sfelix-martins / passport-multiauth Goto Github PK
View Code? Open in Web Editor NEWAdd support to multi-authentication to Laravel Passport
License: MIT License
Add support to multi-authentication to Laravel Passport
License: MIT License
I get stuck when I need to use this part
// `api` guard on end of guards separated by comma
Route::group(['middleware' => ['api', 'auth:admin,api']], function () {
Route::get('/admin', function ($request) {
// Passing `api` guard to `$request->user()` method
// The instance of user authenticated (Admin or User in this case) will be returned
return $request->user('api');
});
});
If I need to to the Registration, like
Route::group(['middleware' => ['api', 'auth:crm_user'],
'prefix' => 'admin',
], function() {
Route::post('register', 'Api\Auth\RegisterController@register');
Route::post('login', 'Auth\LoginController@login');
});
I am lost....
It will be really nice to see an implementation with a frontend. Maybe somebody can share one.
Regards,
Nick
Thanks for the package now im able to get access token for different types of users. Now I'm on to my next hurdle. I hope you'd be able to help me out.
My question is. How would you add different scopes for different types of auth users in the controller? Or whats the best way of doing this
i have this in my AuthServiceProvider
public function boot()
{
$this->registerPolicies();
Passport::routes();
Passport::tokensExpireIn(Carbon::now()->addMinutes(30));
Passport::refreshTokensExpireIn(Carbon::now()->addDays(30));
Passport::enableImplicitGrant();
Passport::tokensCan([
'purchase-product' => 'Create a new transaction for a specific product',
'manage-products' => 'Create, read, update and delete products',
'purchase-service' => 'Create a new transaction for a specific service',
'manage-services' => 'Create, read, update, and delete services',
'manage-account' => 'Read your account data, id, name, email if verified. Admin does not have access to password. Modify your account data (email and password).',
'read-general' => 'Read general information like categories, purchased products, services, selling products, services, categories bought from sold from, your transactions (purchases and sales',
'user-management' => 'Admin use for managing different type of users in the system',
]);
Route::group(['middleware' => 'oauth.providers'], function () {
Passport::routes(function ($router) {
return $router->forAccessTokens();
});
});
}
Then I usually have something like so my say CustomerController
public function __construct(CustomerRepository $user)
{
parent::__construct();
$this->middleware('client.credentials')->only(['store', 'resend']);
$this->middleware('transform.input:' . UserTransformer::class)->only(['store', 'update']);
$this->middleware('scope:read-general')->only('show');
$this->middleware('auth:customer-api')->only('show');
$this->user = $user;
}
Then a different scope in my SellerController and another on my AdminController. how do i make the scope work for each Auth User?
Thanks alot
In my example project, I have three guard, users,partners,admins, but the thing is, If suppose i logged in a got a token of that particular user successfully, but the challenge with the same token I'm accessing other users? How to prevent this loop hole sir, I really need your help in this issue to fix asap
Hi Samuel,
currently I'm using your package to implement multi-auth passport. When I am using the middleware on my route like this:
Route::group(['middleware' => 'auth:customer'], function () {
Route::get('foo', function () {
return Auth::guard('customer')->user();
});
});
It returns error:
SQLSTATE[42S02]: Base table or view not found: 1146 Table 'vaff.users' doesn't exist (SQL: select * from
userswhere
id = 1 limit 1)
note: I'm not using Users table in my project.
I've already configured the providers and the guards.
guards:
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'users',
],
'customer' => [
'driver' => 'passport',
'provider' => 'customers',
],
],
provider:
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'customers' => [
'driver' => 'eloquent',
'model' => App\Models\Customer::class,
],
],
If I am not using the middleware, it can returns the customer model normally.
