share-lt/docs/decisions/006-api

## known limitations

at this stage, I just want a simple read api but have added some CRUD so as to have it in part and to test access is in place 

users need to be authenticated and have been given a token to read from entries

an admin user can create entries however images cannot be uploaded or associated with posts, this is not a requirement to get static site generation in play

## creating and using tokens

this is in tinker for now

```php
> $user = User::find(2);
= App\Models\User {#7224
    id: 2,
    name: "jon@test.com",
    email: "jon@test.com",
    email_verified_at: null,
    #password: "...",
    #remember_token: null,
    created_at: "2026-01-04 16:28:21",
    updated_at: "2026-01-04 16:28:21",
    #two_factor_secret: null,
    #two_factor_recovery_codes: null,
    two_factor_confirmed_at: null,
  }

> $token = $user->createToken('API Token')->plainTextToken;
= "generated token-string-shown-here"
```

then this token can be used to get posts

```bash
curl -X GET \
     -H "Authorization: Bearer <your-token-here>" \
     -H "Accept: application/json" \
     http://your-laravel-app.test/api/entries

```

to delete a user token, again back in tinker 

```php
// having already found a user as in the above ...
// ..
$user->tokens()->delete();
//
// or 
$user->tokens()->where('id', $tokenId)->delete();
```
feat: implement basic API with authorization and validation 2026-01-07 16:37:50 +00:00			`## known limitations`

			`at this stage, I just want a simple read api but have added some CRUD so as to have it in part and to test access is in place`

			`users need to be authenticated and have been given a token to read from entries`

			`an admin user can create entries however images cannot be uploaded or associated with posts, this is not a requirement to get static site generation in play`

			`## creating and using tokens`

			`this is in tinker for now`

			```php
			`> $user = User::find(2);`
			`= App\Models\User {#7224`
			`id: 2,`
			`name: "jon@test.com",`
			`email: "jon@test.com",`
			`email_verified_at: null,`
			`#password: "...",`
			`#remember_token: null,`
			`created_at: "2026-01-04 16:28:21",`
			`updated_at: "2026-01-04 16:28:21",`
			`#two_factor_secret: null,`
			`#two_factor_recovery_codes: null,`
			`two_factor_confirmed_at: null,`
			`}`

			`> $token = $user->createToken('API Token')->plainTextToken;`
			`= "generated token-string-shown-here"`
			```

			`then this token can be used to get posts`

			```bash
			`curl -X GET \`
			`-H "Authorization: Bearer <your-token-here>" \`
			`-H "Accept: application/json" \`
			`http://your-laravel-app.test/api/entries`

			```

			`to delete a user token, again back in tinker`

			```php
			`// having already found a user as in the above ...`
			`// ..`
			`$user->tokens()->delete();`
			`//`
			`// or`
			`$user->tokens()->where('id', $tokenId)->delete();`
			```