When I access my Laravel sanctum API with Postman, it works properly. This is the code of routesapi.php:
use AppHttpControllersPoiController;
use AppHttpControllersAuthController;
use IlluminateSupportFacadesRoute;
use IlluminateHttpRequest;
Route::middleware('auth:sanctum')->get('/user', function (Request $request) {
return $request->user();
});
Route::get('/', function(){
return response()->json([
'status'=>false,
'message' => 'Anda tidak berhak'
],401);
})->name('login');
Route::post('register-user', [AuthController::class, 'registerUser']);
Route::post('login-user', [AuthController::class, 'loginUser']);
Route::get('poi', [PoiController::class, 'index'])->middleware('auth:sanctum');
Route::post('store', [PoiController::class, 'store'])->middleware('auth:sanctum');
And this is the PoiController.php :
<?php
namespace AppHttpControllers;
use AppModelsPoi;
use IlluminateHttpRequest;
use IlluminateSupportFacadesAuth;
use IlluminateSupportFacadesValidator;
use LaravelSanctumPersonalAccessToken;
class PoiController extends Controller
{
public function index()
{
$data = Poi::orderBy('nama', 'asc')->get();
$yuser = Auth::user();
return response()->json([
'status' => true,
'message' => 'data ditemukan',
'nama' => $yuser->name,
'data' => $data
], 200);
}
public function store(Request $req)
{
$data = new Poi();
$rules = [
'nama' => 'required',
'jenis' => 'required'
];
$validasi = Validator::make($req->all(), $rules);
if($validasi->fails()){
return response()->json([
'status' => false,
'message' => 'isian tidak valid!',
'data' => $validasi->errors()
], 401);
}
$data->nama = $req->nama;
$data->jenis = $req->jenis;
$data->save();
return response()->json([
'status' => true,
'message' => 'Data berhasil diinput'
],200);
}
I want only registered users to have access to the data for security reasons. Using Laravel Sanctum, even a registered user could not access the data with Laravel Sanctum if they only provided their email address and password without a token.
As far as I’m aware, the token is created after user had successfully login and the user use the token to maka a new GET call.
My question is how to make GET API call just like I do in Postman, with a basic HTML form or even in other programming language?. I hope my question much clearer now. Thanks
5