I'm currently looking to build SaaS application with Laravel APIs and Postgres as database
Every customer will have its own schema and I migrate the tables and data in its own schema.
Endpoint : https://google.<domain-name>.com/login
Wrote a middleware which will activate the schema depending on the sub-domain and this seems to working fine in PassportController.php
Currently, I'm having trouble login in a user as createToken is trying to insert a record in
public.oauth_access_tokens
but it should in fact create a record in
google.oauth_access_tokens (google is my schema)
Here is the code which is failing and I could able to get user object when I try to print auth()->user()
$accessToken = auth()->user()->createToken('authToken')->accessToken;
How can I use createToken in specific schema?
Update
I just figured out that it works if I change
protected $table = 'oauth_access_tokens';
to
protected $table = 'google.oauth_access_tokens';
in vendor/laravel/passport/Token.php (model) [I know, we should not be changing anything in vendor files].
Related
I'm migrating from codeignter 3 to codeigniter 4 and I'm having a hard time changing the database settings.
For example: I want the controller "Admin" to access with a configuration / database user and the controller "Site" to access with another.
I use this as a security issue, I want the "Site" controller to have access only with the query user ...
In codeigniter 3 I simply added the code at the beginning of the control to change the database as in the example below
$ this-> db = $ this-> load-> database ('admin', TRUE);
In codeigniter 4 how can I do this?
I don't want to change the database, I want to change the database user. And choose which user to use on the controller, not the model. For, when I use the admin controller I would like to use the user with access to "insert, delet, selec". When using the website controller, I would like to use the user who only has access to "select".
Thank you
If I may get you right this is what you are looking for
$db = \Config\Database::connect('admin', true);
you can have a better reference from the document Click Here to Read More
I follow up this tutorial using Laravel 5.4 Creating your first Laravel app and adding authentication
But I can't retrieve Auth0 users, the registration works fine in my dashboard new users are created in Auth0 server, but not in my local database and also I can't dd(Auth0::getUser());
I get this error:
Class 'Auth0\Login\LoginServiceProvider' not found
I've added this
Auth0\Login\LoginServiceProvider::class
in my provider array and
'Auth0' => Auth0\Login\Facade\Auth0::class
in my aliases.
I did all steps on configuration from Auth0 docs: Auth0 PHP (Laravel) SDK
I'm out off option now!
Ok, figure it out now.
The error was coming from 'AppServiceProvider.php'
Just import those two classes in AppServiceProvider.php as:
use Auth0\Login\Contract\Auth0UserRepository as Auth0UserRepositoryContract;
use Auth0\Login\Repository\Auth0UserRepository as Auth0UserRepository;
And then your Register method should look like this:
public function register()
{
$this->app->bind( Auth0UserRepositoryContract::class, Auth0UserRepository::class );
$this->app->bind( Auth0UserRepositoryContract::class, Auth0UserRepository::class );
}
if you want to persist data in your database then Create your own Repository and update the bind method YourCustomerRepositoryContract::class, YourCustomerRepository::class
Just like that.
For more info about creating your own Repository
Auth0 PHP (Laravel) SDK Quickstarts: Login
I am using Laravel 5.3 with Laravel Datatables and Entrust
On my index action I display a list of records in a datatable. Now I need to integrate entrust in to it. If the user is an admin they can see all leads. However, if the user is a normal user the can only see the records that belong to them.
I'm not sure how to approach this, do I put this query in an if statement checking for roles or is there a better way?
public function query()
{
$leads = Lead::query()
->select([
'leads.id as id',
'leads.parent_id as parent_id',
'statuses.name as status',
'leads.title as title',
'leads.first_name as first_name',
'leads.last_name as last_name',
'leads.opt_in as opt_in',
'leads.created_at as created_at',
'leads.user_id as user_id',
])
->leftJoin('statuses', 'leads.status_id', '=', 'statuses.id');
return $this->applyScopes($leads);
}
Too long I don't use Entrust, because Laravel has Policies. But at your problem, I saw that Entrust has method
Auth::user()->can('permission-name');
You must create permission and save into DB which create by run command
php artisan entrust:migration
After create permission, apply it to user, it may have Admin permission and Normal User permission
Please read more at: https://github.com/Zizaco/entrust
Hope I can help. If can use Entrust, let's research about Policies of Laravel, it's very good. Learn about Policies at https://mattstauffer.co/blog/acl-access-control-list-authorization-in-laravel-5-1#policies
I want to ask how to make two types of users in laravel. I have two tables, one for the customer and one for the client and my question is how to make that difference. Do I have to make two different models or to use model User and make some functions in middleware?
Thank you.
If you're looking for the simpliest solution, you can add role column to users table. Then you can check if user is a client or a customer globally with:
if (auth()->user()->role === 1) {
// It's a client.
}
You can add some helper methods to check if user is a client or a customer:
public function isClient()
{
return auth()->user() && auth()->user()->role === 1;
}
To open the part of the website for client only you should use route groups and middleware.
I've run into the same situation and I've resolved it by using a package that handles multi-authentication:
Check out this package:
https://packagist.org/packages/hesto/multi-auth
There are also a blog post about this situation:
http://santo.sh/multi-login-for-laravel-5-3/
and of course more StackOverflow questions:
Using multiple Auth in Laravel 5.3?
Multiple Authentication in Laravel 5.3
I made a PHP script in Laravel and now I want to show demo to my buyers. Since I don't want them to make any changes to the database, I was wondering if there is a way to globally disable any saving to the database?
If you have a BaseModel that extends Laravel's default Eloquent model class. And all of your applications models extend that BaseModel you can add the following to it:
public static function boot()
{
parent::boot();
static::saving(function($model)
{
return false;
});
}
This will intercept any creating or updating events from Eloquent.
This may be the technical answer for your question, but ideally just backup your db and restore it after showing to your buyers.
The easiest thing will be to create a mysql user that hasn't permissions to insert. Use the following mysql statement to create the user and use this user as the user in your database setting. I don't think there's a global method for this in laravel.
GRANT SELECT ON [database name].[table name] TO ‘[username]’#'%’;
This way, your user can view everything, but isn't able to save a bit.