DEV Community

How to Create a Secure CRUD RESTful API in Laravel 8 and 7 Using Laravel Passport

Kingsconsult on October 15, 2020

Good day, today we are going to be coding strictly in the backend, we are going to convert our Laravel 8 CRUD app to RESTful APIs. API is a softwar...
Collapse
 
skdevelopers profile image
Mian Salman

You have not told us how to deal with access token because when I entered data in 127.0.0.1:8000/api/register and in 127.0.0.1:8000/api/projects route it shows login route not found and after adding this header X-Requested-With I am getting unauthorized message and on register link it's showing response to unauthorized access ?
how to deal with this I have 0 rows in user db ? show I make fake data first to generate access token

Collapse
 
benjaminv profile image
benjaminv • Edited

You should have modified the api routes not the web routes. I made such mistake at the beginning that resulted none of the url existed.
When I carefully corrected two typos in my scripts following the tutorial it worked.

Collapse
 
unreality23 profile image
Vaidotas

I agree, its confusing to say the least for beginner how to use postman in particular.

Collapse
 
nahid570 profile image
Nahid Faraji

I am having the same problem none of this url can be found.
surely, I am modified routes on api.php .

Collapse
 
skdevelopers profile image
Mian Salman

Now I figured out your first post is creating mess because you do not use token in this route 127.0.0.1:8000/api/projects this is wrong implementation as it is not using using token we make with passport auth.

Collapse
 
benjaminv profile image
benjaminv

Hi Mian, could you please give more details of this? It worked okay as I tried.

Collapse
 
vincenttetteh profile image
Vincent Tetteh • Edited

Target class [App\Http\Controllers\App\Http\Controllers\API\ProjectController] does not exist
please help me

Collapse
 
akomykel profile image
Michael Angelo Mahinay • Edited

Hi @vincenttetteh ! In case you're still having this issue, you may refer to this link:
stackoverflow.com/questions/638079...

We have the same problem and this solved mine

Collapse
 
unreality23 profile image
Vaidotas

In header please add Key: Accept Value: application/json

Collapse
 
skdevelopers profile image
Mian Salman

If composer dumpautoload is not helping then check if you have proper namespace declaration in ProjectController.php and double check for typos in class name/route declaration.

Collapse
 
ginsengsage profile image
GinsengSage

Hello, do you decide this problem?

Collapse
 
badadarr profile image
Badar Maulana

testingProjectLaravel % php artisan migrate

Illuminate\Database\QueryException

SQLSTATE[HY000] [1049] Unknown database 'testingprojectlaravel' (SQL: select * from information_schema.tables where table_schema = testingProjectLaravel and table_name = migrations and table_type = 'BASE TABLE')

at vendor/laravel/framework/src/Illuminate/Database/Connection.php:678
674▕ // If an exception occurs when attempting to run a query, we'll format the error
675▕ // message to include the bindings with SQL, which will make this exception a
676▕ // lot more helpful to the developer instead of just the database's errors.
677▕ catch (Exception $e) {
➜ 678▕ throw new QueryException(
679▕ $query, $this->prepareBindings($bindings), $e
680▕ );
681▕ }
682▕

  +33 vendor frames 
Enter fullscreen mode Exit fullscreen mode

34 artisan:37
Illuminate\Foundation\Console\Kernel::handle(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))

Collapse
 
skdevelopers profile image
Mian Salman

Your database is not set property or you have not any database with this name testing.......

Collapse
 
cocl_bz profile image
COCL オスマン

How to logout?

Collapse
 
cocl_bz profile image
COCL オスマン

I got it

public function logout (Request $request) {
$accessToken = auth()->user()->token();
$token= $request->user()->tokens->find($accessToken);
$token->revoke();

    return response(['message' => 'You have been successfully logged out.'], 200);
}
Enter fullscreen mode Exit fullscreen mode
Collapse
 
benjaminv profile image
benjaminv
public function logout (Request $request) {
        $accessToken = auth()->user()->token();
        $token = $request->user()->tokens->find($accessToken);
        $token->revoke();

        return response([
            'message' => 'You have been successfully logged out.',
        ], 200);
    }
Enter fullscreen mode Exit fullscreen mode

This makes sense I however got this error, do not know why,
Call to a member function token() on null

Thread Thread
 
benjaminv profile image
benjaminv

I figured out what happened. Before you can log a user out via API, you will need to pass authentication first and then log your login off. Therefore the route logout has to be underneath the middleware auth. For convenience I grouped it with the /user route that is used in this tutorial.

Route::middleware('auth:api')->group(function (){
    Route::get('/user', function (Request $request) {
        return $request->user();
    });
    Route::post('logout', [
        AuthController::class, 'logout'
    ]);
});
Enter fullscreen mode Exit fullscreen mode
Thread Thread
 
abhaydix07 profile image
Abhaydix07

Thankyou Sir

Collapse
 
cocl_bz profile image
COCL オスマン

request project id=1 GET api.test/api/projects/1
But, how to request by project name? can you give me a sample?
Thank you.

Collapse
 
dixonnixon profile image
andrey • Edited

after I`ve done all by hands I got an error. Please help)

Symfony\Component\Routing\Exception\RouteNotFoundException
Route [login] not defined.
192.168.20.105:8085/api/projects

Collapse
 
nahid570 profile image
Nahid Faraji

same here. Did you figure it out?

Collapse
 
simonhumanpixel profile image
simon-humanpixel

this works for me - its important to register a user first and get their token back and use it in future requests.

Collapse
 
naungyehtet profile image
Naung Ye Htet

can it be a security issue that exposing the id in resource?