Keysmith React is a Laravel 12 React Starterkit package that provides React.js components for managing API keys and tokens in your application. It offers a clean, user-friendly interface for creating, viewing, and revoking API keys with customizable permissions based on Laravel Breeze.
- 🔑 Easy API token generation and management
- 🔒 Built on Laravel Sanctum's secure token authentication
- 🎨 Pre-built React components for quick integration
- 📱 Responsive and user-friendly interface
- ⚙️ Flexible installation options (page or settings templates)
- 🛠️ Customizable permissions system
Before installing Keysmith React, ensure your environment meets the following requirements:
- PHP 8.0+
- Laravel 12.x
- React 19.x
- Laravel Sanctum
Install the package via Composer:
composer require blaspsoft/keysmith-reactYou can install one (or both) of the available templates:
Adds a dedicated API tokens page at pages/api-tokens/index.tsx.
php artisan keysmith:install pageIntegrates API token management within the Laravel Vue Starterkit settings at pages/settings/api-tokens.tsx.
php artisan keysmith:install settingsAdd the following to your HandleInertiaRequests.php middleware's share method to enable API token flash messages:
'flash' => [
'api_token' => fn () => session()->get('api_token'),
],Full example:
public function share(Request $request): array
{
[$message, $author] = str(Inspiring::quotes()->random())->explode('-');
return [
...parent::share($request),
'name' => config('app.name'),
'quote' => ['message' => trim($message), 'author' => trim($author)],
'auth' => [
'user' => $request->user(),
],
'flash' => [
'api_token' => fn () => session()->get('api_token'),
],
];
}This ensures newly created API tokens are displayed to users.
Modify js/components/app-sidebar.tsx:
const mainNavItems: NavItem[] = [
{
title: "Dashboard",
href: "/dashboard",
icon: LayoutGrid,
},
{
title: "API Tokens",
href: "/api-tokens",
icon: KeyRound,
},
];Modify js/layouts/settings/layout.tsx:
const sidebarNavItems: NavItem[] = [
{
title: "Profile",
href: "/settings/profile",
},
{
title: "Password",
href: "/settings/password",
},
{
title: "Appearance",
href: "/settings/appearance",
},
{
title: "API Tokens",
href: "/settings/api-tokens",
},
];To customize settings, publish the config file:
php artisan vendor:publish --tag=keysmith-config --forceThis creates config/keysmith.php, where you can modify key permissions.
Keysmith React requires Laravel Sanctum for API token authentication.
-
Install Laravel Sanctum:
composer require laravel/sanctum
-
Publish and run Sanctum’s migrations:
php artisan vendor:publish --provider="Laravel\Sanctum\SanctumServiceProvider" --tag="sanctum-migrations" php artisan migrate
-
Add the
HasApiTokenstrait to yourUsermodel:use Laravel\Sanctum\HasApiTokens; class User extends Authenticatable { use HasApiTokens; // ... existing code ... }
Keysmith React provides two main components located in /components:
create-api-token-form.tsx→ Form for generating new API tokensmanage-api-tokens.tsx→ Component for viewing and managing existing tokens
These components are used in both Page and Settings templates.
Keysmith uses the routes defined below:
Route::get('/settings/api-tokens', [TokenController::class, 'index'])->name('settings.api-tokens.index');
Route::get('/api-tokens', [TokenController::class, 'index'])->name('api-tokens.index');
Route::post('/api-tokens', [TokenController::class, 'store'])->name('api-tokens.store');
Route::put('/api-tokens/{token}', [TokenController::class, 'update'])->name('api-tokens.update');
Route::delete('/api-tokens/{token}', [TokenController::class, 'destroy'])->name('api-tokens.destroy');Keysmith React includes tests in tests/Feature/ApiToken/:
Run the tests with:
php artisan testModify the available API token permissions in config/keysmith.php:
return [
'permissions' => [
'read',
'create',
'update',
'delete',
// Add your custom permissions here
],
];If you discover any security-related issues, please email mike.deeming@blaspsoft.com instead of using the issue tracker.
This package is licensed under MIT. See LICENSE.md for details.