I'm trying to build a platform where a Supplier can login to the platform, a normal web login.
But from the outside webshops can place orders using my REST API. Each webshop should be able to place an order but how would I go about authenticating those webshops?
Should I generate a sort of token for each webshop which they have to send in each request? Is it possible using JWT to issue a token to each shop that they will use for life? And so I know which shop is trying to create an order?
Looking very forward to your ideas.
Thank you.
Since you've mentioned laravel in the topic, try Passport
Here is a nice introduction blog post about it:
https://mattstauffer.co/blog/introducing-laravel-passport
You can have it up and running within hours, good luck!
Hi there is many package can do this including Passport as mentioned by #veNuker
my sugestion use Api-Guard is easy to use
Related
I am planning a small project and have a question about authentication. I would like to implement the site with Laravel 8. However, as soon as the user has successfully logged in, he should be directed to the user dashboard. The User Dashboard should be a pure VueJS Single Page Application.
Now my question. Which auth should I use here? Session or token for the whole site or is both possible and useful?
If I use the token auth variant, for example, then I can protect the Vue app very well but I cannot access the user information outside the Vue app. For example, the current profile picture of the user should appear in the navbar and not only in the vue app but also on the landing page, contact page etc.
How can I do this and what will be the best practice and thanks for your help!
Use token based Authentication
(Laravel Passport)
Use Token-based authentication system.
In this way, you'll be able to manage the entire application UI and role checking in the frontend only. I would rather prefer to go with JWT [https://jwt-auth.readthedocs.io/en/develop/laravel-installation/]. It's easy to use and the documentation is pretty good. It's even supported by Lumen also. If you wish to integrate any micro-service in your application future, then it's available in Lumen micro-service also.
I have to dev a project with 5 microservices by now, but in a future it could have more than 50. And I have a big problem with the auth.
All microservices need auth to access to the information, here is the problem.
How I can do it?.
I thought some like that:
ms1.blabla.com
ms2.blabla.com
...
auth.blabla.com
Make an "auth" microservice and here store users, pass, tokens, and other stuffs.
It is ok? or any other suggestion?
Another problem is how I get the data from others services? I need to call every time to auth microservice in ms1 microservice before the fetch the data to check the token? like a middleware in every microservices?... It sounds very awful and making a lot of requests to auth.
Any know how to do it in the best way? some tutorial, example, packages, idk. Any idea is well receive.
Another problem is if use Laravel or Lumen (?). I thought Laravel on every project to make it more scalable in time, and the front-end in Vue. Or just Lumen cuz it now is just database and data, no more.
Thanks
if you need to handle auth in your API I really suggest relying on Passport (https://laravel.com/docs/8.x/passport) to handle authorization instead of building something from your own.
Regarding the choice of Laravel Vs Lumen it depends on how you plan to handle the frontEnd. Lumen is just a simpler / faster version of Laravel but you won't be able to handle session, cookies, etc.
If you are making requests to your microservices from several frontends (for example a website and a mobile app) I suggest to use Lumen and build only an API. You can find a more detailled article on differences between both here https://medium.com/#jeffalmeida_27473/laravel-vs-lumen-what-should-i-use-63c196822b2d
I have two different registers and logins. How can i create multiple authendication for that using laravel api.
It's a little bit tricky because Laravel Passport doesn't currently support multiple authentication yet. What I did with a previous project of mine is use this package for implementing multiple authentication for APIs using Laravel Passport. The package I've suggested is fairly simple to implement. Go check it out!
I am very beginner in laravel. I want to create a login registration with my own code without using the laravel auth.
Yes. This is very possible. There are many authentication packages you can reference and guides to follow for auth in PHP. I highly suggest you implement Laravel's authentication scaffolding and learn how it works in order to build your own. It's really awesome! I provided links to a poplar authentication package you can study through and a tutorial below.
https://github.com/panique/huge
https://www.tutorialrepublic.com/php-tutorial/php-mysql-login-system.php
Hi All Master Laravel,
I need your help to get data timespent from login user in laravel, I'm using Sentinel for login and Laravel 5.4
If only one page, we can use TimeOut javascript, but what I need is log for user which spent all page in my website
Regards,
Sidik
As I know there is no built-in solution for your purpose.
But you can write your personal implementation based on data from user requests.
Also, you can use third party service for this purpose too, for example Google Analytics. Here is an example how to set up the user ID into your analytics code.