I'm testing with laravel sanctum but here some issues..
I'm creating Admin guard.
When I change the middleware to auth:sanctum_admin.. it should be only can access by admin but here I can access with normal user account with web guard. I don't know why?...I used passport with multiauth package.it's fine. but here in sanctum can't be separate User Table and Admin.
You can, also use multiple guards in sanctum. To achieve this, follow these steps -
Create your own guard as required. (In config/auth.php)
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
]
],
Set providers. (In config/auth.php)
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Admin::class,
],
],
Use this guard when you authenticate a user. (In route file)
if(auth()->guard('admin')->attempt($request->only('email','password')))
{
return auth()->guard('admin')->user();
}
#Abhishek Mitra
and for authorizatioin using Laravel Sanctum in case of Multiple Auth Guard, we can use middleware as such
Route::middleware(['auth:guard_name'])->get('/user', function(){
return auth()->guard('guard_name')->user();
}
config/auth.php
driver is sanctum
'guards' => [
'users' => [
'driver' => 'sanctum',
'provider' => 'users',
],
'partners' => [
'driver' => 'sanctum',
'provider' => 'partners',
],
'admins' => [
'driver' => 'sanctum',
'provider' => 'admins',
],
],
provider:
providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
'partners' => [
'driver' => 'eloquent',
'model' => App\Models\Partner::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Models\Admin::class,
],
],
model:
must be add Authenticatable
<?php
namespace App\Models;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
class Admin extends Authenticatable
{
use HasFactory, Notifiable;
/**
* The attributes that are mass assignable.
*
* #var array
*/
protected $fillable = [
'name',
'email',
'password',
];
/**
* The attributes that should be hidden for arrays.
*
* #var array
*/
protected $hidden = [
'password',
'remember_token',
];
/**
* The attributes that should be cast to native types.
*
* #var array
*/
protected $casts = [
'email_verified_at' => 'datetime',
];
}
Middleware:
Route::middleware(['auth:admin'])->get('/user', function(){
}
Guard:
auth()->guard('admin')->user();
Unauthenticated user message:
In app/Exceptions/Handler.php
use Illuminate\Auth\AuthenticationException;
function:
protected function unauthenticated($request, AuthenticationException $exception)
{
return response()->json(['message' => 'Unauthenticated.'], 401);
}
or
custom guard and custom redirect
public function render($request, Exception $exception)
{
$class = get_class($exception);
switch($class) {
case 'Illuminate\Auth\AuthenticationException':
$guard = array_get($exception->guards(), 0);
switch ($guard) {
case 'admin':
$login = 'admin.login';
break;
default:
$login = 'login';
break;
}
return redirect()->route($login);
}
return parent::render($request, $exception);
}
you must add your custom guard in config/auth.php.
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'custom-guard' => [
'driver' => 'session',
'provider' => 'custom-provider',
]
],
be careful, the driver in custom guard must be session.
and set provider as:
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'custom-provider' => [
'driver' => 'eloquent',
'model' => App\CustomProvider::class,
],
],
the App\CustomProvider::class must be the model.
after that can easily use the guard in auth.
auth('custom-guard')->user()
I also face the same issue and solved it by following -
In auth.php add an extra Guard - front
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'front' => [
'driver' => 'session',
'provider' => 'members',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => Vanguard\User::class,
],
'members' => [
'driver' => 'eloquent',
'model' => Vanguard\Member::class,
],
],
Log in as a Default User or Member
/** Default Guard**/
if (Auth::attempt(['username' => $credentials['username'], 'password' => $credentials['password']], $request->get('remember'))) {
}
/** Front Guard **/
if (Auth::guard('front')->attempt(['username' => $credentials['username'], 'password' => $credentials['password']], $request->get('remember'))) {
}
Finally add the Guard in sanctum.php
'guard' => ['front','web']
In config/auth.php:
'guards' => [
...