{
"status": "error",
"code": 0,
"message": "Array to string conversion",
"exception": "ErrorException: Array to string conversion in /vagrant/www/vendor/smartins/passport-multiauth/src/Guards/GuardChecker.php:54\nStack trace:\n#0 /vagrant/www/vendor/smartins/passport-multiauth/src/Guards/GuardChecker.php(54): Illuminate\Foundation\Bootstrap\HandleExceptions->handleError(8, 'Array to string...', '/vagrant/www/ve...', 54, Array)\n#1 /vagrant/www/vendor/smartins/passport-multiauth/src/Guards/GuardChecker.php(42): SMartins\PassportMultiauth\Guards\GuardChecker::defaultGuardProvider(Array)\n#2 /vagrant/www/vendor/laravel/framework/src/Illuminate/Support/Collection.php(1009): SMartins\PassportMultiauth\Guards\GuardChecker::SMartins\PassportMultiauth\Guards\{closure}(Array, 0)\n#3 /vagrant/www/vendor/smartins/passport-multiauth/src/Guards/GuardChecker.php(43): Illuminate\Support\Collection->mapWithKeys(Object(Closure))\n#4 /vagrant/www/vendor/smartins/passport-multiauth/src/Http/Middleware/MultiAuthenticate.php(124): SMartins\PassportMultiauth\Guards\GuardChecker::getGuardsProviders(Array)\n#5 /vagrant/www/vendor/smartins/passport-multiauth/src/Http/Middleware/MultiAuthenticate.php(82): SMartins\PassportMultiauth\Http\Middleware\MultiAuthenticate->authenticateTokenGuard(Object(SMartins\PassportMultiauth\Provider), Array)\n#6 /vagrant/www/infrastructure/Auth/Middleware/MultiTokenAccessChecker.php(43): SMartins\PassportMultiauth\Http\Middleware\MultiAuthenticate->handle(Object(Illuminate\Http\Request), Object(Closure), Array)\n#7 /vagrant/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Infrastructure\Auth\Middleware\MultiTokenAccessChecker->handle(Object(Illuminate\Http\Request), Object(Closure), 'admin')\n#8 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))\n#9 /vagrant/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(104): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))\n#10 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Router.php(667): Illuminate\Pipeline\Pipeline->then(Object(Closure))\n#11 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Router.php(642): Illuminate\Routing\Router->runRouteWithinStack(Object(Illuminate\Routing\Route), Object(Illuminate\Http\Request))\n#12 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Router.php(608): Illuminate\Routing\Router->runRoute(Object(Illuminate\Http\Request), Object(Illuminate\Routing\Route))\n#13 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Router.php(597): Illuminate\Routing\Router->dispatchToRoute(Object(Illuminate\Http\Request))\n#14 /vagrant/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(176): Illuminate\Routing\Router->dispatch(Object(Illuminate\Http\Request))\n#15 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(30): Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http\{closure}(Object(Illuminate\Http\Request))\n#16 /vagrant/www/vendor/barryvdh/laravel-cors/src/HandleCors.php(36): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))\n#17 /vagrant/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Barryvdh\Cors\HandleCors->handle(Object(Illuminate\Http\Request), Object(Closure))\n#18 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))\n#19 /vagrant/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(31): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))\n#20 /vagrant/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle(Object(Illuminate\Http\Request), Object(Closure))\n#21 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))\n#22 /vagrant/www/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(37): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))\n#23 /vagrant/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse->handle(Object(Illuminate\Http\Request), Object(Closure))\n#24 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))\n#25 /vagrant/www/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(59): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))\n#26 /vagrant/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Illuminate\Cookie\Middleware\EncryptCookies->handle(Object(Illuminate\Http\Request), Object(Closure))\n#27 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))\n#28 /vagrant/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/CheckForMaintenanceMode.php(62): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))\n#29 /vagrant/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode->handle(Object(Illuminate\Http\Request), Object(Closure))\n#30 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))\n#31 /vagrant/www/vendor/hyn/multi-tenant/src/Middleware/EagerIdentification.php(29): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))\n#32 /vagrant/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Hyn\Tenancy\Middleware\EagerIdentification->handle(Object(Illuminate\Http\Request), Object(Closure))\n#33 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))\n#34 /vagrant/www/vendor/hyn/multi-tenant/src/Middleware/HostnameActions.php(76): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))\n#35 /vagrant/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Hyn\Tenancy\Middleware\HostnameActions->handle(Object(Illuminate\Http\Request), Object(Closure))\n#36 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))\n#37 /vagrant/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(104): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))\n#38 /vagrant/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(151): Illuminate\Pipeline\Pipeline->then(Object(Closure))\n#39 /vagrant/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(116): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter(Object(Illuminate\Http\Request))\n#40 /vagrant/www/public/index.php(53): Illuminate\Foundation\Http\Kernel->handle(Object(Illuminate\Http\Request))\n#41 {main}",
"line": 54,
"file": "/vagrant/www/vendor/smartins/passport-multiauth/src/Guards/GuardChecker.php"
}
Token payload
{
"aud": "2",
[...]
"sub": "1",
"scopes": [],
"provider": "admins"
}
My solution: Change $guards to $guards[0]
public static function getGuardsProviders($guards) { return collect($guards[0])->mapWithKeys(function ($guard) { return [GuardChecker::defaultGuardProvider($guard) => $guard]; }); }
I send provider name with tokens and I have problem like on top. I found solution but I'm not sure it is good. I know, I shouldn't change files at package but I was searching a problem and discovered something like that. Someone have that same problem, and have better idea?
Am getting this error:
League\OAuth2\Server\Exception\OAuthServerException: The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. in file .../../vendor/league/oauth2-server/src/Exception/OAuthServerException.php on line 114
This is my login code - Was working well with passport.
public function login(Request $request)
{
request()->validate([
'email' => 'required|email|max:255',
'password' => 'required|max:255|min:6',
]);
$params =[
'grant_type' => 'password',
'client_id' => $this->client->id,
'client_secret' => $this->client->secret,
'username' => request('email'),
'password' => request('password'),
'provider' => 'users',
'scope' => '*',
];
$request->request->add($params);
// dd($request->all());
$proxy = Request::create('oauth/token','POST');
//dd($proxy);
return Route::dispatch($proxy);
}
Hi,
Im getting this error in my laravel app.
