Laravel API Authentication with Fortify and Sanctum - All you need to know | Laravel API Server

preview_player
Показать описание

This is a compilation of the series Laravel API Server Ep35-42.

------------

Source code for this lesson:



** Affiliated links
Earn passive income from crypto while you sleep! Get started on Nexo today! Up to 12% annual interest. Get $10 USD reward if you use my referral link below.

Use the legendary Git GUI for FREE! You are seriously missing out if you are not using it.

Beautiful designs created instantly to wow your social networks!

A simple and scalable cloud hosting platform for all developer needs.

Get started on Crypto today. Gets 10% off of all crypto trading fee if you use my referral link below.


Outro Music:

Timestamps:
00:00 L1: Fortify and Authentication: Introduction
07:38 L2: Registration and Password Reset
20:06 L3: Email Verification and Updating User Profile
28:06 L4: 2 Factor Authentication
39:47 L5: Customising Mail Verification
47:54 L6: Customising Authentication
55:28 L7: Laravel Sanctum
01:11:23 L8: Testing Authentication
  1. Acadea.io
  2. laravel
  3. laravel fortify
  4. best practices
  5. fortify
  6. sanctum
Рекомендации по теме
Build Your Own 0:20:14

Build Your Own Custom Auth System with Fortify

Laravel API Authentication 1:16:53

Laravel API Authentication with Fortify and Sanctum - All you need to know | Laravel API Server

Laravel 12 Fortify 0:02:47

Laravel 12 Fortify Authentication | Backend-Only Auth for API & SPA Projects

Ep38 - Laravel 0:12:06

Ep38 - Laravel Fortify: 2 Factor Authentication | Laravel API Server

Ep40 - Laravel 0:08:01

Ep40 - Laravel Fortify Customising Authentication | Laravel API Server

Laravel 9 User 0:08:29

Laravel 9 User Authentication with Fortify

Getting started with 0:19:35

Getting started with Laravel Fortify and Sanctum

Updates to the 0:04:13

Updates to the Laravel Fortify SPA Authentication, Improvements & Routes File Cleanup

Ep36 - Laravel 0:12:53

Ep36 - Laravel Fortify: Auth, Registration and Password Reset

#4: Two Factor 0:17:56

#4: Two Factor Authentication (2FA) - Laravel Fortify Tutorial

How to add 0:28:33

How to add Two-Factor Authentication to Laravel Fortify SPA - Laravel 2FA

How to authenticate 0:11:57

How to authenticate Mobile App using Laravel Sanctum & Laravel Fortify

Ep35 - Authentication 0:08:02

Ep35 - Authentication with Laravel Fortify: An Overview

Auth in Laravel 0:14:05

Auth in Laravel 8: Fortify and Laravel UI (without Jetstream)

Laravel 11 Authentication 0:27:46

Laravel 11 Authentication Simplified with Fortify & Breeze - Part 1 | User Registration

Laravel Fortify SPA 0:09:15

Laravel Fortify SPA Authentication with Laravel Sanctum without Jetstream

#41 Laravel 8 0:24:53

#41 Laravel 8 PHP Framework Basics | User Auth via Fortify | Quick programming tutorial

#3: Email Verification 0:08:21

#3: Email Verification using Laravel Fortify

Laravel 8 with 0:16:57

Laravel 8 with Bootstrap and Authentication with Laravel Fortify

Understanding Why Laravel 0:01:41

Understanding Why Laravel Fortify Sends a Redirect on an API Request and How to Fix It

Laravel Two Factor 0:18:25

Laravel Two Factor Authentication

#1: Laravel Fortify 0:18:49

#1: Laravel Fortify Tutorial: Implement Authentication Scaffolding

Laravel SPA Authentication 0:16:55

Laravel SPA Authentication - setup and common mistakes

Laravel Fortify: Four 0:06:53

Laravel Fortify: Four Auth Things to Customize

Комментарии
Автор

It's realy helpful for me to understand how to use fortify, thanks!

tradinglabnet
Автор

This video is a salvation to my whole authentication struggle.

tommyck
Автор

Are you kidding me? How does the internet even work with something like that URI decode so obscurely hidden away on this corner of youtube? If I get this thing working I'm gonna hammer away at the laravel maintainers' patience until they let me add all this to the docs! Thank you very much for taking the time to do this!

franciscomagalhaes
Автор

must watch video for the developer who want to make separate front-end & back-end. usually i don't comment on youtube video but your video make me to comment & appreaciate your hard-word & effort you put in making this video. Thanks.

