Laravel 5.5
I want to change direction of api token that used in TokenGaurd so,
i created a custom guard named CafeTokenGaurd extends TokenGuard, i define __construct function into it like what i want, something like this:
public function __construct(UserProvider $provider, Request $request) {
parent::__construct($provider, $request);
$this->inputKey = 'api_key'; // I want changing this part
$this->storageKey = 'api_key';
}
Now i want to define api_key from relation with users table like this:
device_user table -> token
i want to define specific tokens for each devices user have, and i want to set api key input and storage key to this column in pivot table between users and devices,
how i should this?!
Thanks
Since the version Laravel 5.7.28, You can simply set up in config/auth.php.
'guards' => [
'api' => [
'driver' => 'token',
'input_key' => 'token', // The input name to pass through
'storage_key' => 'token', // The column name to store in database
'provider' => 'users',
],
],
Because you need to change how the user is retrieved out of the database, you actually need to create and use a custom UserProvider, not a custom Guard. You'll only need the custom guard if you feel like renaming the input key or storage key from api_token.
So, you'll need a new custom UserProvider class that knows how to retrieve your user with the given credentials (token), and you'll need to tell Auth to use your new custom UserProvider class.
First, assuming you're still using Eloquent, start by creating a new UserProvider class that extends the base EloquentUserProvider class. In this example, it is created at app/Services/Auth/MyEloquentUserProvider.php. In this class, you will need to override the retrieveByCredentials function with the details on how to retrieve the user with the provided token.
namespace App\Services\Auth;
use Illuminate\Auth\EloquentUserProvider;
class MyEloquentUserProvider extends EloquentUserProvider
{
/**
* Retrieve a user by the given credentials.
*
* #param array $credentials
* #return \Illuminate\Contracts\Auth\Authenticatable|null
*/
public function retrieveByCredentials(array $credentials)
{
if (empty($credentials)) {
return;
}
// $credentials will be an array that looks like:
// [
// 'api_token' => 'token-value',
// ]
// $this->createModel() will give you a new instance of the class
// defined as the model in the auth config for your application.
// Your logic to find the user with the given token goes here.
// Return found user or null if not found.
}
}
Once you've created your class, you need to let Auth know about it. You can do this in the boot() method on your AuthServiceProvider service provider. This example will use the name "myeloquent", but you can use whatever you want (except "eloquent" and "database").
public function boot()
{
$this->registerPolicies();
Auth::provider('myeloquent', function($app, array $config) {
return new \App\Services\Auth\MyEloquentUserProvider($app['hash'], $config['model']);
});
}
And finally, you need to tell Auth to use your new myeloquent user provider. This is done in the config/auth.php config file.
'providers' => [
'users' => [
'driver' => 'myeloquent', // this is the provider name defined above
'model' => App\User::class,
],
],
You can read more about adding custom user providers in the documentation here.
Related
I have been struggling with creating a second authentication alongside with the out-of-the-box authentication in Laravel.
I used the make:auth command from artisan and used my custom model as provider and also created a guard for my custom model.
My issue is that the user does not get authenticated after a successful login.
So in other words, when I try to retrieve the user with: Auth::user() or Auth::guard('employee')->user() it just gives me null and I cannot understand why this is happening.
The thing is that I get redirected correctly but I don't know if its the session or anything else that is not working? Correct me if I am wrong
Edit:
My employee model:
<?php
namespace App\Models;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Database\Eloquent\Factories\HasFactory;
class Angestellter extends Authenticatable
{
use HasFactory;
public $timestamps = false;
protected $table = 'angestellter';
/**
* The attributes that are mass assignable.
*
* #var string[]
*/
protected $fillable = [
'friseurkuerzel',
'vorname',
'nachname',
'email',
'password',
'ist_admin',
'erstelldatum',
'friseursalon_id',
];
}
My guard config from /config/auth.php
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'employee' => [
'driver' => 'session',
'provider' => 'employees',
]
],
My AdminLoginController where I log in my user:
$this->validate($request, $rules);
$remember = $request->get('remember');
if (Auth::guard('employee')->attempt([
'email' => $request->get('email'),
'password' => $request->get('password'),
], $remember)) {
//Authentication passed...
