CODEWITHSUNDEEP
phplaravelapiaccess-tokenlaravel-passport
Nicox
Nicox

Reputation: 83

Laravel Passport between two Laravel projects

I Have one big struggle.

I'm trying to create two Laravel websites. One for frontend, and one for backend. The backend will provide API generated information to the frontend. The only one thing that is hard for me is to create the Auth and the Guard for the frontend. There are a lot of tutorials in the web for how to make the system on one Laravel project, but not in two, and on different hostings.

I set the backend by this documentation: https://laravel.com/docs/5.5/passport I test it out and everything looks fine.

The problem is comping with the frontend. I want to get rid of the database authentication and use the passport's tokens :/

Does anyone have some projects or tutorials, that i can look at? Thanks!

Upvotes: 1

Views: 2957

Answers (1)

rkj
rkj

Reputation: 8287

Create a users(id, created_at, updated_at) table and a User model in frontend 

use Illuminate\Foundation\Auth\User as Authenticatable;
use App\Models\Helpers\ModelHelper;
use Auth;

class User extends Authenticatable
{        
    //here $userData we will get from backend server

    public static function createAuth($userData){
        $user = new User();
        $user->name = $userData['name'];
        //all other fields

        Auth::login($user);

        return $user;
    }
}

After this create a login action in frontend and also create a login at backend server and then create personal access token at backend server and return it as json response

Login action at Backend

public function login(Request $request)
{
    $credentials = $request->only('email', 'password');

    if(Auth::attempt($credentials)){ 
        $user = Auth::user(); 
        $success['token'] =  $user->createToken('MyApp')-> accessToken; 
        $success['user'] = $user;
        return response()->json(['success' => $success], $this-> successStatus); 
    } 
    else{ 
        return response()->json(['error'=>'Unauthorised'], 401); 
    } 
}

Frontend Login action

public function login(Request $request)
{
      $http = new GuzzleHttp\Client; 

      $response = $http->post('http://backend.local/api/login', [
            'headers' => [
                'Accept' => 'application/json',
            ],
            'form_params' => [
                'email' => '[email protected]', 
                'password' => '123', 
            ]
        ]);

        $info = json_decode((string) $response->getBody(), true);

        $request->session()->put('authUser', $info['success']['user']); 

        \App\User::createAuth($info['success']['user']);

        return redirect('/');
}

Create a custom middleware RemoteAuth

namespace App\Http\Middleware;

use Illuminate\Auth\AuthenticationException;
use Closure;
use Auth;
use App\User;

class RemoteAuth
{
    public function handle($request, Closure $next)
    {
        if (!empty(session('authUser'))) {
            $user = $request->session()->get('authUser');

            User::createAuth($user);

            return $next($request);
        }

        return redirect('/login');
    }
}

Register this middleware in Kernel.php in protected $routeMiddleware section.

'remoteAuth' => \App\Http\Middleware\RemoteAuth::class

Now use this remoteAuth middleware in Route

Route::middleware('remoteAuth')->get('/test', function (Request $request) { 
    return 'Protected page'; 
});

Hope it will give you some idea.

Upvotes: 2

Related Questions