SPA Authentication using Laravel 10 Sanctum Vue 3 and Vite
In this post we will give you information about SPA Authentication using Laravel 10 Sanctum Vue 3 and Vite. Hear we will give you detail about SPA Authentication using Laravel 10 Sanctum, Vue 3 and Vite And how to use it also give you demo for it if it is necessary.
Laravel Sanctum provides a lightweight authentication system relying on Laravel’s built-in cookie-based session authentication services.
How Laravel Sanctum works
Before we start blindly mashing away without an understanding of what’s happening behind the scenes, let’s run over how Sanctum works.
Laravel Sanctum uses Laravel’s cookie-based session authentication to authenticate users from your client. Here’s the flow.
- You request a CSRF cookie from Sanctum on the client, which allows you to make CSRF-protected requests to normal endpoints like / login.
- You make a request to the normal Laravel / login endpoint.
- Laravel issues a cookie holding the user’s session.
- Any requests to your API now include this cookie, so your user is authenticated for the lifetime of that session.
SPA Authentication using Laravel 10 Sanctum Vue 3 and Vite Example:
- Create Laravel Project
- Configure Database Detail
- Install
laravel/ui
- Install Vue 3
- Install vitejs/plugin-vue plugin
- Update vite.config.js file
- Import Bootstrap Path in vite.config.js
- Install NPM Dependencies
- Update bootstrap.js
- Import Bootstrap 5 SCSS in JS Folder
- Vite Dev Server Start
- Install Laravel Sanctum
- Configure Laravel Sanctum
- Migrate Database
- Setup Frontend
Requirements
- PHP ^8.0
- Laravel ^9.0
- MySQL
- Bootstrap 5
- Vue 3
- Vite
In this blog, together we will create a complete register and login feature for a single-page application with Laravel 10 Sanctum, Bootstrap5, Vue 3 and Vite.
Step 1: Create Laravel Project
First, open Terminal and run the following command to create a fresh Laravel project:
composer create-project --prefer-dist laravel/laravel:^9.0 lara9sanctum-vue3-vite
or, if you have installed the Laravel Installer as a global composer dependency:
laravel new lara9sanctum-vue3-vite
Step 2: Configure Database Detail
open .env
and update database detail
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=<DATABASE NAME>
DB_USERNAME=<DATABASE USERNAME>
DB_PASSWORD=<DATABASE PASSWORD>
Step 3: Install laravel/ui
composer require laravel/ui
php artisan ui vue --auth
Step 4: Install Vue 3
Now after installing node modules we need to install vue 3 in our application, for that execute the following command in the terminal npm install [email protected] [email protected]. vue-loader is a loader for webpack that allows you to author Vue components in a format called Single-File Components. [email protected] is a loader that is for webpack to author Vue components in single-file components called SFCs.
npm install [email protected][email protected]
Step 5: Install vitejs/plugin-vue plugin
In laravel 10 latest release install vitejs/plugin-vue plugin for installing vue3 or vue in laravel. This plugin provides required dependencies to run the vuejs application on vite. Vite is a build command that bundles your code with Rollup and runs of localhost:3000 port to give hot refresh feature.
npm i @vitejs/plugin-vue
Step 6: Update vite.config.js file
Vite is a module bundler for modern JavaScript applications. Open vite.config.js and copy-paste the following code. First invoice defineConfig from vite at the top of the file and also import laravel-vite-plugin. Here plugins() take the path of the js and CSS file and create bundles for your application. you need to add vue() in the plugins array.
