Set Up Basic Authentication

bos21001 / fin-track

A personal financial management web application that allows users to create multiple financial plans for organizing accounts, tracking monthly expenses and income, and visualizing financial data. Built in Laravel with a RESTful API for future integrations.

MIT License

0 stars 0 forks source link

Objective: Configure basic authentication for secure access to the application. This can be implemented using Laravel Breeze for a straightforward login system or Laravel Sanctum if API token-based authentication is needed.
Tasks:
1. Install Laravel Breeze or Sanctum:
  - Use Laravel Breeze for simple session-based authentication, or Laravel Sanctum for API token-based authentication if needed for future API integrations.
2. Configure Authentication Routes:
  - Set up default authentication routes, such as login, logout, password reset, and registration if required.
3. Test Authentication Flow:
  - Verify that authentication is functioning as expected, allowing users to log in and out securely.
Outcome: A basic authentication setup that enables users to log in and access the application securely, forming the foundation for user-specific financial data management.

The application now integrates Laravel Passport for authentication, providing secure API access with OAuth2. For further details on implementation, see the Apiato documentation.

API Endpoints:

Login (Password Grant with Proxy)

Use this endpoint to authenticate users and retrieve an access token.

curl --location 'http://api.fin-track.local/v1/clients/web/login' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data-raw '{
"email": "admin@admin.com",
"password": "admin"
}'

Token Refresh

This endpoint refreshes an expired access token using a valid refresh token.

curl --location 'http://api.fin-track.local/v1/clients/web/refresh' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
"refresh_token": "<your_refresh_token_here>"
}'

Logout

Securely log out the user by invalidating the current access token.

curl --location --request POST 'http://api.fin-track.local/v1/logout' \
--header 'Authorization: Bearer <your_access_token_here>' \
--header 'Accept: application/json'

These endpoints establish a secure login, token refresh, and logout process, ensuring robust authentication for our application. Let us know if further clarification is needed.

bos21001 / fin-track

Set Up Basic Authentication #7

API Endpoints: