|
| 1 | +# Using Laravel Sanctum |
| 2 | + |
| 3 | +This guide will help you setup [Laravel Sanctum](https://laravel.com/docs/11.x/sanctum) authentication for your ExpressionEngine Members. For simplicity's sake this guide assumes that you have already [installed Coilpack](../getting-started.md). |
| 4 | + |
| 5 | +## Database Setup |
| 6 | + |
| 7 | +When you install Sanctum it will create additional database tables to store access tokens. So it is important to make sure the default database connection is properly configured. You can use the Laravel 11 default choice of `sqlite` or any other available connection. |
| 8 | + |
| 9 | +If you wish to use the same MySQL database that ExpressionEngine is using we recommend that you give Laravel's database tables their own prefix that will not conflict with your ExpressionEngine table prefix (usually `exp_`). The database table prefix can be set in the `config/database.php` file. |
| 10 | + |
| 11 | +## Install Laravel Sanctum |
| 12 | + |
| 13 | +Recent versions of Laravel include Sanctum however if you're running an older version you may need to follow a [different set of instructions](https://laravel.com/docs/10.x/sanctum#installation). For our example we're using Laravel 11 and we can simply run `php artisan install:api`. Once the files are published you will be asked if you want to run pending database migrations which you should respond to with `yes`. |
| 14 | + |
| 15 | +## Create a Custom Member Model |
| 16 | + |
| 17 | +In order to use Sanctum with our ExpressionEngine models we need to create a [Custom Member Model](../advanced/authentication.md#custom-member-model) and add the `HasApiTokens` trait. |
| 18 | + |
| 19 | +```php artisan make:model Member``` |
| 20 | + |
| 21 | +Replace the contents with the following code which adds the necessary `HasApiTokens` trait from Sanctum. This code also updates the definition for the `tokens` relationship to set the database connection to Laravel's default instead of the `coilpack` connection used by the Member model. |
| 22 | + |
| 23 | +```php |
| 24 | +<?php |
| 25 | + |
| 26 | +namespace App\Models; |
| 27 | + |
| 28 | +use Laravel\Sanctum\HasApiTokens; |
| 29 | +use Expressionengine\Coilpack\Models\Member\Member as BaseMember; |
| 30 | + |
| 31 | +class Member extends BaseMember |
| 32 | +{ |
| 33 | + use HasApiTokens; |
| 34 | + |
| 35 | + /** |
| 36 | + * Get the access tokens that belong to model. |
| 37 | + * |
| 38 | + * @return \Illuminate\Database\Eloquent\Relations\MorphMany |
| 39 | + */ |
| 40 | + public function tokens() |
| 41 | + { |
| 42 | + return $this->setConnection(config('database.default'))->morphMany(\Laravel\Sanctum\Sanctum::$personalAccessTokenModel, 'tokenable'); |
| 43 | + } |
| 44 | +} |
| 45 | +``` |
| 46 | + |
| 47 | +Now we can configure Coilpack to use our new Member model that integrates with Laravel Sanctum. Change the `member_model` setting in your Coilpack config file to reference the new model class. |
| 48 | + |
| 49 | +```php |
| 50 | + # config/coilpack.php |
| 51 | + return [ |
| 52 | + ... |
| 53 | + 'member_model' => \App\Models\Member::class, |
| 54 | + ... |
| 55 | + ]; |
| 56 | +``` |
| 57 | + |
| 58 | +## Configure Laravel Sanctum |
| 59 | + |
| 60 | +By default Sanctum uses the `web` guard to do all authentication. We need to change the configuration to add the `coilpack` guard as well. |
| 61 | + |
| 62 | +```php |
| 63 | +# config/sanctum.php |
| 64 | +return [ |
| 65 | + ... |
| 66 | + 'guard' => ['web', 'coilpack'], |
| 67 | + ... |
| 68 | +]; |
| 69 | +``` |
| 70 | + |
| 71 | +## Adding Routes |
| 72 | + |
| 73 | +The following routes can be added to your Laravel application in `routes/web.php`. |
| 74 | + |
| 75 | +**Login** |
| 76 | + |
| 77 | +When Sanctum encounters an unauthenticated user it will send them to a route named `login`. The following code will setup a route that redirects to the ExpressionEngine control panel (or you can link to a custom login template instead). |
| 78 | + |
| 79 | +```php |
| 80 | +Route::get('login', function () { |
| 81 | + return redirect(config('coilpack.admin_url')); |
| 82 | +})->name('login'); |
| 83 | +``` |
| 84 | + |
| 85 | +:::note |
| 86 | +The `login` route is typically provided by Laravel's authentication scaffolding so if you're using that you can skip this step. |
| 87 | +::: |
| 88 | + |
| 89 | +**Current User** |
| 90 | + |
| 91 | +Retrieve the authenticated user from Sanctum. |
| 92 | + |
| 93 | +```php |
| 94 | +Route::middleware('auth:sanctum')->get('/user', function (Illuminate\Http\Request $request) { |
| 95 | + return $request->user(); |
| 96 | +}); |
| 97 | +``` |
| 98 | + |
| 99 | +**Create Token** |
| 100 | + |
| 101 | +If you want to use Sanctum for [token based authentication](https://laravel.com/docs/11.x/sanctum#api-token-authentication) you can add this route to handle token creation. |
| 102 | + |
| 103 | +```php |
| 104 | +Route::middleware('auth:coilpack')->post('/tokens/create', function (Illuminate\Http\Request $request) { |
| 105 | + $token = $request->user('coilpack')->createToken($request->token_name); |
| 106 | + |
| 107 | + return ['token' => $token->plainTextToken]; |
| 108 | +}); |
| 109 | +``` |
| 110 | + |
| 111 | +## Laravel Sanctum Documentation |
| 112 | + |
| 113 | +For more information please reference the [Laravel Sanctum documentation](https://laravel.com/docs/11.x/sanctum). |
0 commit comments