// vite.config.js
import { defineConfig } from 'vite';
import laravel from 'laravel-vite-plugin';
import vue from '@vitejs/plugin-vue'
export default defineConfig({
plugins: [
vue(),
laravel([
'resources/js/app.js',
]),
],
});
Step 7: Import Bootstrap Path in vite.config.js
First, you need to change vite.config.js and add the bootstrap 5 path & remove resources/css/app.css
import { defineConfig } from 'vite';
import laravel from 'laravel-vite-plugin';
import vue from '@vitejs/plugin-vue'
import path from 'path'
export default defineConfig({
plugins: [
vue(),
laravel([
'resource/scss/app.scss',
'resources/js/app.js',
]),
],
resolve: {
alias: {
'~bootstrap': path.resolve(__dirname, 'node_modules/bootstrap'),
'@': '/resources/js',
}
},
});
Step 8: Install NPM Dependencies
Run the following command to install frontend dependencies:
npm install
Step 9: Update bootstrap.js
We need to use import
instead of require
.
import loadash from 'lodash'
window._ = loadash
import * as Popper from '@popperjs/core'
window.Popper = Popper
import 'bootstrap'
/**
* We'll load the axios HTTP library which allows us to easily issue requests
* to our Laravel back-end. This library automatically handles sending the
* CSRF token as a header based on the value of the "XSRF" token cookie.
*/
import axios from 'axios'
window.axios = axios
window.axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest';
/**
* Echo exposes an expressive API for subscribing to channels and listening
* for events that are broadcast by Laravel. Echo and event broadcasting
* allows your team to easily build robust real-time web applications.
*/
/*import Echo from 'laravel-echo';
window.Pusher = require('pusher-js');
window.Echo = new Echo({
broadcaster: 'pusher',
key: process.env.MIX_PUSHER_APP_KEY,
cluster: process.env.MIX_PUSHER_APP_CLUSTER,
forceTLS: true
});*/
Step 10: Import Bootstrap 5 SCSS in JS Folder
Now you need to import bootstrap 5 SCSS path in resources/js/app.js
resources/js/app.js
import './bootstrap';
import '../sass/app.scss'
Step 11: Vite Dev Server Start
Now after installing the vue 3, we need to start the dev server for vite for that run the following command and it will watch your resources/js/app.js file and resources/css/app.css file. It also starts a vite server on http://localhost:3000. you can not open it in the browser as it is for vite hot reload and it runs in the background and watches the assets of your application like js and CSS.
npm run dev
Step 12: Install Laravel Sanctum
You can find documentation on the Official Laravel Website.
composer require laravel/sanctum
Step 13: Configure Laravel Sanctum
Open config/sanctum.php
and update the following code:
'stateful' => explode(',', env('SANCTUM_STATEFUL_DOMAINS', 'localhost,127.0.0.1')),
You will need to change this when deploying to production, so adding SANCTUM_STATEFUL_DOMAINS
to your .env
file with a comma-separated list of allowed domains is a great idea.
Open .env
file and add this line
SANCTUM_STATEFUL_DOMAINS=localhost:<PORT NUMBER>
Change the session driver
In .env
, update session driver file
to cookie
.
SESSION_DRIVER=cookie
Configure CORS
Open config/cors.php
and update the following code into the file:
'paths' => [
'api/*',
'/login',
'/logout',
'/sanctum/csrf-cookie'
],
Also set supports_credentials
option to true
:
'supports_credentials' => true,
Let’s create our Vue component that will hold our login form and display some secrets.
Step 14: Migrate Database
php artisan migrate
Step 15: Setup Frontend
When we generated our frontend code earlier using php artisan ui vue , an example component was generated under resources/js/components/ExampleComponent.vue
. Let’s create other components for Login, Register, and Dashboard Page.
What is Vue Router?
Vue Router helps link between the browser’s URL / History and Vue’s components allowing for certain paths to render whatever view is associated with it.
Features Of Vue Router
- Nested Routes
- Route params, query
- Dynamic Routes Matching
- Links with automatic active CSS classes
- and many more
Let’s install vue-router
npm install vue-router
Now, Create Components For Login and Register.
