my goal is to receive and send a notification from the server side which is laravel, and i don't know how to do it. Anyone please help me?
By default, Laravel ships with a simple solution to API authentication
via a random token assigned to each user of your application. In your
config/auth.php configuration file, an api guard is already defined
and utilizes a token driver. This driver is responsible for inspecting
the API token on the incoming request and verifying that it matches
the user's assigned token in the database.
Docs
If you are a beginner and you are learning and figuring out how to make apis and secure them, here you can learn Buidling a Blog Application with Laravel 5.6 and Ionic v4.
Related
Im trying to develop an app using Flutter which uses OTP to authenticate a user, ive setup Firebase Auth and everything is working fine, the app sends an SMS to the phone number that the user provided, but now im facing a problem with my Laravel based API, how do i login a user after the OTP auth is done ? surely i cant just send a login request tto my API using only his phone number seeing that its very insecure.
Im sure im missing something here and i would like some guidance.
Thank you
To verify the identity of the user in your backend code, send their ID token from the client to that backend, and verify the ID token there. Once you've verified the user's identity, you can then decide whether they are authorized for the action they are trying to perform.
I'm using lumen to make a website. I choose it because it has been told that lumen is a stunningly fast php micro framework. I need login guide. I have created login form and received data, and validated them. Now I need to check user credinals and login user. Auth::attempt($usercredinals) is not working. Fatal error with method not found is thrown. Is there any idea to use middleware and create routes that automatically login user and make available through Auth::user() method.
Thanks in Advance.
I have not found full tutorial or documentation for authentication.
I'm using the Expo Facebook login on my React Native app. In my app they can create and join events, which is done via API calls to my Laravel backend. I need these API calls to be authenticated (so some random person can't submit requests on someone else's behalf), but I don't want them to have to login twice. How can I ensure the person making API calls is who they say they are?
When they auth with Facebook they get their unique Facebook user ID, but I'm not sure if that is a secret they would only know after authenticating with FB or if anyone could get it. For my alpha version it's just sending their FB user ID with the request to ensure it's coming from the right person, but that seems really insecure because if anyone gets that ID they can forge requests.
One idea I had was to pass the auth token the React Native app got from Facebook to my API, and then on my server use that auth token to ensure it's really them. That just seems sort of complicated and it's hard to find a package that helps facilitate this, though.
It seems like this has to be a common problem. Any resources on how other apps handle this? Tinder, for example, must have this same problem.
I tried to build a mobile app (client(mobile) <-> server) and i'm going to use google API to authenticate and identify my user and to sync to my server.
which is the best method to achieve this?
I was thinking to use below method:
Mobile app get authorization code
send the code to server
server contact google server to get access token
both server and mobile client use the access token to access data from google. <-- is this access token generated portable? means: i can use it in server as well as in mobile app?
i'm not sure if above method is the right method that i should use, if it the right method, is there any reference that i can follow (esp. in python) - i tried to read developer.google.com but it's quite humongous type of API there and i got lost...
Thanks for the kind advise
Well, for quite some time now, i've been doing some research on which plugin to use in Laravel 5.2 for the purpose of authenticating users in my website via their social networks accounts.
I wanted to use Hybridauth, but it is not compatible with Laravel 5.2, it is compatible only with Laravel 4.2. So, i was thinking of using Socialite, but the thing is that i want to give my user the ability to post his social network status via my own website.
So, is there a way that i could give my user this ability using Socialite?
Laravel Socialite handles authentication only.
You can get an access token for the various social media APIs using socialite, but the package does not offer any methods for interacting with those APIs.
If you want your user to be able to post to social media accounts you will need to write the code to interact with those APIs for use a package which provides that functionality, but it is beyond the scope of Socialite.