"ReflectionException
Class SMartins\PassportMultiauth\Http\Middleware\MultiAuthenticate does not exist"
When I checked in the vendor\smartins\passport-multiauth directory MultiAuthenticate.php is missing in the Middleware folder.
Im able to get this working by manually replacing the files with those files in package's github. I just want to ask if there is a way to solve this aside from manually copying files.
Thank you very much.
I'm using Password Grant Clients for my use case and therefore only want to create Password Grant Tokens for my Models. However when I do the following,
// Controller
$passportToken = $admin->createToken('Password Grant Token');
$passportToken->token->update(['expires_at' => Carbon::now()->addDays(5)]);
// api.php
Route::post('v1/adminprofile/{token}', 'AdminProfileController@store')->name('adminprofile.store')->middleware('multiauth:admin-api');
But I keep getting ERROR: Personal access client not found. Please create one. {"exception":"[object] (RuntimeException(code: 0): Personal access client not found. Please create one.
After setting up the package according to the instructions I get the following error:
Symfony\Component\Debug\Exception\FatalThrowableError: Too few arguments to function Illuminate\Auth\Middleware\Authenticate::authenticate(), 1 passed in /app/vendor/smartins/passport-multiauth/src/Http/Middleware/MultiAuthenticate.php on line 141 and exactly 2 expected in file /app/vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php on line 55
when using the middleware auth:api
(or with any guard).
It looks like in some recent version of Laravel, the authenticate method signature was changed to include the request (commit), in Illuminate\Auth\Middleware\Authenticate. This makes the attached middleware in this package incompatible with this version of Laravel.
Should be fixable by calling authenticate like this: $this->authenticate($request, $guards);
on line 66 in SMartins\PassportMultiauth\Http\Middleware\MultiAuthenticate
. Don't know if anything else has been changed that might affect this.
Running:
I get this error when i try to access the site after i implemented the package on my site
// If don't has any guard follow the flow
if (empty($guards)) {
return $this->authenticate($guards);
}
i fixed it by returning changing the method in MultiAuthenticate middleware class like so
// If don't has any guard follow the flow
if (empty($guards)) {
$this->authenticate($guards);
return $next($request);
}
maybe im doing something wrong.... but after that change, everything works perfectly
Hi I stack here please help
on this point you said choose the provider SMartins\PassportMultiauth\Providers\MultiauthServiceProvider
What do you mean choose the provider
Hello sir, thank you for this package.
But I seem to have problems with generating the personal access token. I looked up with other issues in which you provided some sample but it still does not work.
if the name of the model is like 'model_a' then it does not work there should not be any _ in model
I am facing issue with token on get detail on user.If i add token of same id it get user based on id...BUG
Hi Sir!
After setting up the package according to the instructions I get the following error when accessing the auth:admin middleware.
Too few arguments to function Illuminate\Routing\Router::{closure}(), 0 passed in /Users/markvilludo/Documents/Activity/MultiAuth/vendor/laravel/framework/src/Illuminate/Routing/Route.php on line 198 and exactly 1 expected.
Please help to fixed this issues. Thanks!
@sfelix-martins
how can i create revoke for token in your package
Thank you for make passport-multiauth.
It helps me a lot of works.
I can pass to take multi models.
but The problem is i can pass from both in auth:admin route.
If you have any solutions, i am appreciated let me know.
I just setup new laravel 5.5 project and tried to install this package and I get the following. I will paste it all in here.
What can I do to make it install.
composer require smartins/passport-multiauth
Using version ^3.0 for smartins/passport-multiauth
./composer.json has been updated
Loading composer repositories with package information
Updating dependencies (including require-dev)
Your requirements could not be resolved to an installable set of packages.
Problem 1
- Conclusion: remove laravel/framework v5.5.43
- Conclusion: don't install laravel/framework v5.5.43
- laravel/passport v5.0.0 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v5.0.1 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v5.0.2 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v5.0.3 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v6.0.0 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v6.0.1 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v6.0.2 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v6.0.3 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v6.0.4 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v6.0.5 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v6.0.6 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v6.0.7 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v7.0.0 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v7.0.1 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- don't install illuminate/http v5.6.0|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.1|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.10|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.11|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.12|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.13|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.14|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.15|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.16|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.17|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.19|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.2|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.20|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.21|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.22|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.23|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.24|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.25|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.26|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.27|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.28|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.29|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.3|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.30|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.31|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.32|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.33|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.34|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.35|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.36|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.37|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.38|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.4|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.5|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.6|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.7|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.8|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.9|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.7.0|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.7.1|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.7.2|don't install laravel/framework v5.5.43
- Installation request for laravel/framework (locked at v5.5.43, required as 5.5.*) -> satisfiable by laravel/framework[v5.5.43].
- Installation request for smartins/passport-multiauth ^3.0 -> satisfiable by smartins/passport-multiauth[v3.0.0].
