About Laravel 5.4 Dingo Passport Boilerplate

This repository serves as a base for implementing RESTful APIs with Laravel, Laravel Passport and Dingo. The latest release of Dingo, nameley v1.0.0-beta8 supports Laravel 5.4.

Laravel Passport - Notes

• In order to see which migration files Passport is actually using, Passport::ignoreMigrations() has been put into the registermethod of AppServiceProvider. Running php artisan vendor:publish --tag=passport-migrations puts the default Passport migrations into database/migrations folder.

• creae_oauth_auth_codes_table.php

  • Structure:

     Schema::create('oauth_auth_codes', function (Blueprint $table) {
         $table->string('id', 100)->primary();
         $table->integer('user_id');
         $table->integer('client_id');
         $table->text('scopes')->nullable();
         $table->boolean('revoked');
         $table->dateTime('expires_at')->nullable();
     });
    

  • Associated Model: Laravel\Passport\AuthCode
    • Methods:

       /**
        * Get the client that owns the authentication code.
        *
        * @return \Illuminate\Database\Eloquent\Relations\HasMany
        */
       public function client();
      

• create_oauth_access_tokens_table.php

  • Structure:

     Schema::create('oauth_access_tokens', function (Blueprint $table) {
         $table->string('id', 100)->primary();
         $table->integer('user_id')->index()->nullable();
         $table->integer('client_id');
         $table->string('name')->nullable();
         $table->text('scopes')->nullable();
         $table->boolean('revoked');
         $table->timestamps();
         $table->dateTime('expires_at')->nullable();
     });
    

  • Associated Model: Laravel\Passport\Token
    • Methods:

      /**
       * Get the client that the token belongs to.
       *
       * @return \Illuminate\Database\Eloquent\Relations\BelongsTo
       */
      public function client();
      
      /**
       * Get the user that the token belongs to.
       *
       * @return \Illuminate\Database\Eloquent\Relations\BelongsTo
       */
      public function user();
      
      /**
       * Determine if the token has a given scope.
       *
       * @param  string  $scope
       * @return bool
       */
      public function can($scope);
      
      /**
       * Determine if the token is missing a given scope.
       *
       * @param  string  $scope
       * @return bool
       */
      public function cant($scope);
      
      /**
       * Revoke the token instance.
       *
       * @return void
       */
      public function revoke();
      
      /**
       * Determine if the token is a transient JWT token.
       *
       * @return bool
       */
      public function transient();
      

• create_oauth_refresh_tokens_table.php

  • Structure:

     Schema::create('oauth_refresh_tokens', function (Blueprint $table) {
         $table->string('id', 100)->primary();
         $table->string('access_token_id', 100)->index();
         $table->boolean('revoked');
         $table->dateTime('expires_at')->nullable();
     });
    

  • Associated Model: Has no real associated Eloquent Model but is used by Laravel\Passport\Bridge\RefreshTokenRepository
    • Methods:

      /**
       * {@inheritdoc}
       */
      public function getNewRefreshToken();
      
      /**
       * {@inheritdoc}
       */
      public function persistNewRefreshToken(RefreshTokenEntityInterface $refreshTokenEntity);
      
      /**
       * {@inheritdoc}
       */
      public function revokeRefreshToken($tokenId);
      
      /**
       * {@inheritdoc}
       */
      public function isRefreshTokenRevoked($tokenId);
      

• create_oauth_clients_table.php

  • Structure:

     Schema::create('oauth_clients', function (Blueprint $table) {
         $table->increments('id');
         $table->integer('user_id')->index()->nullable();
         $table->string('name');
         $table->string('secret', 100);
         $table->text('redirect');
         $table->boolean('personal_access_client');
         $table->boolean('password_client');
         $table->boolean('revoked');
         $table->timestamps();
     });
    

  • Associated Model: Laravel\Passport\Client
    • Methods:

      /**
       * Get all of the authentication codes for the client.
       *
       * @return \Illuminate\Database\Eloquent\Relations\HasMany
       */
      public function authCodes();
      
      /**
       * Get all of the tokens that belong to the client.
       *
       * @return \Illuminate\Database\Eloquent\Relations\HasMany
       */
      public function tokens();
      
      /**
       * Determine if the client is a "first party" client.
       *
       * @return bool
       */
      public function firstParty();
      

• create_oauth_personal_access_clients_table.php

  • Structure:

     Schema::create('oauth_personal_access_clients', function (Blueprint $table) {
         $table->increments('id');
         $table->integer('client_id')->index();
         $table->timestamps();
     });
    

  • Associated Model: Laravel\Passport\PersonalAccessClient
    • Methods:

      /**
       * Get all of the authentication codes for the client.
       *
       * @return \Illuminate\Database\Eloquent\Relations\BelongsTo
       */
      public function client();
      

What has been done so far?

• Install the latest Dingo version (v1.0.0-beta8) which is compatible with Laravel 5.4
• Put Dingo\Api\Provider\LaravelServiceProvider::class into the providers array of config/app.php
• Run php artisan vendor:publish --provider="Dingo\Api\Provider\LaravelServiceProvider"
• Make Dingo Facades available: 'DingoApi' => Dingo\Api\Facade\API::class, 'DingoRoute' => Dingo\Api\Facade\Route::class
• Update .env.example and insert minimum amount of API_* constants to make Dingo work
• Install CORS Middleware
• Make CORS available to all routes. You can change that behaviour by updating app/Http/Kernel.php and put \Barryvdh\Cors\HandleCors::class into your middlewareGroups instead of middleware
• Make CORS configuration available as config/cors.php
• Moved the User-model into namespace App\Models and adjusted all config files so everything works as before.
• Install Passport via ``composer require laravel/passport```
• Register PassportServiceProvider by adding Laravel\Passport\PassportServiceProvider::class to the providers`` array of config/app.php```
• In order to see which migration files Passport is actually using, Passport::ignoreMigrations() has been put into the registermethod of AppServiceProvider. Running php artisan vendor:publish --tag=passport-migrations puts the default Passport migrations into database/migrations folder.
• Run php artisan passport:install This command will create the encryption keys needed to generate secure access tokens. In addition, the command will create "personal access" and "password grant" clients which will be used to generate access tokens.
• Added Laravel\Passport\HasApiTokens to App\Models\User
• In order to get some default routes by Passport, Pasport::routes method has been put into the boot method of AuthServiceProvider. You can delete this method and create your own routes if you wish to do so.
• In the config/auth.php configuration file, the driver option of the api authentication guard to has been set to passport. This will instruct your application to use Passport's TokenGuard when authenticating incomng API requests.
• Added custom DingoPassportServiceProvider

How do I use it?

• Clone the repo
• Copy .env.example to .env and alter it to your preferences
• Run composer install