Can socialite authenticate from the CLI without the need to use curl? my purpose is to get data from angellist every two hours and store them in the database. so I thought I can have a scheduler to run every two hours. but I need to be authenticated and I don't want to use curl as socialite has many features already in place.
I love to hear your suggestions.
I recommend using Mozilla Persona for user authentication, that way you don't have to worry about which social login the user has/doesn't have.
It's probably easier to set up too, and you don't need an https certificate because the the authentication is happening elsewhere (like social auth).
Here's a link to the setup
Here's a link to the setup
Here's a php code example
Related
I am working on a react native application for a website which is made in Laravel so all of its APIs are based on Laravel.
I am facing a problem of CSRF token when making POST request to the Laravel Backend. Every Time I am getting a response of Page is Expired.
I have done some research on the issue and found that CSRF tokens are generated by Laravel by default for security purposes. My question is how can I connect to Laravel API.
One solution which was suggested is to use JWT tokens but that's really not a feasible solution for me and I am not sure how to implement JWT Authentication in Laravel.
Another Solution which I have read is that whenever we visit a page made using Laravel then in window object window.csrfToken can be accessed which is the token I need for making the API calls. Is it true? and if it is then how can I get that in React Native Application (should I make a GET request for the website and try to get the token from there is it possible?)
One more solution I think is that we can bypass some routes in Laravel Middleware so that token is not checked.
I need some suggestions on the issue. Also need to know that above solutions are correct or not and which one should I use.
Thanks
I'm planning on creating a multi-page web app using Laravel as a back-end REST API and a Vue.js front-end to consume this API.
To be clear up front, I'm not interested in code snippets of exactly how to set this up, unless some will help visualize the architecture.
What I would like to know is how this 'Split-Stack' can be deployed in a completely separated manner. I.E. neither stack shares a codebase, and are stored in completely independent repositories.
I'm not very familiar with JavaScript frameworks beyond jQuery, so I think my lack of understanding lies mainly in the Vue.js department. Some questions which stand out in particular are:
Can a Vue.js application be hosted by a web server to serve static HTML files, if so, which one is compatible?
Can both the front and back end services run on the same server, on different ports for example, and what would be any best practices for this?
And how is login authentication affected by running a web app in this way, and should I be looking into creating some kind of OAuth authentication between the front and back ends?
After reading many blog posts, it is obvious that this architecture is possible, but I'm struggling to find details on how exactly this is configured to be completely separate.
The tools and technologies don't necessarily matter here, but any specifics for Vue.js and Laravel are appreciated.
I have a VueJS Front-End set up with an ExpressJS Back-End, which is very similar to what you are talking about. And yes, it is entirely possible. So let's take a look at each of your questions individually.
Can a Vue.js application be hosted by a web server to serve static HTML files, if so, which one is compatible?
Yes, when you run VueJS, you can either build it as a static application or serve it as a NodeJS Application.
See the Deployment section of the Vue CLI 3 documentation here. It explains how the /dist directory is used to serve the VueJS Application in the manner you are intending to.
Can both the front and back end services run on the same server, on different ports for example, and what would be any best practices for this?
I recently posted an example of how to host both your Front-End and API on the same server here. (Includes Coding Examples and Explanation). This answer references ExpressJS as the API, but the principles are the same. Really, just have your Front-End listening on port 80 and have your API operating on a different, unused port (ie: 8081).
And how is login authentication affected by running a web app in this way, and should I be looking into creating some kind of OAuth authentication between the front and back ends?
I handle all authentication on the back end. Basically, in the Vue Router, you can set a secure parameter. Then declare a router.beforeEach((to,from,next) => {}); call towards the end. This call should then check to see if the user has a valid login token and redirect them to the applications login page after setting a cookie with the URL the user was asked to login from so that they can be sent back to it after logging in.