- Conclusion: don't install paragonie/random_compat v9.99.99|install laravel/passport v5.0.0|install laravel/passport v5.0.1|install laravel/passport v5.0.2|install laravel/passport v5.0.3|install laravel/passport v6.0.0|install laravel/passport v6.0.1|install laravel/passport v6.0.2|install laravel/passport v6.0.3|install laravel/passport v6.0.4|install laravel/passport v6.0.5|install laravel/passport v6.0.6|install laravel/passport v6.0.7|install laravel/passport v7.0.0|install laravel/passport v7.0.1
- Conclusion: remove paragonie/random_compat v9.99.99|install laravel/passport v5.0.0|install laravel/passport v5.0.1|install laravel/passport v5.0.2|install laravel/passport v5.0.3|install laravel/passport v6.0.0|install laravel/passport v6.0.1|install laravel/passport v6.0.2|install laravel/passport v6.0.3|install laravel/passport v6.0.4|install laravel/passport v6.0.5|install laravel/passport v6.0.6|install laravel/passport v6.0.7|install laravel/passport v7.0.0|install laravel/passport v7.0.1
- smartins/passport-multiauth v3.0.0 requires laravel/passport ^3.0|^4.0|^5.0|^6.0|^7.0 -> satisfiable by laravel/passport[v3.0.0, v3.0.1, v3.0.2, v4.0.0, v4.0.1, v4.0.2, v4.0.3, v5.0.0, v5.0.1, v5.0.2, v5.0.3, v6.0.0, v6.0.1, v6.0.2, v6.0.3, v6.0.4, v6.0.5, v6.0.6, v6.0.7, v7.0.0, v7.0.1].
- laravel/passport v3.0.0 requires league/oauth2-server ^6.0 -> satisfiable by league/oauth2-server[6.0.0, 6.0.1, 6.0.2, 6.1.0, 6.1.1].
- laravel/passport v3.0.1 requires league/oauth2-server ^6.0 -> satisfiable by league/oauth2-server[6.0.0, 6.0.1, 6.0.2, 6.1.0, 6.1.1].
- laravel/passport v3.0.2 requires league/oauth2-server ^6.0 -> satisfiable by league/oauth2-server[6.0.0, 6.0.1, 6.0.2, 6.1.0, 6.1.1].
- laravel/passport v4.0.0 requires league/oauth2-server ^6.0 -> satisfiable by league/oauth2-server[6.0.0, 6.0.1, 6.0.2, 6.1.0, 6.1.1].
- laravel/passport v4.0.1 requires league/oauth2-server ^6.0 -> satisfiable by league/oauth2-server[6.0.0, 6.0.1, 6.0.2, 6.1.0, 6.1.1].
- laravel/passport v4.0.2 requires league/oauth2-server ^6.0 -> satisfiable by league/oauth2-server[6.0.0, 6.0.1, 6.0.2, 6.1.0, 6.1.1].
- laravel/passport v4.0.3 requires league/oauth2-server ^6.0 -> satisfiable by league/oauth2-server[6.0.0, 6.0.1, 6.0.2, 6.1.0, 6.1.1].
- league/oauth2-server 6.0.0 requires paragonie/random_compat ^2.0 -> satisfiable by paragonie/random_compat[v2.0.0, v2.0.1, v2.0.10, v2.0.11, v2.0.12, v2.0.13, v2.0.14, v2.0.15, v2.0.16, v2.0.17, v2.0.2, v2.0.3, v2.0.4, v2.0.5, v2.0.6, v2.0.7, v2.0.8, v2.0.9].
- league/oauth2-server 6.0.1 requires paragonie/random_compat ^2.0 -> satisfiable by paragonie/random_compat[v2.0.0, v2.0.1, v2.0.10, v2.0.11, v2.0.12, v2.0.13, v2.0.14, v2.0.15, v2.0.16, v2.0.17, v2.0.2, v2.0.3, v2.0.4, v2.0.5, v2.0.6, v2.0.7, v2.0.8, v2.0.9].
- league/oauth2-server 6.0.2 requires paragonie/random_compat ^2.0 -> satisfiable by paragonie/random_compat[v2.0.0, v2.0.1, v2.0.10, v2.0.11, v2.0.12, v2.0.13, v2.0.14, v2.0.15, v2.0.16, v2.0.17, v2.0.2, v2.0.3, v2.0.4, v2.0.5, v2.0.6, v2.0.7, v2.0.8, v2.0.9].
- league/oauth2-server 6.1.0 requires paragonie/random_compat ^2.0 -> satisfiable by paragonie/random_compat[v2.0.0, v2.0.1, v2.0.10, v2.0.11, v2.0.12, v2.0.13, v2.0.14, v2.0.15, v2.0.16, v2.0.17, v2.0.2, v2.0.3, v2.0.4, v2.0.5, v2.0.6, v2.0.7, v2.0.8, v2.0.9].
- league/oauth2-server 6.1.1 requires paragonie/random_compat ^2.0 -> satisfiable by paragonie/random_compat[v2.0.0, v2.0.1, v2.0.10, v2.0.11, v2.0.12, v2.0.13, v2.0.14, v2.0.15, v2.0.16, v2.0.17, v2.0.2, v2.0.3, v2.0.4, v2.0.5, v2.0.6, v2.0.7, v2.0.8, v2.0.9].