Auth::guard('employee')->login(Auth::guard('employee')->user());
return redirect()->to(route('admin.home'))->send();
}
After the attempt() method succeeds, I am able to dd() my Auth user with: Auth::guard('employee')->user()
But after the redirect, the Auth user is null wherever I dd() him.
I have just for the sake of testing tried to access him on my admin.home view via dd() after a successful redirect.
With what you currently have you can make some minor adjustments to fix that up. Auth::guard('employee')->attempt([...]) is attempting to login the user so when you get inside the if block the user is already logged in so you don't need to retrieve them from the guard and log them in again. When returning Responses you do not need to call the send method on the Response. This is handled after the Response gets out of the Kernel; it is the first to last statement in the script, index.php, that loads your application:
$response = $kernel->handle(
$request = Request::capture()
)->send();
If you call send on a Response while you are still in the middleware stack (which you are if you are in a route action) you are returning headers too early, flushing the response content to the client and finishing the request. Anything else in the middleware stack on the way out can not add headers to the Response that will end up being sent. Once the send method is called it won't send headers again. This means the cookies that the StartSession and EncryptCookies middleware add won't be sent.
I'm using external identity provider to authenticate users, created a SPA client (got client_id & client_secret), configured API with audience & scope, so once users authenticated they will get access_token (will be authorized) to access multiple custom micro-services (APIs).
When my custom API receives a request with a bearer Access Token (JWT) the first thing to do is to validate the token. In order to validate JWT I need to follow these steps:
Check that the JWT is well formed (Parse the JWT)
Check the signature. My external identity provider only supports RS256 via the JWKS (JSON Web Key Set) URL (https://{domain}/.well-known/jwks.json), so I can get my public key following this URL.
Validate the standard claims
Check the Application permissions (scopes)
There are a lot of packages/libraries (i.e. https://github.com/tymondesigns/jwt-auth) to create JWT tokens but I can't find any to validate it using those steps above. Could anyone please help to find suitable Laravel/PHP package/library or move me to the right direction in order to achieve my goals (especially point #2).
I did something similar in the past, I don't know if this may help but I'll give it a try. To use a public key, you should download it, put it somewhere on the disk (storage/jwt/public.pem for example) and then link it in the jwt config config/jwt.php with the ALGO (you can see supported algorithms here
'keys' => [
// ...
'public' => 'file://'.storage_path('jwt/public.pem'),
// ...
],
'algo' => 'RS256',
Then, you should have a custom Guard, let's call it JWTGuard:
<?php
namespace App\Guard;use App\Models\User;
use Illuminate\Auth\GuardHelpers;
use Illuminate\Contracts\Auth\Guard;
use Illuminate\Http\Request;
use Tymon\JWTAuth\JWT;class JWTGuard implements Guard
{
use GuardHelpers;
/**
* #var JWT $jwt
*/
protected JWT $jwt;
/**
* #var Request $request
*/
protected Request $request;
/**
* JWTGuard constructor.
* #param JWT $jwt
* #param Request $request
*/
public function __construct(JWT $jwt, Request $request) {
$this->jwt = $jwt;
$this->request = $request;
}
public function user() {
if (! is_null($this->user)) {
return $this->user;
}
if ($this->jwt->setRequest($this->request)->getToken() && $this->jwt->check()) {
$id = $this->jwt->payload()->get('sub');
$this->user = new User();
$this->user->id = $id;
// Set data from custom claims
return $this->user;
}
return null;
}
public function validate(array $credentials = []) { }
}
This should do all your logic of validation, I used a custom user implementation, the class signature was like:
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Database\Eloquent\Model;
class User extends Model implements AuthenticatableContract {
// custom implementation
}
Finally, you should register the guard in the AuthServiceProvider and in the auth config
public function boot()
{
$this->registerPolicies();
$this->app['auth']->extend(
'jwt-auth',
function ($app, $name, array $config) {
$guard = new JWTGuard(
$app['tymon.jwt'],
$app['request']
);
$app->refresh('request', $guard, 'setRequest');
return $guard;
}
);
}
then allow it in the config
<?php
return [
'defaults' => [
'guard' => 'jwt',
'passwords' => 'users',
],
'guards' => [
// ...
