I'm trying to find a way to use the Joomla extension Hikashop in parallel with another external website built with Laravel.
I'm using :
Laravel 5.5
Joomla 3.8.x
Here is how the setup looks (extremely simplified) :
___________________________ ________________
|Joomla server with Hikashop| <---- API calls ----> | Laravel server |
⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻ ⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻⎻
To get products, prices, purchases etc. all is done through API request to the Joomla website using the com_api component and a custom plugin that returns everything I need.
For user consistency, whenever a user is created, modified or deleted on Laravel, the user is created, modified or deleted on Joomla.
Note 1 : The user cannot edit his profile on Joomla so the sync is only one way.
Note 2 : The login should only be on the Laravel website
Here is the problem i can't get around : on the Laravel website, when the user wants to buy a product, he is redirected to the Joomla website to access the Hikashop interface and pay for the product. This creates multiple questions :
Question 1 : Since the user is on Laravel, he has not session yet on Joomla. How do you pre-create the Joomla session using an API so that when the user arrives on Joomla he is already logged in ?
Question 2 : Once the payment is made, how do you redirect the user the the previous page on Laravel ? (The trigger is good, the only issue is passing the "origin" URL around)
I've tried looking into SSO (Single Sign On) but i would like to keep the two systems separated.
Thank you in advance if you have any ideas or ways to pass session + data from one website to another !
In my own understanding this is , how I will do it.
First if you are form laravel, you needed to be authenticated.
You assign the user from laravel with the equivalent user_id in joomla if you have same user in joomla. If not never mind.
just make the user authenticated either laravel and joomla. Make a token after signed private token not jwt or oauth2. Just to make sure that when you successfully login in both laravel and joomla. there is a similar token related for both of them.
Then you are good to do now.
Related
I have the following setup for my website:
UI - using React
Backend REST API - using PHP
For authentication, I used AWS Amplify. So I host the UI in Amplify console and setup the backend environment for the authentication. In my UI, I have 2 pages:
Home page - "/"
Main page - "/main"
I wrapped the Main component in withAuthenticator from #aws-amplify/ui-react. With this, when i go to "/main" and the user has not signed in, it will show the default SignIn/SignUp from amplify.
My questions are these:
There are some parts on the Main page where I need to hide for non-admin users, say an "Admin" button that is only available for admin users. In Amplify Studio, there is "User Management" where you can create users. As I understand, it uses AWS Cognito for the user pool. But how should I configure a user to be an admin?
Since I am wrapping the UI's main page inside Amplify's authenticator, I can be sure that only authenticated users can access that page and send requests to the backend. To make sure that I am only showing buttons that are for admin users, I am thinking of creating an endpoint called "/profile" that will be called once my Main component loads and it will return an attribute telling me if the user is an admin or not. But how do I check if the user is an admin from inside PHP API?
The logged in user can update his profile like update his name, location, etc. For this, I will create a user_profile table in MySQL to contain these other user attributes. When the user first signup and confirm using Amplify and he's routed to the "/main" page, I'll call the "/profile" endpoint and check first if the user exists in the user_profile table? If not, I'll add that user so he can update his profile later? Is this the right approach?
Since my PHP REST APIs can be called even through say Postman, I also need to check in the backend if the request has the amplify token and check with Cognito if this is a valid token. So for all endpoints, I need to check if the token is valid. Is that correct approach and how to do that?
I am thinking of deploying my PHP REST API on an EC2 instance. I believe since they are all inside the AWS environment, I won't be having issues calling the endpoints from my UI. Is this the right approach?
The same of my MySQL db, I'll deploy to AWS RDS. I hope this is correct.
I hope for your kind guidance on my doubts. Thank you.
So they are a lot of questions for 1 post. It would be better to ask each question in a different post as right now more than technical issue it looks like opinionated architectural discussion.
Reach application can be build and exported into static website. Then all the integrations can be managed by CSR (Client Side Requests). This is a cost efficient and performant way to host react websites. You can host the site on S3+Cloudfront and don't have to manage any servers
For your APIs use API Gateway + AWS Lambda (Your PHP code). You can use token based authentication for your APIs and yes have to check every request if the token is valid.
To check if a user is admin or any other role you can create "groups" in AWS Cognito. Reference to create groups is below
Now what type of user can perform what type of role in your application has to be implemented in your application itself. Cognito can't help you with that part
https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-user-groups.html
Currently, I'm using laravel socialite to link between facebook and my first website. I have 2 website that is already published, let say first_web.com and second_web.com.
What I'm trying to do is, after user log in(using facebook acc) into first_web.com, at any time when the user wanted to go to second_web.com, he is automatically logged in using the facebook acc.