- Can only install one of: paragonie/random_compat[v2.0.0, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.1, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.10, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.11, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.12, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.13, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.14, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.15, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.16, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.17, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.2, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.3, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.4, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.5, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.6, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.7, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.8, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.9, v9.99.99].
- Installation request for paragonie/random_compat (locked at v9.99.99) -> satisfiable by paragonie/random_compat[v9.99.99].
Installation failed, reverting ./composer.json to its original content.
The package works fine as it is, but the issued token does work for both providers if they have a user with the same id.
I change the middleware from auth:admin_api
to auth:api
and on both, it returned user for their respected provider.
And that is a serious security issue.
Any idea how to prevent that?
Hi!
I would like to use passport-multiauth with CreateFreshApiToken class, so I can use my api with my javascript application.
'web' => [ ... \Laravel\Passport\Http\Middleware\CreateFreshApiToken::class ],
When I replace the basic auth class with the multiauth class in $routeMiddleware in Kernel.php, I get 401 Unauthorized error
//'auth' => \Illuminate\Auth\Middleware\Authenticate::class, 'auth' => \SMartins\PassportMultiauth\Http\Middleware\MultiAuthenticate::class,
Is there any possibility to make it work with multiauth?
When i run auth->check for each guard
"hospital-api" => true
"doctor-api" => true
"pharmacy-api" => true
"admin-api" => false
"patient-api" => true
I used: auth:admin and test with user authenticated with guard user and this pass the authorization.
I find the issue in ... /vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php : 56
if (empty($guards)) {
return $this->auth->authenticate();
}
This line return the authenticated user bypassing guard validation.
In ... /vendor/smartins/passport-multiauth/src/Http/Middleware/MultiAuthenticate.php : 59
// If don't has any guard follow the flow
if (empty($guards)) {
return $next($request);
}
If don't pass guard this follow the flow, else this must validate this guards...
I fix it overwritting authenticate method:
/**
* Determine if the user is logged in to any of the given guards.
*
* @param array $guards
* @return void
*
* @throws \Illuminate\Auth\AuthenticationException
*/
protected function authenticate(array $guards)
{
foreach ($guards as $guard) {
if ($this->auth->guard($guard)->check()) {
return $this->auth->shouldUse($guard);
}
}
throw new AuthenticationException('Unauthenticated.', $guards);
}
I am doing something wrong?
Hi Samuel,
My problem is that Auth::guard('admin')->attempt($credentials)
is not working. Error: Method attempt does not exist.
I couldn't find any solution anywhere.
Somebody from this post https://github.com/laravel/framework/issues/21194 says to use \Auth::setUser($token->user);
as an workaround, but he also say that I will have
to override register and all auth functions as well
....is getting complicated, I don't understand how to do that.
Can you please advice how this should be done maybe in a more simple way?
Thank you!
Nicolae
Error :
SQLSTATE[42703]: Undefined column: 7 ERROR: column "id" does not exist
LINE 1: ...ed_at", "updated_at") values ($1, $2, $3, $4) returning "id"
^ (SQL: insert into "oauth_access_token_providers" ("oauth_access_token_id", "provider", "created_at", "updated_at") values (6f4ddebe08a9deb4963de652797b8fefdd742862eba62b326a77cf61824ddca13bc8d966e30ec10c, users, 2017-11-09 13:14:03, 2017-11-09 13:14:03) returning "id")
Solution :
Add in SMartins\PassportMultiauth\Provider line:
protected $primaryKey = 'oauth_access_token_id';
When doing a request to any protected route, using, after succesull login
Route::group(['middleware' => 'auth:admins'], function(){ Route::get('customers', 'CustomerController@index'); });
will always return Unauthenticated.
This MultiAuth package was succesfull installed, and I am able to login to any user category I want, like Users or Admins.
From what I know in this expression "auth:admins", admins is the provider defined in auth.php.
If so, I don't understand why is still Unauthenticated when access_token from oauth/token is generated and sent in Header.
My experience with Authentication and access_token started with this project, so I don't have to many knowledge and I suppose my problem is because I don't know how to keep the access_token on the server side and check it again when is a new Request.
Frontend and Backend in my case are 2 separate projects.
For the moment, I am doing the Login (where is the oauth/token call). I return the response from oauth/token that have access_token and refresh_token with expiration date and set The Authentication Header with Beared on Frontend.
In this moment, Frontend has the access_token as header.
If I am doing a new request to Backend, the Request will have the access_token but the Response Headers will not heave it and I think this is the problem. Or not?
I hope my problem description is not too long and hard to understand as I really need to know haw to keep the access_token on Response and compare it on each new request with the access_token sent to Frontend.
Thank you!
Hi, after add code above:
Passport::routes();
Route::group(['middleware' => 'custom-provider'], function () {
Passport::routes(function ($router) {
return $router->forAccessTokens();
});
});`
At the terminal show me this error, when try execute any command:
[Symfony\Component\Debug\Exception\FatalThrowableError]
Class 'App\Providers\Route' not found
First of all thanks for this awesome package !
I seem to have an issue with client_credentials grant that look like this one #33.