'jwt' => [
'driver' => 'jwt-auth',
'provider' => 'users'
],
],
// ...
];
You can then use it as a middleware like this:
Route::middleware('auth:jwt')->get('/user', function() {
return Auth::user();
}
Does this sound good to you?
In the end I've used the Auth0 SDK for Laravel - https://auth0.com/docs/quickstart/backend/laravel/01-authorization. Nice and clean solution.
I am creating an API using API-Platform and have set up my user entity etc using the standard symfony security bundle (https://symfony.com/doc/current/security.html#retrieving-the-user-object)
I have the login working with REST at {url}/api/login using JWT but I cannot see any way of sending my login details with GraphQL
The API-platform documentation shows how to set up security and how to setup GraphQL separately but doesn't really show how to combine them.
https://api-platform.com/docs/core/graphql
https://api-platform.com/docs/core/fosuser-bundle
How do I make the login accessible in GraphQL?
Currently, I only have the createUser updateUser and deleteUser mutations, I assume I would need an authenticateUser one?
Yes, you'll need a custom mutation for the login.
Assuming you are using the API Platform standard docs for the API, you are using JWT to authenticate your calls, you need a UserMutationResolver for auth:
<?php
namespace App\Resolver;
use ApiPlatform\Core\GraphQl\Resolver\MutationResolverInterface;
use App\Entity\User;
use Lexik\Bundle\JWTAuthenticationBundle\Services\JWTTokenManagerInterface;
use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
use Doctrine\ORM\EntityManagerInterface;
final class UserMutationResolver implements MutationResolverInterface
{
public function __construct(
private UserPasswordEncoderInterface $userPasswordEncoder,
private JWTTokenManagerInterface $JWTManager,
private EntityManagerInterface $em,
)
{}
/**
* #param User|null $item
*
* #return User
*/
public function __invoke($item, array $context)
{
// Mutation input arguments are in $context['args']['input'].
if ($context["info"]->fieldName == 'loginUser') {
$userRepository = $this->em->getRepository("App:User");
$user = $userRepository->findOneBy(['email' => $item->getEmail()]);
if ($this->userPasswordEncoder->isPasswordValid($user, $item->getPlainPassword())) {
$token = $this->JWTManager->create($item);
$user->setToken($token);
}
return $user;
}
}
}
Then you add that custom mutation to the User entity. Be sure to add the names of the auto-generated mutations/queries or they will disappear (item_query, create, update, delete, collection_query). You'll also need to disable some of the stages, since this is a mutation Api Platform will try and save this as a new user, which we don't want, so as you see below, 'write' => false and 'validate' => false
// api/src/Entity/User.php
// imports etc .
// ...
#[ApiResource(
normalizationContext: ["groups" => "user:read"],
denormalizationContext: ["groups" => "user:write"],
attributes: [
'write' => true,
],
graphql: [
'item_query',
'create',
'update',
'delete',
'collection_query',
'login' => [
'mutation' => UserMutationResolver::class,
'write' => false,
'validate' => false,
'args' => [
'email' => ['type' => 'String!', 'description'=> 'Email of the user ' ],
'password' => ['type' => 'String!', 'description'=> 'Password of the user ' ]
]
],
],
iri:"http://schema.org/Person",
)]
#[UniqueEntity(fields: ["email"])]
class User implements UserInterface
{
// ...