Create a File inside resources/js/components folder name with Login.vue .
resources/js/components/Login.vue
<template>
<div >
<div >
<div >
<div >
<div >
<h1 >Login</h1>
<hr/>
<form action="javascript:void(0)" method="post">
<div v-if="Object.keys(validationErrors).length > 0">
<div >
<ul >
<li v-for="(value, key) in validationErrors" :key="key">{{ value[0] }}</li>
</ul>
</div>
</div>
<div >
<label for="email" >Email</label>
<input type="text" v-model="auth.email" name="email" id="email" >
</div>
<div >
<label for="password" >Password</label>
<input type="password" v-model="auth.password" name="password" id="password" >
</div>
<div >
<button type="submit" :disabled="processing" @click="login" >
{{ processing ? "Please wait" : "Login" }}
</button>
</div>
<div >
<label>Don't have an account? <router-link :to="{name:'register'}">Register Now!</router-link></label>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
</template>
<script>
import { mapActions } from 'vuex'
export default {
name:"login",
data(){
return {
auth:{
email:"",
password:""
},
validationErrors:{},
processing:false
}
},
methods:{
...mapActions({
signIn:'auth/login'
}),
async login(){
this.processing = true
await axios.get('/sanctum/csrf-cookie')
await axios.post('/login',this.auth).then(({data})=>{
this.signIn()
}).catch(({response})=>{
if(response.status===422){
this.validationErrors = response.data.errors
}else{
this.validationErrors = {}
alert(response.data.message)
}
}).finally(()=>{
this.processing = false
})
},
}
}
</script>
Create a File inside resources/js/components folder name with Register.vue.
<template>
<div >
<div >
<div >
<div >
<div >
<h1 >Register</h1>
<hr/>
<form action="javascript:void(0)" @submit="register" method="post">
<div v-if="Object.keys(validationErrors).length > 0">
<div >
<ul >
<li v-for="(value, key) in validationErrors" :key="key">{{ value[0] }}</li>
</ul>
</div>
</div>
<div >
<label for="name" >Name</label>
<input type="text" name="name" v-model="user.name" id="name" placeholder="Enter name" >
</div>
<div >
<label for="email" >Email</label>
<input type="text" name="email" v-model="user.email" id="email" placeholder="Enter Email" >
</div>
<div >
<label for="password" >Password</label>
<input type="password" name="password" v-model="user.password" id="password" placeholder="Enter Password" >
</div>
<div >
<label for="password_confirmation" >Confirm Password</label>
<input type="password_confirmation" name="password_confirmation" v-model="user.password_confirmation" id="password_confirmation" placeholder="Enter Password" >
</div>
<div >
<button type="submit" :disabled="processing" >
{{ processing ? "Please wait" : "Register" }}
</button>
</div>
<div >
<label>Already have an account? <router-link :to="{name:'login'}">Login Now!</router-link></label>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
</template>
<script>
import { mapActions } from 'vuex'
export default {
name:'register',
data(){
return {
user:{
name:"",
email:"",
password:"",
password_confirmation:""
},
validationErrors:{},
processing:false
}
},
methods:{
...mapActions({
signIn:'auth/login'
}),
async register(){
this.processing = true
await axios.get('/sanctum/csrf-cookie')
await axios.post('/register',this.user).then(response=>{
this.validationErrors = {}
this.signIn()
}).catch(({response})=>{
if(response.status===422){
this.validationErrors = response.data.errors
}else{
this.validationErrors = {}
alert(response.data.message)
}
}).finally(()=>{
this.processing = false
})
}
}
}
</script>
Create Layout Component For All Authenticated Pages. So we don’t need to add header, footer, and any other component in all pages component so here we created a layout component named Dashboard.vue. Here in the component, We add header, footer, and router-view so every component will render in this router-view.
