Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/jsdecena/laravel-passport-mutiauth

Laravel Passport Multi-Authentication Middleware
https://github.com/jsdecena/laravel-passport-mutiauth

authentication jwt laravel laravel-passport middleware multi-auth oauth2

Last synced: about 2 hours ago
JSON representation

Laravel Passport Multi-Authentication Middleware

Awesome Lists containing this project

README 

        
# Laravel Passport Multi-Authentication middleware



[![Latest Stable Version](https://poser.pugx.org/jsdecena/laravel-passport-multiauth/v/stable)](https://packagist.org/packages/jsdecena/laravel-passport-multiauth)

[![Total Downloads](https://poser.pugx.org/jsdecena/laravel-passport-multiauth/downloads)](https://packagist.org/packages/jsdecena/laravel-passport-multiauth)

[![License](https://poser.pugx.org/jsdecena/laravel-passport-multiauth/license)](https://packagist.org/packages/jsdecena/laravel-passport-multiauth)



#### Laravel passport default behavior is to authenticate your `user` on the `users` table. 

#### While this is good enough for most of the apps, sometimes we need to tweak it a little bit if there is a new need arises.

#### I created this middleware because I need a few user groups that would access the app and in every user group there are roles.



# How to install



- In your terminal, run `composer require jsdecena/laravel-passport-multiauth` or add this in your `composer.json`



```

    "require": {

        ...

        "jsdecena/laravel-passport-multiauth": "^0.2",

        ...

    },

```



- Add this line in your `config/app.php`



```

	'providers' => [

	    ...

	    Jsdecena\LPM\LaravelPassportMultiAuthServiceProvider::class,

	    ...

	]

```



- Add this in your `app\Http\Kernel.php`



```

    /**

     * The application's route middleware.

     *

     * These middleware may be assigned to groups or used individually.

     *

     * @var array

     */

    protected $routeMiddleware = [

        ...

        'mmda' => \Jsdecena\LPM\Middleware\ProviderDetectorMiddleware::class,

    ];

```



- Also in your `routes/api.php`



```

    Route::post('oauth/token/', 'CustomerTokenAuthController@issueToken')

        ->middleware(['mmda', 'throttle'])

        ->name('issue.token');

```



> Trivia: Why mmda? This is because in the Philippines, they are the one that handles the traffic :sweat_smile: 



- And in the `config/auth.php`



```

    'guards' => [

        'web' => [

            'driver' => 'session',

            'provider' => 'users',

        ],



        'api' => [

            'driver' => 'passport',

            'provider' => 'users',

        ],



        'customers' => [

            'driver' => 'passport',

            'provider' => 'customers'

        ],

    ],

    

    'providers' => [

        'users' => [

            'driver' => 'eloquent',

            'model' => 'App\User',

        ],

        /**

         * This is the important part. You can create as many providers as you like but right now, 

         * we just need the customer

         */

         'customers' => [

             'driver' => 'eloquent',

             'model' => 'App\Customer',

         ],

    ],

```



> In your controller, you can access the user logged in via `auth()->guard('customer')->user()`



- Your `Customer` model should extend with `Authenticatable` and use the `Notifiable` and `HasApiTokens` traits



```

 Note that you need the `Customer` model or any model that you need to authenticate with.



- Migrate the customer table `php artisan vendor:publish --tag=migrations`



- And in your controller: `App\Http\Controllers\Auth\CustomerTokenAuthController.php`

 

```

json([

                 'error' => $token['error'],

                 'status_code' => 401

             ], 401);

         }

         

        $data = $request->getParsedBody();

        

        $email = $data['username'];  

           

        switch ($data['provider']) {

            case 'customers';

                

                try {

                

                 $user = Customer::where('email', $email)->firstOrFail();

                 

                } catch (ModelNotFoundException $e) {

                  return response()->json([

                      'error' => $e->getMessage(),

                      'status_code' => 401

                  ], 401);

                }

            

                break;

            

            default :

            

                try {

                

                 $user = User::where('email', $email)->firstOrFail();

                 

                } catch (ModelNotFoundException $e) {

                  return response()->json([

                      'error' => $e->getMessage(),

                      'status_code' => 401

                  ], 401);

                }        

        }

         

        return compact('token', 'user');

    }

}

```



 - The request to authenticate must have the `provider` key so the system will know which user is to authenticate with

 

 eg.

 

```

POST /api/oauth/token HTTP/1.1

Host: localhost

Content-Type: application/x-www-form-urlencoded

Cache-Control: no-cache



grant_type=password&username=test%40email.com&password=secret&provider=customers

```



> If the provider parameter is not passed, it will default looking into the `users` table as usual.