First, let's answer the basic question - What is User Authentication?
User authentication is a process that allows an application to ver...
For further actions, you may consider blocking this person and/or reporting abuse
I am trying to implement laravel passport on laravel 6. But I am getting an error.
Login and registration are ok. But I am getting an error when trying to fetch(authentic) pages.
The error is here pastebin.com/1M4iC3u5
My api.php
I don't know how you have set up the flow but here is something that should probably work.
Inside the BrandController add this to the constructor.
Next, the index function inside the controller should look like this:
Then use the Route directly as:
Thanks a lot
Laravel Passport is definitely the best option for api token authentication in Laravel based apps. It automatically generates api token in Laravel apps. This make it easy to configure and efficient to use in your apps.
That's why I wrote the tutorial. 😉
Hi,
Suppose I want to validate this condition while login a user using API
$aCredential = ['username' => $userName, 'password' => $password, 'user_type' => 1, 'status' => 1];
in this case do we need to separately validate each data rather than
if(Auth::attemp(aCredential))
In laravel 5.5, if you use passport attempt() will trigger error - function does not exits. So what will be the solution?
Awesome article! I found it super helpful.
I did have a question for you though. In your logout function, you go through the following steps:
1) Get token from the header
2) Parse token to get the id
3) Retrieve token from user tokens using said id
4) Take this retrieved token, and revoke it.
I wrote my logout function differently as follows
$request->user()->token()->revoke();
1) Grab the user from the request
2) Grab the current toke from user
3) Revoke the token taken from the user
I chose not to use the id at all. My question is should I be using the id? Is there ever a time where the token I'm logging out is not going to be the token assigned to the current user?
Your authentication controller looks more readable/clearer than others I find in other articles. But maybe because I don't have prior knowledge of OAuth. Therefore I should first read the fundamental concepts explained in oauth2.thephpleague.com/ and even in tools.ietf.org/html/rfc6749, before I can proceed to code using Laravel Passport. Now, I know why Laravel documentation suggest that I should get familiar with OAuth before continuing. :)
Without good knowledge in OAuth, I feel I will only be able to copy paste code from others.
I can see you use Password Grant in this example from your AuthenticationController. But when I compare with what I read in Laravel documentation : laravel.com/docs/7.x/passport#requ..., I wonder how you get to use your code for issuing access token with Password Grant flow.
I know the User model uses HasApiTokens trait that has createToken method. But there is no clue, either in that HasApiTokens trait or in your code which specifies sufficient parameters usually required for Password Grant, i.e client_id and client_secret.
Maybe I missed something, but where in your code those parameters for Password grant are supplied for requesting access token ?
As as comparison, this is code snippet I find in other article :
We see it also includes /oauth/token route for requesting access token as always mentioned in Laravel documentation.
Thank you, This helped me so much!
Happy about that.
hey thks for your great tutorial!
how do you then link this to your front end in vue.js for example?
i'm quite new to APIs
cheers
No linking required. Call the appropriate API calls.
if someone has issue to velidate password, try this:
try replacing the if statment with password by
'if(Hash::check($request->password, $user->password)) {//...}'
How would you approach if you have the get the user details from a lumen endpoint?
Nice and clean guide I like it...
Hi,
How We can use the same API for login, Register through the web page?
I want to use the same API for web and REST both.