I want to create Laravel code with login by multi-table. I don't have any problem with login, but when I access http://127.0.0.1:8000/api/products it shows Unathenticated :
How can I access route by whos currently logging in? here is my code :
*Thanks in advance
AccountController.php (Login Method)
public function login(Request $request)
{
if(strtolower($request->grantType) === "user") {
if(Auth::guard('user')->attempt(['email' => $request->email, 'password' => $request->password])){
$user = Auth::guard('user')->user();
$success['token'] = $user->createToken('MyApp')->accessToken;
$success['name'] = $user->name;
$success['guard'] = $user;
return $this->sendResponse($success, 'User login successfully.');
}
else{
return $this->sendError('Unauthorized', ['error'=>'Invalid credentials'], 401);
}
} else if (strtolower($request->grantType) === "student") {
if(Auth::guard('student')->attempt(['email' => $request->email, 'password' => $request->password])){
$user = Auth::guard('student')->user();
$success['token'] = $user->createToken('MyApp')->accessToken;
$success['name'] = $user->name;
$success['guard'] = $user;
return $this->sendResponse($success, 'User login successfully.');
}
else{
return $this->sendError('Unauthorized', ['error'=>'Invalid credentials'], 401);
}
} else if (strtolower($request->grantType) === "teacher") {
if(Auth::guard('teacher')->attempt(['email' => $request->email, 'password' => $request->password])){
$user = Auth::guard('user')->user();
$success['token'] = $user->createToken('MyApp')->accessToken;
$success['name'] = $user->name;
$success['guard'] = $user;
return $this->sendResponse($success, 'Teacher login successfully.');
}
else{
return $this->sendError('Unauthorized', ['error'=>'Invalid credentials'], 401);
}
} else {
return $this->sendError('Bad Request', ['error'=>'No enum constant '.$request->grantType], 400);
}
}
Route/api.php
Route::post('register', [AccountController::class, 'register']);
Route::post('login', [AccountController::class, 'login']);
Route::middleware('auth:student')->group( function () {
Route::resource('products', ProductController::class);
});
config/auth.php
'defaults' => [
'guard' => 'user',
'passwords' => 'user',
],
'guards' => [
'user' => [
'driver' => 'session',
'provider' => 'user',
],
'teacher' => [
'driver' => 'session',
'provider' => 'teacher',
],
'student' => [
'driver' => 'session',
'provider' => 'student',
],
],
Related
Why does this error appears when the guard exists in auth.php
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'manager' => [
'driver' => 'jwt',
'provider' => 'managers',
],
'admin' => [
'driver' => 'jwt',
'provider' => 'admins',
],
],
And the providers also sets with right format. In the controller the register function is down below:
public function register(Request $request)
{
$validator = Validator::make($request->all(), [
'username' => 'required|string|max:255',
'password' => 'required|string|min:6',
]);
if ($validator->fails()) {
return response()->json($validator->errors(), 422);
}
$user = new Manager();
$user->username = $request->username;
$user->password = bcrypt($request->password);
$user->save();
$token = JWTAuth::guard('manager')->attempt($request->only('username', 'password'));
return response()->json(compact('user', 'token'));
}
The JWTMiddleware
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class JWTAuth
{
public function handle($request, Closure $next, $guard)
{
try {
$user = JWTAuth::parseToken()->authenticate($guard);
if (!$user) {
throw new \Exception('User not found');
}
} catch (\Exception $e) {
return response()->json(['error' => 'Unauthorized'], 401);
}
return $next($request);
}
}
In kernel.php I have included these inside aliases array:
'jwt.manager' => \App\Http\Middleware\JWTManagerMiddleware::class,
'jwt.admin' => \App\Http\Middleware\JWTAdminMiddleware::class,
'jwt.auth' => \App\Http\Middleware\JWTAuth::class,
What am I doing wrong and how can I solve this?
