Laravel API Boilerplate (OAuth2 Edition)
, (*1)
Laravel API Boilerplate is a ready-to-use "starting pack" that you can use to build your first API in seconds. As you can easily imagine, it is built on top of the awesome Laravel Framework., (*2)
It also benefits from three pacakages:, (*3)
With a similar foundation is really easy to get up and running in no time. I just made an "integration" work, adding here and there something that I found useful., (*4)
Installation
- composer create-project muhammadshakeel/laravel-api-boilerplate-oauth your-project
- cd your-project
- php -r "copy('.env.example', '.env');"
- php artisan key:generate
- chmod -R 777 storage/ bootstrap/cache/
- php artisan vendor:publish
- php artisan migrate
- php artisan db:seed --class=ClientTableSeeder
Done!, (*5)
Main Features
A Ready-To-Use AuthController
I've put an "AuthController" in App\Api\V1\Controllers. It supports the four basic authentication/password recovery operations:, (*6)
-
login();
-
signup();
-
recovery();
-
reset();
In order to work with them, you just have to make a POST request with the required data., (*7)
You will need:, (*8)
-
login: just email and password;
-
signup: whatever you like: you can specify it in the config file;
-
recovery: just the user email address;
-
reset: token, email, password and password confirmation;
A Separate File for Routes
You can specify your routes in the *api_routes.php_ file, that will be automatically loaded. In this file you will find many examples of routes., (*9)
Configuration
As I already told before, this boilerplate is based on dingo/api and lucadegasperi/oauth2-server-laravel packages. So, you can find many informations about configuration here and here., (*10)
However, there are some extra options that I placed in a config/boilerplate.php file., (*11)
-
signup_fields: you can use this option to specify what fields you want to use to create your user;
-
signup_fields_rules: you can use this option to specify the rules you want to use for the validator instance in the signup method;
-
signup_token_release: if "true", an access token will be released from the signup endpoint if everything goes well. Otherwise, you will just get a 201 Created response;
-
reset_token_release: if "true", an access token will be released from the signup endpoint if everything goes well. Otherwise, you will just get a 200 response;
-
recovery_email_subject: here you can specify the subject for your recovery data email;
Creating Endpoints
You can create endpoints in the same way you could to with using the single dingo/api package. You can read its documentation for details., (*12)
After all, that's just a boilerplate! :), (*13)
Notes
I currently removed the VerifyCsrfToken middleware from the $middleware array in app/Http/Kernel.php file. If you want to use it in your project, just use the route middleware csrf you can find, in the same class, in the $routeMiddleware array., (*14)
Feedback
I currently made this project for personal purposes. I decided to share it here to help anyone with the same needs. If you have any feedback to improve it, feel free to make a suggestion, or open a PR!, (*15)
Wallogit.com
