feat: implement basic API

with authorization and validation
2026-01-07 16:37:50 +00:00 · 2026-01-07 16:37:50 +00:00 · 6fbeedd50c
commit 6fbeedd50c
parent b033262bd7
21 changed files with 599 additions and 10 deletions
--- a/docs/decisions/006-api
+++ b/docs/decisions/006-api
@ -0,0 +1,53 @@
+## known limitations
+
+at this stage, I just want a simple read api but have added some CRUD so as to have it in part and to test access is in place 
+
+users need to be authenticated and have been given a token to read from entries
+
+an admin user can create entries however images cannot be uploaded or associated with posts, this is not a requirement to get static site generation in play
+
+## creating and using tokens
+
+this is in tinker for now
+
+```php
+> $user = User::find(2);
+= App\Models\User {#7224
+    id: 2,
+    name: "jon@test.com",
+    email: "jon@test.com",
+    email_verified_at: null,
+    #password: "...",
+    #remember_token: null,
+    created_at: "2026-01-04 16:28:21",
+    updated_at: "2026-01-04 16:28:21",
+    #two_factor_secret: null,
+    #two_factor_recovery_codes: null,
+    two_factor_confirmed_at: null,
+  }
+
+> $token = $user->createToken('API Token')->plainTextToken;
+= "generated token-string-shown-here"
+```
+
+then this token can be used to get posts
+
+```bash
+curl -X GET \
+     -H "Authorization: Bearer <your-token-here>" \
+     -H "Accept: application/json" \
+     http://your-laravel-app.test/api/entries
+
+```
+
+to delete a user token, again back in tinker 
+
+```php
+// having already found a user as in the above ...
+// ..
+$user->tokens()->delete();
+//
+// or 
+$user->tokens()->where('id', $tokenId)->delete();
+```
+