I am using backpack laravel. Though I am also using Backpack's own authentication, yet I need to maintain a different customer table for App usage. For the customer table, I am using JWTAuth for token generation, but token generation gets failed each time.
public function register(Request $request)
{
$checkEmail = Customer::where('email', $request->email)->first();
if ($checkEmail) {
$response = [
'email_already_used' => true,
];
return response()->json($response);
}
$payload = [
'password' => \Hash::make($request->password),
'email' => $request->email,
'first_name' => $request->first_name,
'last_name' => $request->last_name,
'auth_token' => '',
];
try {
$user = new \App\Models\Customer($payload);
if ($user->save()) {
$token = self::getToken($request->email, $request->password); // generate user token
if (!is_string($token)) {
return response()->json(['success' => false, 'data' => 'Token generation failed'], 201);
}
$user = \App\Models\Customer::where('email', $request->email)->get()->first();
$user->auth_token = $token; // update user token
$user->save();
$response = [
'success' => true,
'data' => [
'id' => $user->id,
'auth_token' => $token,
'first_name' => $user->first_name,
'last_name' => $user->last_name,
'email' => $user->email,
],
];
} else {
$response = ['success' => false, 'data' => 'Couldnt register user'];
}
} catch (\Throwable $e) {
echo ($e);
$response = ['success' => false, 'data' => 'Couldnt register user.'];
return response()->json($response, 201);
}
return response()->json($response, 201);
}
I believe there might be some issue with guards.
Do I need to specify something in app/config.php for this?
when I wanna login with google account, I receive this error,
ClientException Client error: GET https://www.googleapis.com/plus/v1/people/me?prettyPrint=false
resulted in a 403 Forbidden response:
<meta name=viewport content="initial-scale=1,
minimum-scale=1, w (truncated...) in RequestException.php line 113
public function redirectToProvider()
{
return Socialite::driver('google')->redirect();
}
public function handleProviderCallback()
{
$social_user = Socialite::driver('google')->user();
$user = User::whereEmail($social_user->getEmail())->first();
if( ! $user ) {
$user = User::create([
'name' => $social_user->getName(),
'email' => $social_user->getEmail(),
'password' => bcrypt($social_user->getId())
]);
}
if($user->active == 0) {
$user->update([
'active' => 1
]);
}
auth()->loginUsingId($user->id);
return redirect('/');
}
From what i can see, you need to pass a token.
https://laravel.com/docs/master/socialite#retrieving-user-details
This is solution for this problem. I found it from this website.
https://github.com/laravel/socialite/pull/283/files
I Update GoogleProvider.php in my project. Comment sentences have to update.
GoogleProvider.php:
protected function getUserByToken($token)
{
// $response = $this->getHttpClient()->get('https://www.googleapis.com/plus/v1/people/me?', [
$response = $this->getHttpClient()->get('https://www.googleapis.com/userinfo/v2/me?', [
'query' => [
'prettyPrint' => 'false',
],
'headers' => [
'Accept' => 'application/json',
'Authorization' => 'Bearer '.$token,
],
]);
return json_decode($response->getBody(), true);
}
/**
* {#inheritdoc}
*/
protected function mapUserToObject(array $user)
{
return (new User)->setRaw($user)->map([
// 'id' => $user['id'], 'nickname' => array_get($user, 'nickname'), 'name' => $user['display Name'],
// 'email' => $user['emails'][0]['value'], 'avatar' => array_get($user, 'image')['url'],
'id' => $user['id'], 'nickname' => array_get($user, 'nickname'), 'name' => $user['name'],
'email' => $user['email'], 'avatar' => array_get($user, 'picture'),
]);
}
When I am trying to register a user from mobile, that data is inserting in the users table but not in oauth_clients. It should upload at the same time.