When I try to authenticate a client using client_credentials I get an error from the AddCustomProvider rejecting my request because I did not specify a provider.
My request contains the requested parameters for a client_credentials:
grant_type: client_credentials
client_id: 1
client_secret: Vx0HRmHsc7jjc8teYdasrx10ajPUWDH4B90Elznd
The AddCustomProvider answers
The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed
If I specify a provider I can authenticate (but I shouldn't have to because I am not trying to authenticate a user).
If I unwrap the Passport::routes
in the AuthServiceProvider
I can authenticate my client without passing a provider but then the user authentication does not work anymore.
Could it be possible to check for the provider
param only in the context of an user authentication ?
"message": "Too few arguments to function Illuminate\Auth\Middleware\Authenticate::authenticate(), 1 passed in C:\laragon\www\phoenix\vendor\smartins\passport-multiauth\src\Http\Middleware\MultiAuthenticate.php on line 143 and exactly 2 expected",
It can be solved by these modifications:
function on the line 141 needs two parameters so it has to look like this:
$this->authenticate($request, $authGuards);
and the function on line 81 needs to be called like this:
$this->authenticateTokenGuard($request, $accessToken, $guards);
Can you fix this ASAP?
I have two auth providers: users
and admins
.
Let's say I used users
provider to retrieve access_token
and refresh_token
using password grant. Then I can use that refresh_token
to refresh the tokens as described here.
So even though I'm using a refresh_token
which was issued for a user
, if I change the provider param to admins
when refreshing the tokens, the new tokens I receive will be linked to an admin
instead. So as long as I have an 'admin' with the same id as a 'user' I can access the system as an admin through the user and vice-versa.
How can I prevent this?
Hi, i have a problem with this. I add the next lines to AuthServiceProvider:
Passport::tokensExpireIn(now()->addDays(15));
Passport::refreshTokensExpireIn(now()->addDays(30));
This doesn't work, how can i change expiration time ?
Thanks.
As the client credentials grant is used for machine to machine authentication, it does not have a provider by default. So I get an error while trying to obtain a token using client credentials grant.
This is the database exception I am getting
SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'provider' cannot be null (SQL: insert into `oauth_access_token_providers` (`oauth_access_token_id`, `provider`, `created_at`, `updated_at`) values (6fc58009ff4ad74ea68041147e3e9985a5a68e735beb5fcea4f831dc5f7d895eb6eca502fc9c6810, , 2018-07-10 11:33:08, 2018-07-10 11:33:08))
When I call an API route using a token I get proper response
However without access_token I'm being redirected to the Login Page
Here's my request with token
https://project.test/api/v1/de/user/
Authorization: myPersonalAccessToken
Content-Type: application/json
Accept: application/json
My Request Without Token
https://project.test/api/v1/de/user/
Content-Type: application/json
Accept: application/json
My api.php
Route::prefix("v1")->group(function () {
Route::post("de/login", "API\DeliveryExecutiveController@login");
Route::middleware('auth:de')->group(function () {
Route::get("de/user", "API\DeliveryExecutiveController@user");
});
});
"name": "laravel/framework",
"version": "v5.5.44",
"name": "smartins/passport-multiauth",
"version": "v3.0.0",
"name": "laravel/passport",
"version": "v4.0.3",
provider that does not exist is still works ,my code :
Route::group(['prefix' => 'data', 'middleware' => 'multiauth:api'], function ($route) {
$route->get('readData', 'ChannelFormDataController@readData');
});
and when I cahnge the middleware to a not exist provider , It still works ,and this is the problem .
Route::group(['prefix' => 'data', 'middleware' => 'multiauth:somethingxxx'], function ($route) {
$route->get('readData', 'ChannelFormDataController@readData');
});
the result is the same !
the action method as follow :
public function readData(Request $request)
{
return response()->json([auth()->user()]);
}
my auth.php as follow:
<?php
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => 'api',
'passwords' => 'users',
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session", "token"
|
*/
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'channel_users',
],
'api' => [
'driver' => 'passport',
'provider' => 'channel_users',
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'channel_users' => [
'driver' => 'eloquent',
'model' => App\Models\ChannelUser::class,
],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that the reset token should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'passwords' => [
'users' => [
'provider' => 'channel_users',
'table' => 'password_resets',
'expire' => 60,
],
],
];
when route has auth:{guard} middleware and {guard} has a session driver (not passport driver), Laravel crashes and the browser say TOO_MANY_DIRECTS. I am also using hesto\multi-auth
L5.7 and passport-multiauth v4.0.0
// 'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
'auth' => \SMartins\PassportMultiauth\Http\Middleware\MultiAuthenticate::class,
If I use normal 'auth' (\Illuminate\Auth\Middleware\Authenticate::class,), it is ok.
Hi.
The package is working perfectly, but I have an issue when using more than one guard:
If I use a token generated for a User that has the same id as an Admin,
Route::group(['middleware' => ['api', 'auth:admin,api']], function () { Route::get('/admin', function ($request) { return $request->user(); }); });
This returns the Admin instance.
