Kembali ke Blog1 April 2026

Membangun REST API dengan Laravel 11: Panduan Lengkap

Tutorial step-by-step membangun REST API yang aman dan scalable menggunakan Laravel 11 dengan autentikasi Sanctum dan best practices.

Membangun REST API dengan Laravel 11: Panduan Lengkap

Membangun REST API dengan Laravel 11: Panduan Lengkap

Laravel Development

Laravel 11 menyederhanakan banyak aspek pengembangan API. Mari kita bangun REST API lengkap dengan autentikasi dan best practices.

Setup Project

composer create-project laravel/laravel api-project
cd api-project
php artisan install:api

Langkah 1: Buat Model dan Migration

php artisan make:model Article -mfcr

Edit migration:

// database/migrations/xxxx_create_articles_table.php
public function up(): void
{
    Schema::create('articles', function (Blueprint $table) {
        $table->id();
        $table->foreignId('user_id')->constrained()->cascadeOnDelete();
        $table->string('title');
        $table->string('slug')->unique();
        $table->text('excerpt');
        $table->longText('content');
        $table->string('cover_image')->nullable();
        $table->boolean('is_published')->default(false);
        $table->timestamp('published_at')->nullable();
        $table->timestamps();
    });
}

Langkah 2: Setup Model dengan Fillable dan Relations

// app/Models/Article.php
class Article extends Model
{
    use HasFactory;

    protected $fillable = [
        'title', 'slug', 'excerpt', 'content',
        'cover_image', 'is_published', 'published_at',
    ];

    protected $casts = [
        'is_published' => 'boolean',
        'published_at' => 'datetime',
    ];

    public function user(): BelongsTo
    {
        return $this->belongsTo(User::class);
    }

    // Auto-generate slug dari title
    protected static function boot()
    {
        parent::boot();
        static::creating(function ($article) {
            $article->slug = Str::slug($article->title);
        });
    }
}

API Architecture

Langkah 3: Buat Form Request untuk Validasi

php artisan make:request StoreArticleRequest

// app/Http/Requests/StoreArticleRequest.php
class StoreArticleRequest extends FormRequest
{
    public function authorize(): bool
    {
        return true;
    }

    public function rules(): array
    {
        return [
            'title' => 'required|string|max:255',
            'excerpt' => 'required|string|max:500',
            'content' => 'required|string',
            'cover_image' => 'nullable|url|max:500',
            'is_published' => 'boolean',
        ];
    }
}

Langkah 4: Controller dengan Resource Pattern

// app/Http/Controllers/ArticleController.php
class ArticleController extends Controller
{
    public function index(Request $request)
    {
        $articles = Article::when($request->search, function ($q, $search) {
            $q->where('title', 'like', "%{$search}%");
        })
        ->where('is_published', true)
        ->latest()
        ->paginate(15);

        return ArticleResource::collection($articles);
    }

    public function store(StoreArticleRequest $request)
    {
        $article = $request->user()->articles()->create(
            $request->validated()
        );

        return new ArticleResource($article);
    }

    public function show(Article $article)
    {
        return new ArticleResource($article);
    }

    public function update(UpdateArticleRequest $request, Article $article)
    {
        $this->authorize('update', $article);
        $article->update($request->validated());

        return new ArticleResource($article);
    }

    public function destroy(Article $article)
    {
        $this->authorize('delete', $article);
        $article->delete();

        return response()->json(['message' => 'Article deleted']);
    }
}

Langkah 5: Autentikasi dengan Sanctum

// routes/api.php
Route::post('/register', [AuthController::class, 'register']);
Route::post('/login', [AuthController::class, 'login']);

Route::middleware('auth:sanctum')->group(function () {
    Route::apiResource('articles', ArticleController::class);
    Route::post('/logout', [AuthController::class, 'logout']);
});

Langkah 6: API Resource untuk Response Format

// app/Http/Resources/ArticleResource.php
class ArticleResource extends JsonResource
{
    public function toArray(Request $request): array
    {
        return [
            'id' => $this->id,
            'title' => $this->title,
            'slug' => $this->slug,
            'excerpt' => $this->excerpt,
            'content' => $this->content,
            'cover_image' => $this->cover_image,
            'is_published' => $this->is_published,
            'author' => $this->user->name,
            'published_at' => $this->published_at?->toISOString(),
            'created_at' => $this->created_at->toISOString(),
        ];
    }
}

Best Practices Keamanan

  1. Selalu gunakan Form Request untuk validasi input
  2. Gunakan Policy untuk authorization
  3. Rate limiting sudah built-in di Laravel 11
  4. Hindari mass assignment — selalu definisikan $fillable
  5. Gunakan API Resources agar tidak expose data sensitif
  6. Encrypt sensitive data yang disimpan di database

Kesimpulan

Laravel 11 memberikan fondasi yang kuat untuk membangun REST API. Dengan Sanctum, Form Requests, dan API Resources, API Anda akan aman dan terstruktur dengan baik.

Tertarik dengan artikel lainnya?

Lihat Semua Artikel