resources/js/components/layouts/Default.vue
<template>
<div>
<nav >
<div >
<a href="https://onlinecode.org/spa-authentication-laravel-10-sanctum-vue3-vite" target="_blank">onlinecode</a>
<button type="button" data-bs-toggle="collapse" data-bs-target="#navbarNavDropdown" aria-controls="navbarNavDropdown" aria-expanded="false" aria-label="Toggle navigation">
<span ></span>
</button>
<div id="navbarNavDropdown">
<ul >
<li >
<router-link :to="{name:'dashboard'}" >Home <span >(current)</span></router-link>
</li>
</ul>
<div >
<ul >
<li >
<a href="#" id="navbarDropdownMenuLink" role="button" data-bs-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
{{ user.name }}
</a>
<div aria-labelledby="navbarDropdownMenuLink">
<a href="javascript:void(0)" @click="logout">Logout</a>
</div>
</li>
</ul>
</div>
</div>
</div>
</nav>
<main >
<router-view></router-view>
</main>
</div>
</template>
<script>
import {mapActions} from 'vuex'
export default {
name:"default-layout",
data(){
return {
user:this.$store.state.auth.user
}
},
methods:{
...mapActions({
signOut:"auth/logout"
}),
async logout(){
await axios.post('/logout').then(({data})=>{
this.signOut()
this.$router.push({name:"login"})
})
}
}
}
</script>
resources/js/components/Dashboard.vue
<template>
<div >
<div >
<div >
<div >
<div >
<h3>Dashboard</h3>
</div>
<div >
<p >You are logged in as <b>{{user.email}}</b></p>
</div>
</div>
</div>
</div>
</div>
</template>
<script>
export default {
name:"dashboard",
data(){
return {
user:this.$store.state.auth.user
}
}
}
</script>
Now add this page component to the router.
Create a new file resources/js/router/index.js
import { createWebHistory, createRouter } from 'vue-router'
import store from '@/store'
/* Guest Component */
const Login = () => import('@/components/Login.vue')
const Register = () => import('@/components/Register.vue')
/* Guest Component */
/* Layouts */
const DahboardLayout = () => import('@/components/layouts/Default.vue')
/* Layouts */
/* Authenticated Component */
const Dashboard = () => import('@/components/Dashboard.vue')
/* Authenticated Component */
const routes = [
{
name: "login",
path: "/login",
component: Login,
meta: {
middleware: "guest",
title: 'Login'
}
},
{
name: "register",
path: "/register",
component: Register,
meta: {
middleware: "guest",
title: 'Register'
}
},
{
path: "/",
component: DahboardLayout,
meta: {
middleware: "auth"
},
children: [
{
name: "dashboard",
path: '/',
component: Dashboard,
meta: {
title: 'Dashboard'
}
}
]
}
]
const router = createRouter({
history: createWebHistory(),
routes, // short for 'routes: routes'
})
router.beforeEach((to, from, next) => {
document.title = to.meta.title
if (to.meta.middleware == "guest") {
if (store.state.auth.authenticated) {
next({ name: "dashboard" })
}
next()
} else {
if (store.state.auth.authenticated) {
next()
} else {
next({ name: "login" })
}
}
})
export default router
Add router into resources/js/app.js
import './bootstrap';
import '../sass/app.scss'
import Router from '@/router'
import { createApp } from 'vue/dist/vue.esm-bundler';
const app = createApp({})
app.use(Router)
app.mount('#app')
Before we make these requests, we’ll need to set a base URL for our API (notice these are not included in the requests we have right now) and also enable the withCredentials
option.
Open resources/js/bootstrap.js
and add the following code into that file:
window.axios.defaults.withCredentials = true
The withCredentials
an option is really important here. This Axios instructs to automatically send our authentication cookie along with every request.
What is Vuex?
Vuex is a state management pattern + library for Vue. js applications. It serves as a centralized store for all the components in an application, with rules ensuring that the state can only be mutated in a predictable fashion.
Well, since we want to hold an overall authenticated ‘state’ in our client, using a state management library like Vuex makes sense here. It’ll also allow us to easily check within any component if we’re authenticated or not (e.g. our navigation).
