Comments (9)
kenny-lee-1992
commented on August 21, 2024
16
Hi ,
I customized createToken and PersonalAccessToken.
// Do not forgot register this model in your boot method of app service provider.
// Sanctum::usePersonalAccessTokenModel(PersonalAccessToken::class);
use Laravel\Sanctum\PersonalAccessToken as SanctumPersonalAccessToken;
class PersonalAccessToken extends SanctumPersonalAccessToken
{
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name',
'token',
'abilities',
'shop_id', // My customize field
];
}
And on the User model
public function createToken(string $name, $shopId, array $abilities = ['*'])
{
$token = $this->tokens()->create([
'name' => $name,
'token' => hash('sha256', $plainTextToken = Str::random(40)),
'abilities' => $abilities,
'shop_id' => $shopId,
]);
return new NewAccessToken($token, $token->getKey().'|'.$plainTextToken);
}
Or you can customize the createToken and findToken too :)
I hope it can help you,
from sanctum.
dillingham
commented on August 21, 2024
2
I was just using the tenant id as a vague example.
You’re right you can just attach the token to the tenant.
Mostly was just suggesting a way to add data to the token without having to update it after create.
With JWT you add data sometimes
$token = $user->makeToken('Name');
$token->account_id = 1;
$token->team_id = 2;
$token->save();In a model trait for example
$model->account_id = auth()->user()->accessToken->account_id;
$model->team_id = auth()->user()->accessToken->team_id;from sanctum.
kenny-lee-1992
commented on August 21, 2024
1
@Minhlong Did this work for you? How would a token holder read the 'shop_id' from the token?
The shop_id is used to create token. It does not use to validate the token :). You can refer below flow:
# \Laravel\Sanctum\PersonalAccessToken
/**
* Find the token instance matching the given token.
*
* @param string $token
* @return static|null
*/
public static function findToken($token)
{
if (strpos($token, '|') === false) {
return static::where('token', hash('sha256', $token))->first();
}
[$id, $token] = explode('|', $token, 2);
if ($instance = static::find($id)) {
return hash_equals($instance->token, hash('sha256', $token)) ? $instance : null;
}
}
from sanctum.
dillingham
commented on August 21, 2024
makeToken() is probably more laravel like though and it returns unsaved model
from sanctum.
driesvints
commented on August 21, 2024
You're mentioning a tenant ID. Isn't it just the case of adding the HasApiTokens trait to different tenant types? Do you need to query/purge per tenant ID? How would the data be saved?
from sanctum.
cja-github
commented on August 21, 2024
Hi. I need this. Has it been implemented?
from sanctum.
dan-lutd
commented on August 21, 2024
@Minhlong Did this work for you? How would a token holder read the 'shop_id' from the token?
from sanctum.
teclia
commented on August 21, 2024
Excelent! Thanks for posting. I used your example and it worked for me
from sanctum.
dan-lutd
commented on August 21, 2024
@Minhlong I see the shop_id is only added to the table via PersonalAccessToken, thanks
from sanctum.
Related Issues (20)
- Direct links to API routes HOT 1
- Migration file conflicts HOT 1
- Standalone tokens (without user model / tokenable_type relationship) HOT 1
- Update from 2.x to 3.x - isValidBearerToken() - ctype_digit() HOT 1
- SPA authentication leads to '400: bad request error' HOT 1
- Update to Laravel 11 causes 401 issues when using stateful domains HOT 1
- Issue with overriding default model HOT 1
- Could we have a more descriptive method on the request to access the model? HOT 2
- supportsToken is tied to a specific implementation detail HOT 7
- Unable to validate password using validation rules HOT 3
- Only in Sanctum 3 - Fix/unable to logout HOT 1
- Sanctum v3.3 - unable to logout HOT 1
- Sanctum should not change session config HOT 3
- Login succeeded, log out, then log in to another account error
- Handle JSON Response in guest Middleware - RedirectIfAuthenticated out of the box HOT 1
- Unauthenticated or infinite loop HOT 3
- Directly assign a guard to the sanctum
- Vendor publish creates new migration for personal_access_tokens even with already existing table HOT 2
- Issue with Auth ID Returning Incorrect User in Route HOT 1
- auth:sanctum middleware on logout not set user_id field null session HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sanctum.