farsidd
Автор

Thank you, kind sir. You've helped me graduate college.

adrianmin
Автор

One of the greatest tutorials I've ever watched! THANK YOU VERY MUCH!

useruser
Автор

This video lesson was extremely useful and the content is really easy to understand, I will refer it to my colleagues. From one professional to another, my most sincere thanks. 🤝

arthurservulo
Автор

Crystal clear explanation. Thanks for the effort.

kpdude
Автор

THANK YOU FOR THIS! I created a clean Laravel 9 project to go through your tutorial. I have spent the last 8 or so hours on just your first 30 minutes! :') I am thoroughly documenting and testing along the way, and everything makes so much more sense now. Seriously—THANK YOU! I have been struggling with this part of my project.

jkevinparker
Автор

Perfect class. You can use axios which automatically includes the X-XSRF-COOKIE in the header of all the following requests.

Thank you very much, congratulations.

lucasatolini
Автор

Thank you! It's a very nice guide, I watched it with pleasure!

evmemc
Автор

Excellent video. Since you asked: the "voodoo magic cookie" you mention around 1:03:37 is the cookie that contains your actual session state data because you used the "cookie" SESSION_DRIVER option. If you were to decrypt the value of this cookie, you'd see the data that would normally be stored in a session file, cache system, etc (data like "_token", "_flash", "_previous", etc). In other words, the "livepost_session" cookie value (once decrypted) provides Laravel with your session token. Laravel then looks for a cookie on the request with that name (again, only because you are using the "cookie" session driver), and decrypts the value to get the actual session data. When using an alternate session driver, Laravel uses the same process (decrypting your session cookie to determine the "token"), but will then lookup the actual session data using whichever driver you've selected (cache, file, database, etc). Hope this helps!

steven_fox
Автор

I can not thank you enough for your precious videos. I feel like there is a little mess in authentication in Laravel, and I wish you clear some doubts. as I understand, when a protected http request arrives to API it first goes through sanctum library to make sure that request was issued by an authenticated user. and lets assume that http request contains bearer token. Then, sanctum relates this token to the user by inspecting the tokens table in database. The request will be considered authenticated if the token in the request is a valid token for some user. I want to ask here, is my perspective right? And if it is right, how does sanctum relate to Laravel guards? and can I make any other object authenticatable by sanctum, like for example other kinds of users, and should I make a costume guard with a provider related to this other user? how can I relate those other users to tokens table and tell sanctum that the tokens in the http request maybe for other entities?

JJ--sd-mr
Автор

Can you make a video about Laravel Scout and Elasticsearch? I want to see what is the right way to add data’s with relations into elasticsearch and search in elastic.

Thank you for a great videos. I subscribed to your channel and turned on notifications 👍

sarkhanrasimoghlu
Автор

after I set up sanctum, I cant hit the endpoints with postman anymore?

VitinMusic
Автор

I just don't get it... Trying to make requests through Postman and was able to make it work and pre-fetch CSRF token before each request to the local app so it circumvents the CSRF error and I can login by either going to /api/sanctum/token or to a "normal" website login at "/login" URI... However!
- When I login through /login I get "unauthenticated" response back after making another GET request through postman to "api/user", which judging by what I saw in your video shouldn't be the case (it should threat this login the same way as it does the "api/sanctum/token" login) ?

The only way I can get the "api/user" to not give me "Unauthenticated" error is if I add the bearer token authorization with the request and enter the token I got back when calling "/api/sanctum/token" URI.

Or am I missing something here and "api/" route authentication was never supposed to be "compatible" with the Fortify "/login" route authentication and the "cookie based authentication for Sanctum" that you mention in the video is basically just having to send CSRF token along with the bearer token in the headers of any API request made to "api/" routes in the app for extra protection?

Novica
Автор

Could you please update same with laravel 11.x due to many changes?

adnanzaheer
Автор

I got unidefined status when I requested register route

andresrico
Автор

if i registered the user using Fortify register route then fortify will automatically login the user too at back-end & when i try to login user from nuxt front-end then laravel redirect to his back-end home page because at back-end side user already logged in which throw an error at front-end side & due to failed request loggedIn state of nuxt/auth package does'nt change to true. I hope you understand the condition. Any solution for this? what should i do?
in-short i am trying to say that i can only make the request successful to login or register route for the first time or whenever I click on logout or throw request to logout at server then these login register routes work perfectly for the first time again.

farsidd
Автор

why i still get html return even i set false to view in fortify

albertdaracan
welcome to shbcf.ru