This will create a mutation that you can access like this:
mutation {
loginUser(input: {email:"test1#test.com", password:"password"}) {
user {
token
}
}
}
and the result should look something like this:
{
"data": {
"loginUser": {
"user": {
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MTgzNjM1NDQsImV4cCI6MTYxODM2NzE0NCwicm9sZXMiOlsiUk9MRV9VU0VSIl0sInVzZXJuYW1lIjoidGVzdDFAdGVzdC5jb20ifQ.pSoAyNcaPa4MH2cxaAM4LJOGvirHfr94GMf_k20eXlF1LAaJyXRraKyC9hmBeKSUeAdIgowlfGFAHt96Z4EruBlkn2mbs3mj3uBWr2zqfNTVyQcicJDkJCO5EpbpexyLO5igD9qZU__4ctPvZcfWY-dJswSfiCTP1Uz0BiGFsGqb72chd8Rhn5Btls-D6b9Uuzl9ZZeLj2pIuBA-yi_CMm3CzopKIJ1NySMT8HyvafHcTdfpzFWFPoUqxkVAzt4U6tqBpEnTqmwRW_3kTisJhIY9xH2uXKghz2VWM6mvTL1PahZgbwLqsVb_sBOOEtiASpGf8WNc1uXtKNhBCb_YJw"
}
}
}
}
I cannot see any way of sending my login details with GraphQL
Auth protected queries should be sent with Authorization header. Exact method depends on client-side technology, f.e. Apollo client supports this by middleware.
You can use existing REST login endpoint (fetch/get token) or create login mutation - example.
Another inspiration can come from a more complex example apollo-universal-starter-kit
I'm using https://github.com/tymondesigns/jwt-auth on my lumen application.
Here's my composer.json
"laravel/lumen-framework": "5.3.*",
"tymon/jwt-auth": "^1.0#dev",
I've read a of tutorials on how to install. Some of which are:
https://scotch.io/tutorials/role-based-authentication-in-laravel-with-jwt
https://laravelista.com/posts/json-web-token-authentication-for-lumen
I am able to make it work on my local and successfully return the token. But the problem is that instead of using eloquent on the provider that fetches data from database.sqlite, I want to use database as my driver.
With that, I have set
'providers' => [
'users' => [
'driver' => 'database',
'table' => 'user_table',
// 'driver' => 'eloquent',
// 'model' => App\User::class,
],
],
on my config/auth.php
Since it is now connection thru a database, it now uses the DatabaseUserProvider.php
I need to modify some codes though.
/**
* Validate a user against the given credentials.
*
* #param \Illuminate\Contracts\Auth\Authenticatable $user
* #param array $credentials
* #return bool
*/
public function validateCredentials(UserContract $user, array $credentials)
{
$plain = $credentials['password'];
return $this->hasher->check($plain, app('hash')->make($user->getAuthPassword()));
}
Notice that I added a app('hash')->make() when validating the password.
It then inject the retrieved user into the GenericUser object.
/**
* Get the generic user.
*
* #param mixed $user
* #return \Illuminate\Auth\GenericUser|null
*/
protected function getGenericUser($user)
{
if (! is_null($user)) {
return new GenericUser((array) $user);
}
}
Since it is on the GenericUser object, it gives an error of:
Argument 1 passed to Tymon\JWTAuth\JWT::fromUser() must be an instance of Tymon\JWTAuth\Contracts\JWTSubject, instance of Illuminate\Auth\GenericUser given
In order to fix this, I have to "hack" it by removing the JWTSubject injection on every method under the tymon\jwt-auth\src\JWT.php
Is there a better way to clean this up?
You can easily fix it by making your authenticating user implement JWTSubject, which is the most right thing to do.
class GenericUser implements JWTSubject {
[...]
}
But, since you're dealing with a Laravel native implementation, I'd suggest you to extend it and implement JWTSubject, instead of going everywhere in jwt-auth's code and remove the type-hints.
I am absolutly new in PHP and Laravel, I came from Java.
I am trying to follow this tutorial to implement a custom user provider:
https://blog.georgebuckingham.com/laravel-52-auth-custom-user-providers-drivers/
I briefly expain what I need: my Laravel application is only a front end application, all the business logic, included the user authentication, is performed by a Java back end application that exposes REST web services.
Performing a call to:
http://localhost:8080/Extranet/login
and passing username and password as basic authentication I obtain a JSON response like this that represent the logged user:
{
"userName": "Painkiller",
"email": "painkiller#gmail.com",
"enabled": true
}
So, in my Laravel application, I have to perform this call and then parse the previous returned JSON object to generate the authenticated object into the front end application session.
I think that the previous custom user provider is the neater and most natural solution to do it, but I am finding some difficulties and I have many doubts about how do it in my project.
I am using Larave 5.3 version.
