In NEXT-AUTH session storage , When there is two logins required, then how to store two store two login details in next-auth session storage and how to get both accounts access tokens?
i need solution for this problem
Related
There are 3 tables:
users
personal_access_tokens
tokenable_type
tokenable_id
personal_access_token_cards
personal_access_token_id
Users has many(morph) personal access tokens.
Each personal access token has one personal access token card.
How can I get all the personal access token cards for a collection of users?
You can do
User::with('personalAccessTokens.personalAccessTokenCards')->get();
I am trying to implement a feature similar to Slack where my application is a multi-tenant app, and a user can be logged into multiple accounts. Each account will be tied to a different domain. If logged into 2 different accounts, the user should be able to switch back and forth between the accounts. Also, the sessions should be managed independently. If one session expires, and the user needs to login, that expired session should not affect the other active sessions.
View Slack Image
The issue I am seeing is the different domain sessions override each other. This is a react frontend with Okta
Thanks for your time.
There are some gaps which require details, but here are few pointers that might help you.
Post authentication, you should be storing the authentication information like the session expiry, username in some form (local / session storage)
If I login to your application and choose a domain like (acme.com), the session information should be stored in a key like acme.com or hash(acme.com) so that how much ever domains, I login into, there will be unique keys to identify sessions and there will be no conflict of keys.
Once the domains are changed (like you switch workspaces in slack) there will be a new login session established (first time), which sets up the session information like described above.
For every workspace / domain change, the authentication libraries would be called and they would validate the stored session information, which gives the right data and expiry and user gets to use the application without issues.
Do share your implementation details or any issues had you implemented this solution.
I have an agent authentication and there are lots of users under each agent. We want to authenticate with "Oauth" and with an app the agent can login beside an user. we want to login both (user and agent) from the same apps at the same time with "Oauth". What is the suitable way to do this.
You can use one user table for storing user's info (username, password, ...) and you should authenticate based on this table, for many types of user you can use plymorhipc-relationship, for example, you need three tables users, agents, regular_users and users table know type of each user.
I have a Mobile application which uses oauth for authenticating users into the the app and getting/posting data to the API.
Currently I am using password grant types, which relies on a user entering their username & password. This is fine for carrying out tasks that the user needs to be authenticated for, however, the application itself needs to carry out duties that are not related to the application itself but only this application can be granted access.
What I therefore wondering - Is it possible to create a client which does not require a username/password in order to be given an access token so that the tasks (reading / writing) data can be done once authenticated? The access token can be granted for a long period of time and we are also implementing a way to refresh the token so the application can communicate with certain aspects of the API.
I am writing a program (written in java) for businesses that manages google drive data of domain users (download/read/...).
I need to authenticate once, using domain admin's credentials, get a token and refresh token, and fetch the data of all domain users.
I succeeded with doing it for the admin user itself, using google's Drive REST API
How can I manage all the domain users with one access token and refresh token?
In Google Apps, the admin does not have the ability to access the user's information directly.
The way to achieve this is through a service account and domain wide delegation.
With this approach, after the admin grants permissions to you app, the app will be able to impersonate users in the domain and perform actions on their behalf. e.g. you can access users Drive information.