Basic Laravel 5.7 CRUD API using Fractal and Transformers

In this basic tutorial, we will create an API to create read update and delete (CRUD) a post using Laravel Transformers.

Create Posts Table and User Controller

Create Posts Table

Create posts table through migration :

Open the newly migration file and add some attributes :

Run the migration :

Create UserController

Create a Controller for User model :

Create Users Method in UserController

Next step is to create users() method inside userController.

Don’t forget to add the User model :

Create API GET users Route

Create API Get Route

We now create an api route to get all users. Open routes/api.php and add the following line :

Try the GET method from Postman

Open Postman and type the route on the url :

GET users API Laravel

We get empty array as a response as we don’t have any users as of now.

Installing Fractal

Next we will install a library to transform data before using it in an API. The name of the library is fractal.

Create UserTransformer

Create UserTransformer :

Inside UserTransformer.php create a new transform method as a response for the api calling.

Next we’ll use fractal inside the UserController :

Try inside Postman :

Laravel Fractal Get Api

Create User Registration POST /user Route

Add api_token attribute inside users table

api_token column will be added to our users table. Create the migration :

And run the migration :

Next, modify user Model to add the api_token to fillable properties:

Create AuthController

AuthController is needed for us to register a user. Create one through artisan command:

Then create the register user method with the validation and fractal response :

Create API Route

Create the route inside routes/api.php

Open the POST Route inside Postman

Try to register a user :

Laravel 5.7 POST user API

Laravel 5.7 POST route API

Create User Login POST /user Route

We have made the register route. Subsequently, we will create the login route using the same POST method.

Add Login Method to AuthController

Add Login Route to routes\api.php

Add Meta API_token

Before we run the route to postman, let’s add a meta for the api_token inside authController :

Run the route login in Postman

Laravel 5.7 Login Route API

Adding Middleware Token

Now we will create a middleware in order to prevent someone who doesn’t have an account in our application able to access the user information.

Add user/profile route inside routes/api with middleware

Create profile method inside UserController

Try in Postman

Laravel 5.7 User Profile Route API

As we can see, if we don’t provide the api_token, the json response will be unauthenticated and we will not be able to see the users’ profile.

To see our profile, run the login method, copy the api_token meta and put it as body inside postman :

Laravel 5.7 API token authentication

You also can put it inside the Authorization header :

Laravel 5.7 api_token Authorization Bearer

Create Articles Table

Next up, we will create an article table. Each user is able to create more than one article.

Create Article Model and Migration

Then run the migration : php artisan migrate

Article.php 

Create ArticleController.php

Create ArticleTransformer.php

Create Add Article Method

Inside Article Controller, add a method to add an article :

Add the api route

Try in Postman

Laravel 5.7 Post Article APi

Laravel 5.7 Post Article APi 2

Users and Articles Relation

As I previously mentioned, each user is able to create more than one article. Therefore, we need to create the relation inside User and Article model :

User.php

Article.php

Adding articles related to user

Modify UserTransformer to add the includeArticle property :

Then add the includeArticles inside UserController :

Try in Postman

Laravel 5.7 Include Articles

Order By Latest Article

Next up, we will order the articles by the latest published.

Modify Article.php model to add the latestFirst method :

Modify the UserTransformer :

Try in Postman

Laravel 5.7 API Include Article Order By ID Desc

Get User Profile By ID

Get the user profile by ID, let’s create the method inside UserController :

Create the route :

Try in Postman

Laravel 5.7 Get Profile by ID

Updating an Article

Next up we will create the route to update an Article using PUT. Create the route inside routes/api

Create an update method inside ArticleController

Try in POSTMAN

Update Article Route PUT Laravel 5.7

Article Update Policy

The previous method we create still have flaws. One of them is any person who has a user account inside our application still able to update another user’s artile. To prevent this, we need to create a policy. Only the author is able to change their own article.

Create Policy

Modify User.php model to add ownsArticle method :

Modify ArticleController to add the authorization

Add the policy to app/Providers/AuthServiceProvider.php

DELETE an Article Route

To delete an article is pretty straightforward. First, you need to create the DELETE route :

Then add the delete method inside ArticleController

Add the delete policy, similar to the update policy we’ve created a moment ago.

ArticlePolicy.php

Try in POSTMAN

Laravel 5.7 DELETE article route

That’s all folks.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.