OAuth gives access token to users using which the user let’s the server know that he is a valid and authenticated user. After this authentication, he is allowed to view data from the REST API. We are going to do the same in this tutorial. I have a REST url which has some data which a user with a valid access should be able to view. If the user doesn’t have an access token or the token has expired, then I will throw an appropriate error message.
Once we have set up the oauth server, the ideal scenario is a user will send his user name, password and other required information to the url with grant type as password to generate his access token based on the username and password he has provided.
The application will validate the username and password of the user based on the user table that comes with Laravel 5 and use the Auth library to do the same. Once the user is authenticated, he will be provided with an access token. Using this access token, the user can now make REST calls and get data from the API.
If the user doesn’t have an access token or the token has expired, he will be provided with an appropriate error message.