git clone https://github.com/ashraf-kabir/passport_test
cd passport_test
composer require laravel/passport
php artisan migrate
php artisan passport:install
php artisan serve
users: name, email, password ... timestamps
admins: name, email, password ... timestamps
blogs: title, description, category_id, tag_id, user_id, status, ... timestamps
categories: name, status, ... timestamps
tags: name, status, ... timestamps
passport multi auth used with guard, scope middlewares.
Two separate api route group created for 2 user roles.
admin cannot view users api route, same goes for users.
admin can register, login& logout. admin can add categories, tags. admin can view all blogs, categories, tags & users list admin can delete categories & tags.
user can register, login & logout. user can add blogs. user can view all blogs list. user can delete only his added blogs. user can search blogs by blog title, category name, tag name. user can view his profile details.
on logout token revoked
-
user->register
method: POST
http://localhost:8000/api/user/registerparams:
name
email
password
password_confirmation
-
user->login
method: POST
http://localhost:8000/api/user/loginparams:
email
passwordcopy token and add on Bearer when necessary
-
user->logout
method: POST
http://localhost:8000/api/user/logouton headers pass Bearer token
-
user->blogs->list
method: GET
http://localhost:8000/api/user/blogspass Bearer token
-
user->blogs->add
method: POST
http://localhost:8000/api/user/blogs/addparams:
title
description
status
category_id
tag_id(title & description is string & text respectively. status, category_id, tag_id are all integer. status can be 1, 0 meant for active, inactive. All params are mandatory here)
note: on headers pass the Bearer token only. (auto capture user_id from auth after submit)
-
user->blogs->delete
method: GET
http://localhost:8000/api/user/blogs/delete/{id}on headers pass the Bearer token only
-
user->blogs->search
method: GET
http://localhost:8000/api/user/blogs/searchparams:
search_termnote: search by blog title, category name & tag name
on headers pass the Bearer token only
-
user->profile details view
method: GET
http://localhost:8000/api/user/profileon headers pass the Bearer token only
-
admin->register
method: POST
http://localhost:8000/api/admin/registerparams:
name
email
password
password_confirmation
-
admin->login
method: POST
http://localhost:8000/api/admin/loginparams:
email
passwordcopy token and add on Bearer when necessary
-
admin->logout
method: POST
http://localhost:8000/api/admin/logouton header pass Bearer token
-
admin->blogs->list
method: GET
http://localhost:8000/api/admin/blogson header pass Bearer token
-
admin->categories->list
method: GET
http://localhost:8000/api/admin/categorieson header pass Bearer token
-
admin->categories->add
method: POST
http://localhost:8000/api/admin/categories/addparams:
name
statusname->string, status->integer(1, 0)->(active, inactive)
note: both params are mandatory & on header pass Bearer token
-
admin->categories->delete
method: GET
http://localhost:8000/api/admin/categories/delete/{id}pass id url
on header pass Bearer token
-
admin->tags->list
method: GET
http://localhost:8000/api/admin/tagson header pass Bearer token
-
admin->tags->add
method: POST
http://localhost:8000/api/admin/tags/addparams:
name
statusname->string, status->integer(1, 0)->(active, inactive)
note: both params are mandatory & on header pass Bearer token
-
admin->tags->delete
method: GET
http://localhost:8000/api/admin/tags/delete/{id}pass id url
on header pass Bearer token
-
admin->dashboard (to view customers list)
method: GET
http://localhost:8000/api/admin/dashboardon header pass Bearer token
note: it will return the users list from users table