When I try to login, it shows oauth/token 401 error
Here are my routes:
Route::post('/register' , 'ProviderAuth\TokenController#register');
Route::post('/oauth/token' , 'ProviderAuth\TokenController#authenticate');
This is my register function, which is in TokenConrtoller:
public function register(Request $request)
{
$this->validate($request, [
'device_id' => 'required',
'device_type' => 'required|in:android,ios',
'device_token' => 'required',
'first_name' => 'required|max:255',
'last_name' => 'required|max:255',
'email' => 'required|email|max:255|unique:providers',
'mobile' => 'required',
'password' => 'required|min:6|confirmed',
]);
try{
$Provider = $request->all();
$Provider['password'] = bcrypt($request->password);
$Provider['status'] = 'approved';
$Provider = Provider::create($Provider);
ProviderDevice::create([
'provider_id' => $Provider->id,
'udid' => $request->device_id,
'token' => $request->device_token,
'type' => $request->device_type,
]);
return $Provider;
} catch (QueryException $e) {
if ($request->ajax() || $request->wantsJson()) {
return response()->json(['error' => 'Something went wrong, Please try again later!'], 500);
}
return abort(500);
}
}
This is my authenticate method:
public function authenticate(Request $request)
{
$this->validate($request, [
'device_id' => 'required',
'device_type' => 'required|in:android,ios',
'device_token' => 'required',
'email' => 'required|email',
'password' => 'required|min:6',
]);
Config::set('auth.providers.users.model', 'App\Provider');
$credentials = $request->only('email', 'password');
try {
if (! $token = JWTAuth::attempt($credentials)) {
return response()->json(['error' => 'The email address or password you entered is incorrect.'], 401);
}
} catch (JWTException $e) {
return response()->json(['error' => 'Something went wrong, Please try again later!'], 500);
}
$User = Provider::with('service', 'device')->find(Auth::user()->id);
$User->access_token = $token;
$User->currency = Setting::get('currency', '$');
if($User->device) {
if($User->device->token != $request->token) {
$User->device->update([
'udid' => $request->device_id,
'token' => $request->device_token,
'type' => $request->device_type,
]);
}
} else {
ProviderDevice::create([
'provider_id' => $User->id,
'udid' => $request->device_id,
'token' => $request->device_token,
'type' => $request->device_type,
]);
}
return response()->json($User);
}
I think you should register in JWT auth Like
$token = JWTAuth::fromUser($user);
after Register User
Check this Link for more information
https://blog.pusher.com/laravel-jwt/
I'm using laravel with JWT Auth to connect my laravel project to mobile, this is my api controller at laravel
public function login(Request $request) {
$credentials = $request->only('email', 'password');
try {
// attempt to verify the credentials and create a token for the user
if (! $token = JWTAuth::attempt($credentials)) {
return response()->json(['error' => 'invalid_credentials'], 401);
}
} catch (JWTException $e) {
// something went wrong whilst attempting to encode the token
return response()->json(['error' => 'could_not_create_token'], 500);
}
// all good so return the token
$user = Sentry::authenticate($credentials, false);
return response()->json([
'code' => '200',
'message' => 'success',
'last_updated' => $user->updated_at->format("Y-m-d\TH:i:s\Z"),
'data' => [
'id' => $user->id,
'first_name' => $user->first_name,
'last_name' => $user->last_name,
'email' => $user->email,
'username' => $user->username,
'token' => $token
]
]);
}
but how to set the credentials using email or username with this JWT?
If you are using "tymon/jwt-auth" package, then you can just pass the user object to the JWTAuth class and bam!, you can get the JWT token in return which you can use to make user go through the app.
$user = User::where('email', $email)
->orWhere('username', $username)
->first();
$token = null;
if (!$token = JWTAuth::fromUser($get_info)) {
return $this->respondInternalError( 'Can\'t generate the JWT token right now, try again later!', 'object', 400);
}
return response()->json([
'code' => '200',
'message' => 'success',
'last_updated' => $user->updated_at->format("Y-m-d\TH:i:s\Z"),
'data' => [
'id' => $user->id,
'first_name' => $user->first_name,
'last_name' => $user->last_name,
'email' => $user->email,
'username' => $user->username,
'token' => $token
]
]);
You can login using email or using the following format
public function login(Request $request)
{
//validate incoming request
$this->validate($request, [
'email_phone' => 'required|string',
'password' => 'required|string',
]);
try {
$login_type = filter_var( $request->email_phone, FILTER_VALIDATE_EMAIL ) ? 'email' : 'phone';
// return $login_type;
$credentials = [$login_type => $request->email_phone, 'password'=>$request->password];
if (! $token = Auth::attempt($credentials)) {
return response()->json($this->customResponse("failed", "Unauthorized"), 401);
}
return $this->respondWithToken($token);
} catch(JWTException $e) {
return response()->json($this->customResponse("failed", "An error occured, please contact support.", $user), 500);
}
}