Good Day,
It's possible to use change the login of laravel page into keycloak page? And after login successful, it will redirect back to laravel home page with auth details from keycloak?
It's there any method to implement keycloak login to laravel? thanks.
Yes its possible, keycloak would be the identity provider, and laravel would be a oidc/oauth2 client, after a succusful login, you should be redirected to laravel logegd in.
This might help https://github.com/Vizir/laravel-keycloak-web-guard
Related
I setup a PKCE authentication system for an API using Laravel Passport.
At the moment this API is used by a SPA.
The authentication flow is the following :
User clicks on "login" on the SPA
User is redirected to the API /oauth/authorize endpoint (with all the pkce required parameters)
Now, that API endpoint requires the user to be authenticated. So the login page is shown (its a php Laravel served view)
The user logs in, clicks on authorize, and is redirected to the callback url of the SPA, which will then send a request to obtain the JWT token.
From this point all communication from the SPA and the API will use the JWT token only.
Everything works. Except I now have a few doubts.
Is it correct for the login on step 3 to be session based ? To set that up I simply used Laravel UI, which provides an already setup login functionality, which is session based.
If I visit the API login page again, by its own url, I am actually session logged in (which is normal). Of couse if I logout from that page (it has also a logout button), I can still use the SPA normally, as I still have my JWT token which is used by Passport.
To solve the logout problem I had to implement a 'double' logout, one that clears the JWT from local storage for the SPA, and one to logout the user from the session login of the Laravel api (in case that was still active at the time).
All this seems a little off, should I refactor the login function of Laravel UI to not start a session (if that is even possible) ? Or maybe log the user out in some way(how ?) after the redirect to the SPA callback url ?
Thanks
I have a SPA on a different domain than Laravel. When a user logs in, he is redirected to Laravel and then redirected back to the SPA. Is it possible to avoid the behaviour and make the login process more user-friendly ?
I am working with Zapier, and trying to authenticate user using OAuth2. I am using the Laravel(5.5) Passport(^4.0).
I am trying to use defalut passport routes "https://laravel.com/docs/5.5/passport".
But when it goes to "oauth/authorize" GET method and if user is not logged in then gives me {"error":"Unauthenticated."} instead of redirecting to Login page. And if user is logged in already then worked well.
Is there something i am missing and where I can check to resolve this issue.
Thanks and Regards
You are working with Oauth2 so you will get 401 and {"error" : "Unauthenticated"}. It is up to you to handle the unauthenticated response to the server (e.g. your js front end will redirect or your mobile app show login page).
I am using sentry to authenticate users in laravel 5.3. When the user clicks auth protected route is redirect to the login form. After login, the user is redirected to home page.
How can I configure sentry in manner that the authenticated user is not redirected back to home page but instead to the original destination before login. Kindly assist I seem not to figure it out.
You can use a function called intended
return redirect()->intended('dashboard');
The intended method on the redirector will redirect the user to the URL they were attempting to access before being intercepted by the authentication middleware. A fallback URI may be given to this method in case the intended destination is not available.
https://laravel.com/docs/5.3/authentication#authenticating-users
Maybe this may help you --
You can try giving the url something like this localhost:8000/something?url=anythingelse so that after login change the redirect path to $_GET['url'].
Use a form rather than link to go to login page. Try this --
<form method="GET" url="{{ url('/some') }}?{{ Request::path() }}" id="login"></form>
Login
Is it possible to modify the Laravel App Authentication? like I want to show different forms per different login route, like If I have 2 different login routes for admin and user.
Admin login route, can access the admin dashboard
/app/system/login
User login route, can access only the user page
/app/system/user/login
I tried to do
php artisan route:list
and I see this
LoginController#login
LoginController#showLoginForm
but I don't know where to find them to modify those for my requirements. Any help, ideas please?
You can edit Auth Controller is in Http/Controllers/Auth/AuthController.php, functions get import from file Illuminate/Foundation/Auth/AuthenticatesUsers.php.
Read to documentation how create other auth.