How to QuickStart Secured Rest API Project With Laravel 9 ?

php artisan make:model Post -m

<?phpuse Illuminate\Database\Migrations\Migration;use Illuminate\Database\Schema\Blueprint;use Illuminate\Support\Facades\Schema;return new class extends Migration{    /**     * Run the migrations.     *     * @return void     */    public function up()    {        Schema::create('posts', function (Blueprint $table) {            $table->id();            $table->string('title');            $table->longText('description');            $table->timestamps();        });    }    /**     * Reverse the migrations.     *     * @return void     */    public function down()    {        Schema::dropIfExists('posts');    }};

<?phpnamespace App\Models;use Illuminate\Database\Eloquent\Factories\HasFactory;use Illuminate\Database\Eloquent\Model;class Post extends Model{    use HasFactory;    protected $fillable = ['title', 'description'];}

php artisan make:controller Api\\PostController --model=Post

<?phpnamespace App\Http\Controllers\Api;use App\Http\Controllers\Controller;use App\Http\Requests\StorePostRequest;use App\Models\Post;use Illuminate\Http\Request;class PostController extends Controller{    /**     * Display a listing of the resource.     *     * @return \Illuminate\Http\Response     */    public function index()    {        $posts = Post::all();        return response()->json([            'status' => true,            'posts' => $posts        ]);    }    /**     * Show the form for creating a new resource.     *     * @return \Illuminate\Http\Response     */    public function create()    {        //    }    /**     * Store a newly created resource in storage.     *     * @param  \Illuminate\Http\Request  $request     * @return \Illuminate\Http\Response     */    public function store(StorePostRequest $request)    {        $post = Post::create($request->all());        return response()->json([            'status' => true,            'message' => "Post Created successfully!",            'post' => $post        ], 200);    }    /**     * Display the specified resource.     *     * @param  \App\Models\Post  $post     * @return \Illuminate\Http\Response     */    public function show(Post $post)    {        //    }    /**     * Show the form for editing the specified resource.     *     * @param  \App\Models\Post  $post     * @return \Illuminate\Http\Response     */    public function edit(Post $post)    {        //    }    /**     * Update the specified resource in storage.     *     * @param  \Illuminate\Http\Request  $request     * @param  \App\Models\Post  $post     * @return \Illuminate\Http\Response     */    public function update(StorePostRequest $request, Post $post)    {        $post->update($request->all());        return response()->json([            'status' => true,            'message' => "Post Updated successfully!",            'post' => $post        ], 200);    }    /**     * Remove the specified resource from storage.     *     * @param  \App\Models\Post  $post     * @return \Illuminate\Http\Response     */    public function destroy(Post $post)    {        $post->delete();        return response()->json([            'status' => true,            'message' => "Post Deleted successfully!",        ], 200);    }}

php artisan make:request StorePostRequest

<?phpnamespace App\Http\Requests;use Illuminate\Foundation\Http\FormRequest;class StorePostRequest extends FormRequest{    /**     * Determine if the user is authorized to make this request.     *     * @return bool     */    public function authorize()    {        return true;    }    /**     * Get the validation rules that apply to the request.     *     * @return array     */    public function rules()    {        return [            "title" => "required|max:70",            "description" => "required"        ];    }}

<?phpuse App\Http\Controllers\Api\PostController;use Illuminate\Http\Request;use Illuminate\Support\Facades\Route;Route::apiResource('posts', PostController::class);

composer require laravel/sanctum

php artisan vendor:publish --provider="Laravel\Sanctum\SanctumServiceProvider"

php artisan migrate

<?phpnamespace App\Models;use Illuminate\Contracts\Auth\MustVerifyEmail;use Illuminate\Database\Eloquent\Factories\HasFactory;use Illuminate\Foundation\Auth\User as Authenticatable;use Illuminate\Notifications\Notifiable;use Laravel\Sanctum\HasApiTokens;class User extends Authenticatable{    use HasApiTokens, HasFactory, Notifiable;    /**     * The attributes that are mass assignable.     *     * @var array<int, string>     */    protected $fillable = [        'name',        'email',        'password',    ];    /**     * The attributes that should be hidden for serialization.     *     * @var array<int, string>     */    protected $hidden = [        'password',        'remember_token',    ];    /**     * The attributes that should be cast.     *     * @var array<string, string>     */    protected $casts = [        'email_verified_at' => 'datetime',    ];}

php artisan make:controller Api\\AuthController

Route::post('/auth/register', [AuthController::class, 'createUser']);Route::post('/auth/login', [AuthController::class, 'loginUser']);

<?phpnamespace App\Http\Controllers\Api;use App\Models\User;use Illuminate\Http\Request;use App\Http\Controllers\Controller;use Illuminate\Support\Facades\Auth;use Illuminate\Support\Facades\Hash;use Illuminate\Support\Facades\Validator;class AuthController extends Controller{    /**     * Create User     * @param Request $request     * @return User      */    public function createUser(Request $request)    {        try {            //Validated            $validateUser = Validator::make($request->all(),             [                'name' => 'required',                'email' => 'required|email|unique:users,email',                'password' => 'required'            ]);            if($validateUser->fails()){                return response()->json([                    'status' => false,                    'message' => 'validation error',                    'errors' => $validateUser->errors()                ], 401);            }            $user = User::create([                'name' => $request->name,                'email' => $request->email,                'password' => Hash::make($request->password)            ]);            return response()->json([                'status' => true,                'message' => 'User Created Successfully',                'token' => $user->createToken("API TOKEN")->plainTextToken            ], 200);        } catch (\Throwable $th) {            return response()->json([                'status' => false,                'message' => $th->getMessage()            ], 500);        }    }    /**     * Login The User     * @param Request $request     * @return User     */    public function loginUser(Request $request)    {        try {            $validateUser = Validator::make($request->all(),             [                'email' => 'required|email',                'password' => 'required'            ]);            if($validateUser->fails()){                return response()->json([                    'status' => false,                    'message' => 'validation error',                    'errors' => $validateUser->errors()                ], 401);            }            if(!Auth::attempt($request->only(['email', 'password']))){                return response()->json([                    'status' => false,                    'message' => 'Email & Password does not match with our record.',                ], 401);            }            $user = User::where('email', $request->email)->first();            return response()->json([                'status' => true,                'message' => 'User Logged In Successfully',                'token' => $user->createToken("API TOKEN")->plainTextToken            ], 200);        } catch (\Throwable $th) {            return response()->json([                'status' => false,                'message' => $th->getMessage()            ], 500);        }    }}

Route::apiResource('posts', PostController::class)->middleware('auth:sanctum');