I did my research but there is no tutorial or sample that has done this. Any idea how to achieve this?
In my opinion, it could be solved like this:
(but I must warn to say that, personally, I don't like the way to login in multiple web-sites in one auth-call and there is a better way to make this by it's needs - to use call-to-auth way like Google, when you are redirecting to their website and selecting your google account - one redirect per one call):
First of all you must to understand that you must to save the token in both clients browsers - on both of your web-sites, there is no way to share the same JWT or Cookie between multiple websites - it's unsafe and unsecure and not logical, so you need to create two tokens. (I am not talking about one domain websites, I am talking about different websites on the different domains)
You can use the JSON Web Token JWT approach. For your project you can use Laravel Passport or tymondesigns/jwt-auth according to the installation tutorial.
After the successful socialite API-call - you must to create the JWT token (using the packages from the #1 point) and store it in the client browser for the first website - Cookie or JavaScript-local Storage - choose yourself what way is better for your needs. (you will find a tons of examples in the search about this).
Then from the first website make an AJAX-call (from the JavaScript client framework you are using) to an api with the already given credentials - you will be redirected, selecting your social account e.t.c.
And now, I would make some question with the modal window - "Do you want to share your data to our website #2" and in here there is a second call to socialite API with the redirect. There is no way to prohibit the usage of multiple redirect to your social site, because of the inner security of most socialite providers.
Redirect after your api for the second website and save the
second token into the second website client-browser.
Make your redirect to your first caller-website.
My personal advice - don't do that anyway.
It's not so problematic to make differential authentication in your websites. It's more unsecure to use the way you had questioned.
Good luck!
i want to ask a question regarding the login to Laravel using Prestashop customers data.
Recently, I'm doing a new project whereby in Laravel user login, I want to use Prestashop users (customers) data. That is we will not using Laravel own local user data, but we will use prestashop customers data.
How do I integrate Laravel with Prestashop in user login? Create custome authentication?
And how do I modified the AuthenticateUser in Laravel? I have been searching online in this matter, but I can't find any related.
You may find some libraries that may or may not facilitate this, however, when I needed a similar feature, I simply developed it myself. In brief:
1) In Laravel create a service to authenticate the user through the PrestaShop API.
2) Depending on the response from PrestaShop, you can create a USER in Laravel and instead of a password, save an access token. Same as you would do with say FB login but obviously cannot use Socialite direct - albeit you can extend it or copy its code.
3) You can if wish copy the PrestaShop credentials and allow the user to login directly through Laravel in the future.
There are other methods you can use instead of my suggestion, such as continuously update the Laravel's users' tables from PrestaShop but this is not very consistent and secure.
Note: There is no code to show or prove it, we just need a methodology to solve the problem before implementing the code to our code base.
We have more than one user for our fashion web (laravel app)
Guest (does not matter to this issue)
User (Fashion lovers/Customers/Clients)
Tailors (Fashion designers new/existing accounts in the platform)
The users(customers) can login and register to their application without no problem but our problem is how can we filter the two users(customers/tailors) such that when a user (tailor) logins to www.app.dev/tailor#dashboard (without access) it redirects to (www.app.dev/login) and when the user is a tailor it takes the user to tailors login page instead the user (customers) login, Do you understand me??
check for following stackoverflow questions
Can anyone explain Laravel 5.2 Multi Auth with example
How to use multi Auth in laravel 5.2
Multiple auth user types in Laravel 5
I have a page developed in Wordpress and to enter to this page you have to register and then login into the same.
Now I have to develop another system and I have to use the same session in my new page that was logged in Wordpress.
In the Wordpress page there is a link that brings to Symfony 2 page. Clicking in that link, the user must be the same.
I am using the same database for both applications, so the wp_users table from Wordpress is used by the new Symfony2 page.
For example the user logged in Wordpress page has to fill certain form developed in the new Symfony2 page.
I found this bundle but I don't know how to use it. It seems very useful.
My questions are:
Is there a way to save the session in a cookie and use this cookie in my Symfony2 app?
Is there a way to send a token in the link in the Wordpress page and use this token in my Symfony2 page? This token should contains the user logged info.
Daniel, what you are asking for is possible but is some pretty technical stuff. Your best bet is to try and follow the instructions for the bundle you linked to get the user auth working. Baring that if you wanted to roll your own solution, assuming you are on symfony 2.8 or later you would need to implement a custom user provider and a guard.
http://symfony.com/doc/current/cookbook/security/guard-authentication.html
Basically the idea would be to read the session cookie created by wordpress, use doctrine to look up that session again in wordpress db, get the user ID associated with that. Use that User ID to load the custom user entity you created for the custom user provider.
Someone providing that solution on here likely wont happen with just how much effort would be involved.