Hi,
I am encountering strange issue with multiauth. I am using Laravel inside of docker and right after startup of the docker container everything seems to work as it should, however after few minutes strange things start to happen ๐ .
When I am trying to login through original Laravel User model I got this error:
Client error: POST localhost/oauth/token resulted in a 401 Unauthorized response:{\"error\":\"invalid_client\",\"message\":\"Client authentication failed\"}
What is pretty self-describing, it cannot match passport client with request, however everything is being set properly, because right after startup of docker it worked. Solution for this problem is to run php artisan config:clear
. After this command everything works fine so It looks like there is some problem with the config cache, I guess?
Another error related to this issue jumps when I am trying to login through my own added model called Gateway. The symptoms are similar to the issue above, after startup everything works fine and after few minutes this error occurs:
Server error: POST localhost/oauth/token resulted in a 500 Internal Server Error response:<!DOCTYPE html><!--League\\OAuth2\\Server\\Exception\\OAuthServerException: The request is missing a required parameter, (truncated...)"
Again, it is clear to me what it is talking about - it is missing provider parameter from the request, however it is present and was working right after startup. Again, after running of php artisan config:clear
everything seems to be working properly.
And my last observation regarding config cache issue is when after few minutes after startup I am trying to access protected endpoint by Bearer token retrieved right after startup. This is the error, please note that I shortened token stated in the error:
SQLSTATE[42S22]: Column not found: 1054 Unknown column 'api_token' in 'where clause' (SQL: select * from users where api_token = eyJ0eXAiOiJKV1QiLCJhb limit 1
Solution for this problem is again in command php artisan config:clear
All leads seem to be pointing into config cache related issue. Hard to say if it is caused by docker environment or not, however these are my tech specs:
Docker for Mac - 18.06.0-ce
Laravel - 5.7.13
Passport - 7.0.3
Multiauth - 4.0
Hello sfelix,
Thanks for making this amazing package, I have followed your usage about how implemented this package, and its work fine, after I realize, token that I generate for models User
can use for models Admin
too
On the last issue, you said to add header request Accept: application/json;
. Than I add it, but I've still got the same problem.
Any idea to fix this?
Thanks
while posting through post man with this data i got error
"Call to undefined method Illuminate\Database\Query\Builder::getAuthPassword()"
{ "grant_type" : "password", "client_id" : "3", "client_secret": "g6zrsKw7SCel0TraN6T60FV3iwWoRhu0nKu8hYp0", "username": "[email protected]", "password": "[email protected]", "provider" : "customers" }
hello, I'm following all the tutorial but why I always getting this error ?
{ "message": "Argument 2 passed to Illuminate\\Auth\\SessionGuard::__construct() must be an instance of Illuminate\\Contracts\\Auth\\UserProvider, null given, called in D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Auth\\AuthManager.php on line 123", "exception": "Symfony\\Component\\Debug\\Exception\\FatalThrowableError", "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Auth\\SessionGuard.php", "line": 97, "trace": [ { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Auth\\AuthManager.php", "line": 123, "function": "__construct", "class": "Illuminate\\Auth\\SessionGuard", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Auth\\AuthManager.php", "line": 94, "function": "createSessionDriver", "class": "Illuminate\\Auth\\AuthManager", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Auth\\AuthManager.php", "line": 68, "function": "resolve", "class": "Illuminate\\Auth\\AuthManager", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Auth\\AuthManager.php", "line": 54, "function": "guard", "class": "Illuminate\\Auth\\AuthManager", "type": "->" }, { "function": "Illuminate\\Auth\\{closure}", "class": "Illuminate\\Auth\\AuthManager", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Auth\\AuthServiceProvider.php", "line": 86, "function": "call_user_func" }, { "function": "Illuminate\\Auth\\{closure}", "class": "Illuminate\\Auth\\AuthServiceProvider", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Http\\Request.php", "line": 502, "function": "call_user_func" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Middleware\\ThrottleRequests.php", "line": 96, "function": "user", "class": "Illuminate\\Http\\Request", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Middleware\\ThrottleRequests.php", "line": 48, "function": "resolveRequestSignature", "class": "Illuminate\\Routing\\Middleware\\ThrottleRequests", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php", "line": 151, "function": "handle", "class": "Illuminate\\Routing\\Middleware\\ThrottleRequests", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Pipeline.php", "line": 53, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php", "line": 104, "function": "Illuminate\\Routing\\{closure}", "class": "Illuminate\\Routing\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php", "line": 681, "function": "then", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php", "line": 656, "function": "runRouteWithinStack", "class": "Illuminate\\Routing\\Router", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php", "line": 622, "function": "runRoute", "class": "Illuminate\\Routing\\Router", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php", "line": 611, "function": "dispatchToRoute", "class": "Illuminate\\Routing\\Router", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Kernel.php", "line": 176, "function": "dispatch", "class": "Illuminate\\Routing\\Router", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Pipeline.php", "line": 30, "function": "Illuminate\\Foundation\\Http\\{closure}", "class": "Illuminate\\Foundation\\Http\\Kernel", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\fideloper\\proxy\\src\\TrustProxies.php", "line": 