I have done the following steps (following the previous tutorial and trying to adapt it to my needs):
1) Stage 1: Register your custom user provider:
I have created my service provider in which I have register mycustom authentication user provider (the custom component used to perform my custom login via web service).
So into the app directory of my Laravel project I have created the Authentication subdirectory and here I have put this AuthServiceProvider that extends ServiceProvider:
<?php
namespace App\Authentication;
use Auth;
use App\Authentication\UserProvider;
use Illuminate\Support\ServiceProvider;
class AuthServiceProvider extends ServiceProvider {
/**
* Perform post-registration booting of services.
*
* #return void
*/
public function boot()
{
Auth::provider('our_provider', function ($app, array $config) {
return new UserProvider();
});
}
/**
* Register bindings in the container.
*
* #return void
*/
public function register()
{
//
}
}
This simply registers your user provider/driver, making it usable in the config/auth.php file via the our_provider key.
FIRST DOUBT: passing the mouse on the:
use Auth;
it result Undefined class Auth, why? It seems to me that it is not used in the previous code, maybe a tutorial inclusion error or am I missing something?
Then I registerd this service into my config/app.php file:
This is the providers section of this file:
'providers' => [
/*
* Laravel Framework Service Providers...
*/
Illuminate\Auth\AuthServiceProvider::class,
Illuminate\Broadcasting\BroadcastServiceProvider::class,
Illuminate\Bus\BusServiceProvider::class,
Illuminate\Cache\CacheServiceProvider::class,
Illuminate\Foundation\Providers\ConsoleSupportServiceProvider::class,
Illuminate\Cookie\CookieServiceProvider::class,
Illuminate\Database\DatabaseServiceProvider::class,
Illuminate\Encryption\EncryptionServiceProvider::class,
Illuminate\Filesystem\FilesystemServiceProvider::class,
Illuminate\Foundation\Providers\FoundationServiceProvider::class,
Illuminate\Hashing\HashServiceProvider::class,
Illuminate\Mail\MailServiceProvider::class,
Illuminate\Notifications\NotificationServiceProvider::class,
Illuminate\Pagination\PaginationServiceProvider::class,
Illuminate\Pipeline\PipelineServiceProvider::class,
Illuminate\Queue\QueueServiceProvider::class,
Illuminate\Redis\RedisServiceProvider::class,
Illuminate\Auth\Passwords\PasswordResetServiceProvider::class,
Illuminate\Session\SessionServiceProvider::class,
Illuminate\Translation\TranslationServiceProvider::class,
Illuminate\Validation\ValidationServiceProvider::class,
Illuminate\View\ViewServiceProvider::class,
/*
* Package Service Providers...
*/
//
/*
* Application Service Providers...
*/
App\Providers\AppServiceProvider::class,
App\Providers\AuthServiceProvider::class,
// App\Providers\BroadcastServiceProvider::class,
App\Providers\EventServiceProvider::class,
App\Providers\RouteServiceProvider::class,
App\Authentication\AuthServiceProvider::class,
],
as you can see this array contains my App\Authentication\AuthServiceProvider::class, representing the previous ServiceProvider. Is it correct?
2: Stage 2: Update config to use new driver:
I tell to my Laravel application to use the previous user provider, so I go into the config/auth.php configuration file and I set my provider:
'providers' => [
'users' => [
'driver' => 'our_provider',
],
],
For the sake of completeness I post the entire content of my config/auth.php so you can see if there are some other error:
<?php
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session", "token"
|
*/
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
/*
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
*/
'providers' => [
'users' => [
'driver' => 'our_provider',
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that the reset token should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
],
],
];
3) Stage 3: Create a user class:
I think that this is something like a model object that will contains the data received from my web service (if the user can log into the system).
So if I am not missing something it have to contains a structure like this (username, email, ebabled fields):
{
"userName": "Painkiller",
"email": "painkiller#gmail.com",
"enabled": true
}
According to the tutorial this user class must implement the Laravel Illuminate\Contracts\Auth\Authenticatable interface.
