Laravel Sanctum Authentication for React App using Breeze

Laravel Sanctum Authentication for React App using Breeze

Steps to integrated Laravel Sanctum authentication with React app using Breeze API scaffolding

·

3 min read

Laravel breeze is an Authentication scaffolding for web and APIs. Breeze is powered by Laravel Sanctum for Authentication system, by default it includes CSRF protections, session authentication and so we don't require to worry about XSS attacks.

In this article, we can see how to use Breeze API scaffolding for authenticating React Applications. Let's integrate

Laravel Backend Setup

Create a Laravel application and install Laravel breeze API scaffolding using the below commands

# Create a laravel application
composer create-project laravel/laravel react-backend

cd react-backend
# Install Breeze

composer require laravel/breeze
php artisan breeze:install api

After running the above commands, Update FRONTEND_URL in env to localhost:3000 and serve the application using Laravel Sail or php artisan serve command

To test the app, Hit localhost:8000 in the browser, You can get the app version in response as below.

{
  "Laravel": "8.77.1"
}

Now the Laravel backend app is ready to handle requests from React app. Next, let's set up the react app

React App Setup

We will use Create React App to set up a React app using the below command

npx create-react-app breeze-react

cd breeze-react

yarn start

Configure Axios

To handle APIs, we will use Axios. Add global Axios client as below

set withCredentials true to enable cross-site cookie access. REACT_APP_BACKEND_URL is localhost:8000 in .env file, which is the Laravel backend app created earlier.

CSRF request

Laravel breeze uses sanctum for authentication, So to authenticate the SPA. we need to make the first request to /sanctum/csrf-cookie endpoint. We need to make this request on all non authenticated routes. For instance login, Register, forgot password.

Create a custom hook in hooks/auth.js file and add the below code to handle csrf request

Integrate Login API

Add the below login function in the useAuth hook

When the login API is requested, first the CSRF API is requested and on success, login API is requested. Likewise, we can use register, forgot password, reset password APIs. Now we have integrated React App with Laravel breeze API scaffolding.

Laravel Breeze React

Laravel breeze react is the implementation of the Breeze authentication boilerplate for React, available in GitHub. It is preconfigured with all authentication APIs, routes and basic UI using TailwindCSS and CRA.

Features

  1. Prebuild Login, Register, Forgot password, Reset Password and Dashboard UI using Tailwind CSS
  2. Build with Create React App 5
  3. React Router 6 for routing
  4. SWR for revalidation user data
  5. ESLint

Quick Start Guide

Clone the laravel-breeze-react, install dependencies using yarn install, Then, copy the .env.example file to .env and add the URL of your backend as below

REACT_APP_BACKEND_URL=http://localhost:8000

Run yarn start, Now you will see the below screen in the browser

home-screen

laravel-breeze-react makes you to concentrate only on business logic, as it takes care of the authentication layer.

Resources

Conclusion

Laravel Breeze makes the SPA Authentication very simple, secure and Laravel Breeze React makes the integration between Laravel Breeze Backend app with React App quickly.

Thank you for reading.

Get more updates on Twitter.

Free eBook

ReactJS Optimization Techniques and Development Resources

Did you find this article valuable?

Support Nilanth's Blog by becoming a sponsor. Any amount is appreciated!