Add API Keys to Your Laravel Models with Laravel Keyable

Add API Keys to Your Laravel Models with Laravel Keyable

Laravel Keyable is a package by Liran Cohen that enables you to add API keys to any model and associate incoming requests with their respective model. You can also use Policies to authorize requests.

This package works by adding a Keyable trait to a given model (i.e., Company model) that creates a polymorphic association between a model and an API key:

use Illuminate\Database\Eloquent\Model;
use Givebutter\LaravelKeyable\Keyable;

class Account extends Model
{
    use Keyable;

    // ...
}

Using a middleware that the package provides, a token will be validated via a configurable strategy comprised of a bearer token, a custom header (i.e., X-Authorization), or a query param.

After validation, you configure a policy and check for authorization in the controller like this, for example:

<?php

namespace App\Http\Controllers\PostController;

use App\Models\Post;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use Givebutter\LaravelKeyable\Auth\AuthorizesKeyableRequests;

class PostController extends Controller {
    use AuthorizesKeyableRequests;

    public function show(Post $post) {
        $this->authorizeKeyable('view', $post);
        // ...
    }
}

In the controller, you can further scope your queries based on the “keyable” model that is added to the request object:

$model = $request->keyable;

// Example of scoping the API resource
$model->foo()->get();

Last, you can use a provided artisan command to create an API key for a given model:

php artisan api-key:generate --id=1 --type="App\Models\Account"

You can learn more about this package, get full installation instructions, and view the source code on GitHub at givebutter/laravel-keyable.

Filed in: News
Laravel News Partners

Laravel Jobs

PHP Developer - Full time w/ benefits, US Only
Northern Virginia or Remote (US Only)
Guidance Residential
Full Stack Developer
Remote
Wehaa.com
Laravel API Developer
Las Vegas, NV (Must work on-site)
V Shred
Laravel Developer (Vue, SQL Server)
Remote
World Trade Organization
Web Application Developer (Vue.js & Laravel)
Remote
Apero Creative Development

Newsletter

Join 31,000+ others and never miss out on new tips, tutorials, and more.