So into the /app/Authentication class (the same one that contains the previous AuthServiceProvicer class) I put this User class implementing the Authenticatable interface:
<?php
namespace App\Authentication;
use Illuminate\Contracts\Auth\Authenticatable;
class User implements Authenticatable {
/**
* #return string
*/
public function getAuthIdentifierName()
{
// Return the name of unique identifier for the user (e.g. "id")
}
/**
* #return mixed
*/
public function getAuthIdentifier()
{
// Return the unique identifier for the user (e.g. their ID, 123)
}
/**
* #return string
*/
public function getAuthPassword()
{
// Returns the (hashed) password for the user
}
/**
* #return string
*/
public function getRememberToken()
{
// Return the token used for the "remember me" functionality
}
/**
* #param string $value
* #return void
*/
public function setRememberToken($value)
{
// Store a new token user for the "remember me" functionality
}
/**
* #return string
*/
public function getRememberTokenName()
{
// Return the name of the column / attribute used to store the "remember me" token
}
}
DOUBT: The tutorial example put in this class only the stubbded methods, I have no token and I think that I only want to retrieve te previous username, email, ebabled fields. So I think that this class is incomplete. Whate have I exactly to do? Create these 3 fields (that represent the user information returned by my web service) and the related getter methods? Is it or am I missing something?
4) Stage 4: Create a UserProvider class:
In stage 1, I have a callback function which returned an instance of App\Authentication\UserProvider, this class is used to retrieve instances of our users App\Authentication\User.
This class have to implement the Illuminate\Contracts\Auth\UserProvider interface. It seems to me that the method that have to be implemented will contain the logic to retrieve my user information (so in my specific case where I have to put my web service call).
So in the same app/Authentication directory I have put this UserProvider implementing the Illuminate\Contracts\Auth\UserProvider interface, this is my code:
<?php
namespace App\Authentication;
use Illuminate\Contracts\Auth\Authenticatable;
use Illuminate\Contracts\Auth\UserProvider as IlluminateUserProvider;
use GuzzleHttp\Client;
use function GuzzleHttp\json_encode;
use function GuzzleHttp\json_decode;
class UserProvider implements IlluminateUserProvider
{
public function retrieveById($identifier)
{
// TODO: Implement retrieveById() method.
}
public function retrieveByToken($identifier, $token)
{
// TODO: Implement retrieveByToken() method.
}
public function updateRememberToken(Authenticatable $user, $token)
{
// TODO: Implement updateRememberToken() method.
}
public function retrieveByCredentials(array $credentials)
{
// TODO: Implement retrieveByCredentials() method.
$client = new Client(); //GuzzleHttp\Client
$response = $client->post('http://localhost:8080/Extranet/login',
[
'auth' => [
'Painkiller',
'pswd'
]
]);
}
public function validateCredentials(Authenticatable $user, array $credentials)
{
// TODO: Implement validateCredentials() method.
}
}
So I think that I have to put my webservice call in this method retrieveByCredentials(), this one:
public function retrieveByCredentials(array $credentials)
{
// TODO: Implement retrieveByCredentials() method.
$client = new Client(); //GuzzleHttp\Client
$response = $client->post('http://localhost:8080/Extranet/login',
[
'auth' => [
'Painkiller',
'pswd'
]
]);
}
For semplicity, at this time I have hard coded the credential of an existing user returned by the web service doing performing an http request, so for any credential inserted by the user in the login form will always retrieve this user (I want to do a test...then I will integrate with the inserted credential).
Ok, this is the logic that I have understand following this tutorial, is it correct or am I missing something?
Then I start my Laravel project by the statment php artisan serve but I am obtaining the following error message:
Andrea#Andrea-PC MINGW64 ~/Documents/Betrivius/WorkSpace/betriviusExtranet (master)
$ php artisan serve
PHP Fatal error: Class 'App\Providers\AuthServiceProvider' not found in C:\Users\Andrea\Documents\Betrivius\WorkSpace\betriviusExtranet\vendor\laravel\framework\src\Illuminate\Foundation\ProviderRepository.php on line 146
[Symfony\Component\Debug\Exception\FatalErrorException]
Class 'App\Providers\AuthServiceProvider' not found
Why? What is wrong? What am I missing? How can I fix this issue?