'api' => [
'driver' => 'sanctum',
'provider' => 'users',
],
],
(Tested in Laravel 9.x)
Defining API sanctum guards using the sanctum driver
'guards' => [
// Web Guards
'web' => [
'driver' => 'session',
'provider' => 'users',
],
//API Sanctum Guards
'admin-api' => [
'driver' => 'sanctum',
'provider' => 'admins',
],
'vendor-api' => [
'driver' => 'sanctum',
'provider' => 'vendors',
],
],
Defining Providers
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Models\Admin::class,
],
'vendors' => [
'driver' => 'eloquent',
'model' => App\Models\Vendor::class,
],
],
Generating Token
$user = Admin::where('email', $request->email)->first();
$token = $user->createToken(uniqid());
return ['token' => $token->plainTextToken];
$user = Vendor::where('email', $request->email)->first();
$token = $user->createToken(uniqid());
return ['token' => $token->plainTextToken];
Protecting Routes using sanctum guard
Route::middleware('auth:admin-api')->get('/admin', function (Request $request) {
return $request->user();
});
Route::middleware('auth:vendor-api')->get('/vendor', function (Request $request) {
return $request->user();
});
I think the default guard should be like this:
'defaults'{
'guard' : "sanctum_admin",
'passwords': 'admins',
}
Or
'defaults'{
'guard' : 'web',
'passwords' : 'users',
}
Related
I have followed everysteps of jwt authentication for laravel 9, However the login method not working it's alwasy saying ypeError: Tymon\JWTAuth\Blacklist::__construct(): Argument #1 ($storage) must be of type Tymon\JWTAuth\Contracts\Providers\Storage, PHPOpenSourceSaver\JWTAuth\Providers\Storage\Illuminate given, this error. I have installed composer require tymon/jwt-auth,
In kernel.php I have included 'auth.jwt'=>\App\Http\Middleware\JwtMiddleWare::class, in middlewareAliases,
This is my jwtmiddleware
<?php
namespace App\Http\Middleware;
use Closure;
use JWTAuth;
use Exception;
use Tymon\JWTAuth\Http\Middleware\BaseMiddleware;
class JwtMiddleware extends BaseMiddleware
{
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure $next
* #return mixed
*/
public function handle($request, Closure $next)
{
$user = JWTAuth::parseToken()->authenticate();
return $next($request);
}
}
My admin login method in Admin controller
public function adminLogin(Request $request){
$credentials = $request->only('username', 'password');
try {
if (!$token = JWTAuth::attempt($credentials)) {
return response()->json([
'error' => 'Invalid Credentials'
], 401);
}
} catch (JWTException $e) {
return response()->json([
'error' => 'Could not create token'
], 500);
}
return response()->json([
'token' => $token
], 200);
}
In auth.php
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'admin' => [
'driver' => 'jwt',
'provider' => 'admins',
],
'manager' => [
'driver' => 'jwt',
'provider' => 'managers',
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Models\Admin::class,
],
'managers' => [
'driver' => 'eloquent',
'model' => App\Models\Manager::class,
],
'clients' => [
'driver' => 'eloquent',
'model' => App\Models\Client::class,
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Models\Admin::class,
],
'managers' => [
'driver' => 'eloquent',
'model' => App\Models\Manager::class,
],
'clients' => [
'driver' => 'eloquent',
'model' => App\Models\Client::class,
],
In api.php
Route::post('/admin/register', [
AdminController::class, 'adminRegister'
]);
Route::post('/admin/login', [
AdminController::class, 'adminLogin'
]);
Route::get('/user', [
AdminController::class, 'getUser'
])->middleware('auth.jwt');
Whats the issue and how I can solve it, I have watched other problem solving about this and none worked for me.
I am trying to make Authentication on the Employee table but it always gives me false
I do not what should I change to make auth apply on the Employee table.
Is auth->attempt go and check the database or not
This is Employee controller
<?php
namespace App\Http\Controllers;
use App\Models\Employee;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
class EmployeeController extends Controller
{
public function login()
{
return view("Employee.login");
}
public function check(Request $request)
{
$data = $request->validate([
'email' => 'required|email|max:200',
'password' => 'required|string',
]);
$emp = $request->only('email', 'password');
if (Auth::guard('Employee')->attempt($emp) {
dd($request);
} else {
return "error";
}
}
I make some change to the auth.php and I add guards of Employee but it also did not work
This is auth.php
<?php
return [
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
'employees' => [
'driver' => 'eloquent',
'model' => App\Models\Employee::class,
],
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'Employee',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
'Employee' => [
'driver' => 'session',
'provider' => 'employees',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
'employees' => [
'driver' => 'eloquent',
'model' => App\Models\Employee::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
'throttle' => 60,
],
'employees' => [
'driver' => 'eloquent',
'model' => App\Models\Employee::class,
],
],
'password_timeout' => 10800,
];
As your controller code and configuration is looking ok,
Your Employee model should be as below:
<?php
namespace App\Models;
use Illuminate\Foundation\Auth\User as Model; //This import
class Employee extends Model //extend to Model, we are using User as Model.
{
protected $guarded = ['id'];
protected $hidden = [
'employee_password', 'remember_token',
];
public function getAuthPassword()
{
return $this->employee_password;
}
}
Hope this will be helpful.
