Authentication setup

Laravel Restify has support for authentication with Laravel Sanctum.

You'll finally enjoy the auth setup (register, login, forgot and reset password).

Prerequisites

Migrate the users, password_resets table (they already exists into a fresh Laravel app).

Install sanctum

See the docs here. You don't need to add \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class, in your 'api' middleware group.

So you only have to run these 3 commands:

composer require laravel/sanctum
php artisan vendor:publish --provider="Laravel\Sanctum\SanctumServiceProvider"
php artisan migrate

Define auth model

Define your authenticatable class in the config file:

// config/restify.php

'auth' => [
    ...
   'user_model' => \App\Models\User::class,
]

The User model should extend the Illuminate\Foundation\Auth\User class or implement the Illuminate\Contracts\Auth\Authenticatable interface.

// User.php

use Illuminate\Foundation\Auth\User as Authenticatable;
use Laravel\Sanctum\HasApiTokens;

class User extends Authenticatable
{
    use HasApiTokens;

Define routes

Restify provides you a simple way to add all of your auth routes ready. Simply add in your routes/api.php:

Route::restifyAuth();

And voila, now you have auth routes ready to be used.

These are default routes provided by restify:

Export auth controllers

All of these routes are handle by default, so you can just use them. However, you can customize each of them by exporting auth controllers:

php artisan restify:auth

So you have all auth controllers, blade email files exported into your project.

Sanctum Middleware

Next, add the auth:sanctum middleware after the api middleware in your config file to protect all restify routes:

/config/restify.php
    'middleware' => [
        'api',
        'auth:sanctum',
        ...
    ],