHttpRequest;
use IlluminateSupportFacadesRoute;
use AppHttpControllersAPIRegisterController;
use AppHttpControllersAPIBlogController;
Route::controller(RegisterController::class)->group(function(){
Route::post(‘register’, ‘register’)->name(‘register’);
Route::post(‘login’, ‘login’)->name(‘login’);
});
Route::middleware(‘auth:sanctum’)->group( function () {
Route::apiResource(‘blogs’, BlogController::class);
Route::get(‘user’, function (Request $request) {
return $request->user();
})->name(‘user’);
});
Step 8: Run Laravel App
Run the database migrations (Set the database connection in .env before migrating)
Start the local development server
Step 9: Check following API
Now, go to your Postman to check api
Make sure in the details API, we will use the following headers as listed below
‘Accept’ => ‘application/json’,
‘Authorization’ => ‘Bearer ‘.$accessToken,
]
Now you can simply run the above listed URLs as shown in the screenshot below:
Postman
Note: You can download postman file from here
Thanks,
If you enjoy my work, consider buying me a coffee to keep the creativity flowing!