57, "function": "Illuminate\\Routing\\{closure}", "class": "Illuminate\\Routing\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php", "line": 151, "function": "handle", "class": "Fideloper\\Proxy\\TrustProxies", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Pipeline.php", "line": 53, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest.php", "line": 31, "function": "Illuminate\\Routing\\{closure}", "class": "Illuminate\\Routing\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php", "line": 151, "function": "handle", "class": "Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Pipeline.php", "line": 53, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest.php", "line": 31, "function": "Illuminate\\Routing\\{closure}", "class": "Illuminate\\Routing\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php", "line": 151, "function": "handle", "class": "Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Pipeline.php", "line": 53, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize.php", "line": 27, "function": "Illuminate\\Routing\\{closure}", "class": "Illuminate\\Routing\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php", "line": 151, "function": "handle", "class": "Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Pipeline.php", "line": 53, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\CheckForMaintenanceMode.php", "line": 62, "function": "Illuminate\\Routing\\{closure}", "class": "Illuminate\\Routing\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php", "line": 151, "function": "handle", "class": "Illuminate\\Foundation\\Http\\Middleware\\CheckForMaintenanceMode", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Pipeline.php", "line": 53, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php", "line": 104, "function": "Illuminate\\Routing\\{closure}", "class": "Illuminate\\Routing\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Kernel.php", "line": 151, "function": "then", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Kernel.php", "line": 116, "function": "sendRequestThroughRouter", "class": "Illuminate\\Foundation\\Http\\Kernel", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\public\\index.php", "line": 55, "function": "handle", "class": "Illuminate\\Foundation\\Http\\Kernel", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\server.php", "line": 21, "function": "require_once" } ] }
When I publish the component with this command
php artisan vendor:publish --provider="SMartins\PassportMultiauth\Providers\MultiauthServiceProvider"
I get the following error
In AuthServiceProvider.php line 32:
Class 'App\Providers\Route' not found
I can't figure out what I did wrong.
If i try Auth::guard('user-api')->user(); I get a user with id 9, and if I try Auth::guard('admin-api')->user(); I get an admin with id 9. so wierd !!! I checked all the things and they were set correctly but with same token I get two different model instance!
I need to ignore migration
when i'm using laravel passport it's ignore migration by
Passport::ignoreMigrations();
I need function to ignore migration with this package
Hi @sfelix-martins ,
How do you authenticate a user from another table?
Like on my side I have User and MerchantAuth
Model.
To authenticates users, everything goes well, without any problem.
But I'm struggling to authenticate MerchantsAuth users, I tried to follow all the steps you have provided, but I can't see it working.
This what I got so far:
Guards
AuthController
`public function login(Request $request)
{
$request->validate([
'email' =>'required|email',
'password' =>'required',
'remember_me'=>'boolean'
]);
$credentials = $request->only('email','password');
if(!auth()->attempt($credentials)){
return response()->json([
'errors' =>[
'root' =>'Your email or password doesen\'t match with our records.'
]
],401);
}
$user = $request->user();
$tokenResult = $user->createToken('Personal Access Token');
$token = $tokenResult->token;
if($request->remember_me){
$token->expires_at = Carbon::now()->addWeeks(1);
}
$token->save();
return response()->json([
'data' =>[
'access_token' => $tokenResult->accessToken,
'token_type' => 'Bearer',
'expires_at' =>Carbon::parse(
$tokenResult->token->expires_at
)->toDateTimeString()
]
]);
}`
Postman Test
From what I can see it's still looking for users table and not be checking the merchant table,
So any help it would be appreciated, and just to mention that in this stage, I just want it to authenticate
Username and Password and not the entire OAuth process.
i have a type of users that have an email acting as username, and there is no password field, so how i can get access_token for this type of users
` $http = new \GuzzleHttp\Client();
$response = $http->post(url('oauth/token'), [
'form_params' => [
'grant_type' => 'password',
'client_id' => env("PASSPORT_KEY"),
'client_secret' => env("PASSPORT_SECRET"),
'username' => $email,
"provider" => "users"
],
]);
return json_decode($response->getBody());`
Hi,
I am experiencing severe security issue with version 4.0 . It doesnt appear in version 3.0
Problem is that after retrieval of access token I am able to pass through all of the defined auth guards. I got 2 types of models, however type 1 can go through auth guard 1 and 2 as well and vice versa for model of type 2.
As I have already mentioned, I am not experiencing this bug on version 3.0.
Problematic version combination is:
Laravel - 5.7.15
Passport - 7.0.3
Multiauth - 4.0
EDIT:
I am returning user instance by Auth::user()
as response and when I am accessing guard 1 with token from model 2, I am retrieving user from model 1 as response with id that is same as for model 2.
However when I am accessing guard 2 with model 2 I am getting right credentials for that models user. And when I am accessing guard 2 with model 1 I am getting credentials from user of model 1.
I've implemented this package but it seems to not work with personal access tokens. Tokens are being stored with the users provider regardless of the guard applied
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.