I have two models client and user. For web login i have used user model as super admin. But i want client model to be used for the mobile login through api request.
api.php
Route::group(['middleware' => 'auth:api'], function() {
Route::resource('communities', 'communityAPIController');
Route::resource('communities', 'communityAPIController');
Route::resource('clients', 'ClientAPIController');
});
Config/auth.php
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'clients',
'hash' => false,
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'clients' => [
'driver' => 'eloquent',
'model' => \App\Models\Client::class,
],
],
i have my Client model like this.
<?php
namespace App\Models;
use Eloquent as Model;
class Client extends Model
{
public $table = 'clients';
public $fillable = [
'name',
'phone',
'house_no',
'type',
'is_approved',
'community_id'
];
/**
* The attributes that should be casted to native types.
*
* #var array
*/
protected $casts = [
'id' => 'integer',
'name' => 'string',
'phone' => 'string',
'house_no' => 'string',
'type' => 'integer',
'is_approved' => 'boolean',
'community_id' => 'integer'
];
}
I want to use client model instead of user model for the auth:api. Plz Help me
Try this
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'clients',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'clients' => [
'driver' => 'eloquent',
'model' => App\Models\Client::class,
'table'=>'clients'
],
],
try This
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api-clients' => [
'driver' => 'token',
'provider' => 'clients',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
'table' => 'users',
],
'clients' => [
'driver' => 'eloquent',
'model' => App\Models\Client::class,
'table' => 'clients',
],
],
also make sure to mentions drivers to be used in controller's constructor like this
public function __construct()
{
auth()->shouldUse('api-clients');
}
i have created admin login system but on auth::attempt its always returning false
here is my code
$credentials= ['email' => $request->get('email'), 'password'=>$request->get('password')];
if (Auth::guard('admin')->attempt($credentials)) {
return redirect()->intended(route('admin.dashboard'));
}
in Admin model
<?php
namespace App\Models;
use Illuminate\Foundation\Auth\User as Authenticatable;
class Admin extends Authenticatable
{
protected $guard = 'admin';
protected $primary_key = 'admin_id';
protected $table = 'admins';
/**
* The attributes that are mass assignable.
*
* #var array
*/
protected $fillable = [
'admin_firstname', 'admin_lastname', 'email', 'admin_username', 'admin_phone', 'admin_picture', 'admin_gender', 'password',
];
/**
* The attributes that should be hidden for arrays.
*
* #var array
*/
protected $hidden = [
'password', 'remember_token',
];
}
in auth.php
'guards' => [
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
auth::attempt is failing dont know why its not working
its logging but problem is found in admin middleware
$this->middleware('auth:admin');
my auth.php
'guards' => [
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Models\Admin::class,
],
],
degault guard is set as web but in dashboard controller i am using auth:admin please check
your code looking like good.you need to make sure.did you use bcrypt() in registration.like this
$password=bcrypt($request['password']);
and you need to change in config/auth.php
your guard should be like this
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
'admin-api' => [
'driver' => 'token',
'provider' => 'admins',
],
],
and provider should be
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Admin::class,
],
],
and password
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
],
'admins' => [
'provider' => 'admins',
'table' => 'password_resets',
'expire' => 15,
],
],
this is demonstration change your model and driver accordingly
i want to prevent the login after register in Laravel 5.5, I already did this by commenting a line:
public function register(Request $request)
{
$this->validator($request->all())->validate();
event(new Registered($user = $this->create($request->all())));
// $this->guard()->login($user);
return $this->registered($request, $user)
?: redirect($this->redirectPath());
}
i override it in RegisterController.php
i got this error:
Call to undefined method Illuminate\Auth\AuthenticationException::guard()
$guard = array_get($exception->guard(),0);
switch ($guard) {
case 'admin':
return redirect()->guest(route('admin.login'));
break;
default:
return redirect()->guest(route('login'));
break;
}
Here is the content of my config/auth:
<?php
return [
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Admin::class,
],
],
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
],
'admins' => [
'provider' => 'admins',
'table' => 'password_resets',
'expire' => 60,
],
],
];
i have enabled multi-auth system which is i have an admin login and a user login, what i wan't is to disable the login after register in my user page.
To check guard in the exception can do something like this:
return redirect(route(auth()->guard('admin')->check() ? 'admin.login' : 'login'));
Also, use auth() helper or Auth:: facade in the RegisterController#register if you're trying to override the method:
auth()->guard('admin')->login($user);