Creating a RESTful API with Laravel: Simple and Powerful

Estimated read time 4 min read

Hello, Laravel enthusiasts! Today, we are going to demystify the process of creating a RESTful API with Laravel. With Laravel’s expressive syntax and feature-rich ecosystem, creating a RESTful API is a breeze. We will also explore the API’s requirements, unit testing methods, authentication processes, and routing configurations. By the end, you will find that crafting an API in Laravel is not only straightforward but a delightful experience.


Before we begin, ensure you have the following prerequisites:

  • PHP >= 7.3
  • Laravel >= 8.0
  • Composer
  • A relational database (MySQL, SQLite, PostgreSQL, SQL Server)

Crafting the API

Consider an API for managing blog posts. First, we need to generate a migration, model, and controller for the posts. Laravel’s Artisan command-line tool makes this effortless:

php artisan make:model Post -mc

In the created migration file, define the structure of the posts table:

Schema::create('posts', function (Blueprint $table) {

Run the migration using:

php artisan migrate

Now, let’s define the RESTful methods in our PostController.

// app/Http/Controllers/PostController.php

// ...

public function index()
    return Post::all();

public function store(Request $request)
    $post = Post::create($request->all());

    return response()->json($post, 201);

public function show(Post $post)
    return $post;

public function update(Request $request, Post $post)

    return response()->json($post, 200);

public function destroy(Post $post)

    return response()->json(null, 204);

Laravel’s route model binding simplifies actions that require a model ID.

Routing Configuration

Next, we’ll set up the API routes. Laravel provides a dedicated file for API routes: routes/api.php.

// routes/api.php

use App\Http\Controllers\PostController;

Route::apiResource('posts', PostController::class);

This apiResource method will automatically generate routes mapping to the controller actions.

Adding Authentication

To add a layer of security to our API, Laravel makes authentication simple. We’ll use Laravel’s built-in token authentication. Add an api_token column to your users table:

php artisan make:migration add_api_token_to_users_table --table=users

In the migration file:

$table->string('api_token', 80)->after('password')

Apply the migration with

php artisan migrate

You can generate tokens for your users as follows:

    'api_token' => hash('sha256', Str::random(60)),

To authenticate requests, add the auth:api middleware to your routes.

Route::apiResource('posts', PostController::class)->middleware('auth:api');

Users must include their API token in the Authorization header as a Bearer token to access these routes.

Unit Testing the API

Laravel provides robust testing facilities. To test our API, we can generate a test class:

php artisan make:test PostApiTest

In PostApiTest, we can write tests for all our endpoints. For example:

public function test_can_get_all_posts()
    $response = $this->get('/api/posts');


Run the tests using the command:

php artisan test

API Testing with Visual Studio Code

For API testing within Visual Studio Code, we can use the .http file format with the REST Client extension. Create a requests.http file:

### Get all posts
GET http://localhost:8000/api/posts HTTP/1.1
Authorization: Bearer {api_token}

This format is perfect for testing the API endpoints within the editor without the need for external tools like Postman.

Creating a RESTful API in Laravel is indeed straightforward. The framework handles most of the heavy lifting, letting you focus on building the features that matter. This simplicity, coupled with powerful features, is one of the many reasons Laravel has become a preferred choice among PHP developers. Happy coding!

You May Also Like

More From Author

+ There are no comments

Add yours