In our case, we have the user redirected to the VueJS Route /saml/login. The /saml/login component. This component makes a call to the API and returns the address the user should be redirected to to login. In our case, it is the API (which is running on the same server, but a different port [see answer above]), www.example.com:8081/api/v1/saml_login. This then works with the IDP and receives the token and user data. This is also where you would perform you ACS functions (provisioning the user, updating the login time or user data, etc.) After receiving the token, it is placed into a cookie or other placeholder so that it can be used to validate against the token stored in the Database when the user was validated initially. (It is a best practice to set expiration's on your tokens). The user is then redirected to the url stored in the cookie that lets us know where they were asked to sign in from so they can view their content without having to look for it again. (Happy to share code on this if you want)
I think using Firebase or Auth0 Authentication is one of the best ways to do this. Firebase or Auth0 will take care of all the authentication for you and allow your backend to verify the authenticity of your front end. So that makes it much easer to separate the two.
There is an admin SDK for connecting Laravel to Firebase and there are templates and existing authentication SDK's for Vue. There are a few articles which sort of describe it but I haven't seen anything that pieces it all together yet. I was able to figure it out from 2 or 3 different articles and it ended up being easier than I thought it would be.
I have two laravel app and each has separate authentication (login), now what I want is when the user successfully login to my first laravel app (login laravel app) then the second laravel app (serve as the main app) will authenticate the current logged user (successfully login). It's some sort of a global authentication where I have single separate login laravel app to be used in login and once use has logged in to that laravel app then he can automatically logged to any other app that was bind to that login app. Any ideas, clues, suggestions, recommendations, help please?
Honestly, I know this may not sound helpful, but there are lots of different ways this could be done, so it largely comes down to what your requirements/constraints are.
Things to think about:
How are your sessions currently managed?
Does there need to be a seamless transition or is it acceptable to log out users when the new system is in place?
Do you have the time and resources to implement a future-proofed solution or are you looking for a quick fix?
Do you have a roadmap for future development that might influence your implementation now?
This list is by no means exhaustive!
The answer is hiding somewhere in those questions but it is difficult to propose a true solution without more information. Think through the problem and the solution should present itself.
We have a WHMCS installation and a multicraft installation and then the site itself has a login for the user's profile.
Basically what I'm looking to do is have it so if the user has a site account and they enter their login for WHMCS and multicraft basically tying their accounts together, (Real quick, I know how to process the logins for each of these systems individually so that's not my problem here) I would like to be able to have it so if they login to their site account, during the login process it also logs them into the other services in the background. I'm trying to figure out a good way to implement the "background" part of it. WHMCS has an API to validate the login but I've never worked with API's so I'm not sure yet how to exactly do that but I think I can manage that.
WHMCS API (For those interested): http://docs.whmcs.com/API:Validate_Login
What you're building is called single sign-on.
Basically, you have to tell multicraft that instead of looking at its own authentication system, call up on WHMCS to check if the user is already logged in there. The way it works with Facebook or Twitter is called OAuth: http://hueniverse.com/oauth/guide/workflow/ - I guess you should modify multicraft to support something similar. You can find libraries here: http://oauth.net/2/
There's a lib for WHMCS here: http://whmcsaddon.com/products/oauth/
Is there a Codeigniter authentication server that's available for use? Trying to get a multi-application service going similar to Basecamp and I don't want to reinvent the wheel. Alternatively, are there any respectable resources that deal with this kind of authentication?
Thanks!
You should be able to create a user db, and authentication library to do the job.
TankAuth maybe?
You can have 2 applications either seperately installed, or sharing a CI installation using the same library and authentication database. I'd keep everything else application specific, just share profile and login information.
Or, you can implement an OpenID service and have all of your CI applications connect via openid. This is the way StackOverflow does it. I'd google "codeigniter openid" to see what's available. here's a sampling:
http://thinkmoult.com/2009/02/22/use-codeigniter-openid-library-to-integrate-openid/
http://codeigniter.com/wiki/OpenID
Facebook connect offers good authentication possibilities. Also Google, Yahoo! and many other big sites offers similar posibilities.
If you mean that you want some form of 'register at one site get them all'-service, all you need to do is point the authentication to the same database on all sites.
Another posibility is making an authentication page then using cURL or AJAX to check authentication.