Let’s Install Vuex
npm install vuex --save
First, create a resources/js/store/auth.js
file with the following.
import axios from 'axios'
import router from '@/router'
export default {
namespaced: true,
state:{
authenticated:false,
user:{}
},
getters:{
authenticated(state){
return state.authenticated
},
user(state){
return state.user
}
},
mutations:{
SET_AUTHENTICATED (state, value) {
state.authenticated = value
},
SET_USER (state, value) {
state.user = value
}
},
actions:{
login({commit}){
return axios.get('/api/user').then(({data})=>{
commit('SET_USER',data)
commit('SET_AUTHENTICATED',true)
router.push({name:'dashboard'})
}).catch(({response:{data}})=>{
commit('SET_USER',{})
commit('SET_AUTHENTICATED',false)
})
},
logout({commit}){
commit('SET_USER',{})
commit('SET_AUTHENTICATED',false)
}
}
}
The state
the property holds whether we’re authenticated or not, and holds the user details we’ll be fetching once authenticated.
Our getters
return to us that state.
Our mutations
update our state
. For example, once we’re successfully authenticated, we’ll commit a mutation to set authenticated to true
and commit another mutation to set the user’s details.
Sometimes we need our VueJS Web App to persist some information in browser local storage. It could be local settings, account info, or some tokens. We definitely don’t want to lose them once the page is refreshed. That’s why we need to use vuex-persistedstate.
Install vuex-persistedstate
npm i vuex-persistedstate
Now add the auth module to Vuex in resources/js/store/index.js
.
import { createStore } from 'vuex'
import createPersistedState from 'vuex-persistedstate'
import auth from '@/store/auth'
const store = createStore({
plugins:[
createPersistedState()
],
modules:{
auth
}
})
export default store
Add Vuex into resources/js/app.js
import './bootstrap';
import '../sass/app.scss'
import Router from '@/router'
import store from '@/store'
import { createApp } from 'vue/dist/vue.esm-bundler';
const app = createApp({})
app.use(Router)
app.use(store)
app.mount('#app')
open resources/views/welcome.blade.php and replace this code:
<!DOCTYPE html>
<html lang="{{ str_replace('_', '-', app()->getLocale()) }}">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>SPA Authentication using Laravel 10 Sanctum Vue 3 and Vite - onlinecode</title>
<!-- Fonts -->
<link href="https://fonts.bunny.net/css2?family=Nunito:[email protected];600;700&display=swap" rel="stylesheet">
@vite(['resources/js/app.js'])
</head>
<body>
<div id="app">
<router-view></router-view>
</div>
</body>
</html>
Now define routes in web.php and api.php routes file. Go to routes folder and open web.php file and update the following routes:
routes / web.php
<?php
use IlluminateSupportFacadesRoute;
/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
| SPA Authentication using Laravel 10 Sanctum Vue 3 and Vite
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| contains the "web" middleware group. Now create something great!
| SPA Authentication using Laravel 10 Sanctum Vue 3 and Vite
*/
Route::get('{any}', function () {
return view('welcome');
})->where('any', '.*');
Auth::routes();
Route::get('/home', [AppHttpControllersHomeController::class, 'index'])->name('home');
Now, it’s time to run our project.
php artisan serve
Open localhost:<PORT NUMBER> in the browser.
It’d be a good idea to follow along with the simple demo app that can be found in this GitHub repo.
Thank you for reading SPA Authentication using Laravel 10 Sanctum Vue 3 and Vite blog. Hope this code and post will helped you for implement SPA Authentication using Laravel 10 Sanctum, Vue 3 and Vite. if you need any help or any feedback give it in comment section or you have good idea about this post you can give it comment section. Your comment will help us for help you more and improve us. we will give you this type of more interesting post in featured also so, For more interesting post and code Keep reading our blogs