I have a Laravel server with socialite and passport. I installed the coderello plugin to have the grant_social type. When I authorize the social, I reply from laravel to the client with a JSON with the social auth token. How can I capture it from my react app so I can use to make API calls? And how should I login with social? Should I use manual redirect with a WebView or should I use the official social's SDKs?
I solved using a view as response that contains a script that calls window.ReactNativeWebView.postMessage and in my React app I use onMessage callback inside the WebView.
Related
I'm using api in a laravel project
and this project contains multiple laravel apps
one of these apps called auth which is responsible of authentication in other apps
me want to request form another apps to this app for login and authorize users
and i'm using livewire and jetstream in auth app and guzzle php package in another apps for api requests
however i need to use fortify function for login when request receive from another apps
but i dont know this function is exist or i have to create this function and what the way for this work?
if you know a better way, let me know , thank you
Most of the requests like ChangePass, Create Blog, Update Blog and etc. are done via AJAX. I've decided to make API controllers that handle every AJAX based request that the user is sending.
Should I use Passport as well because of the API calls?
What's the best way to authorize every registered/logged user to make AJAX based requests, without they have to authorize themselves manually?
If you make those calls from a page which is already authenticated with Laravel adding Passport is not needed, just add csrf token as documentation explains, https://laravel.com/docs/5.7/csrf#csrf-x-csrf-token.
Passport is needed if your site doesn't authenticate against Laravel, like if you have separate NodeJS based client site and Laravel is acting only as an API backend.
I want my users to be able to access my Laravel application from their mobile app (Android/IOS).
The application has authentication, as laravel requires CSRF in forms so I decided to use REST API. After searching I've found Laravel Passport, JWT-auth. (I don't need to use anything like Oauth, socialite).
As I dig into JWT-auth, I found anyone having "token" can access to user accounts that is very much risky.
What should I do? Is there any way I can request to server from mobile application for CSRF Token and send it to the server while requesting authentication. (My input fields are static to the mobile app)
Me and my friend are creating an application. I'm using Laravel 5.4 as the backend and he uses Angular2 as frontend.
The Laravel project serves as a rest API with JWTauth token authentication.
Now I would like to make a small backend dashboard in the Laravel project that is only accessible by admins.
How would I go about using different authentication (with session) instead of tokens when I just browse to the api backend part?
This is pretty straightforward. Just apply the JWT auth middleware to the API routes and the normal auth middleware to your admin dashboard. You don't even need to tweak anything since JWT doesn't need changes to your table structure or need for changing the existing auth.
Build the backend dashboard using the built int auth scaffolding using the auth and guest middleware. For the api routes use the standard api middleware along with the jwt.auth middleware if you're using the tymondesigns/jwt-auth package. There will be no conflict with these two.
Bro use separate guard like
$loginUser = Auth::guard('web')->loginUsingId(12,true);
please help me,
I want the stateless authentication for Rest api for login api to to get the token from it by using guard in it.
You might consider using Laravel Lumen because laravel by default uses session state.
In lumen you can be able to authenticate a user by using the new Auth::viaRequest() method. Docs here: https://lumen.laravel.com/docs/5.2/authentication