1

I'm building a Laravel 5.8 application to be the front-end to an external API written in Go. I POST a user/pass to the API which then responds with either HTTP/200 and a JSON Token (JWT) or an HTTP/401 to signal the credentials are invalid.

I would like to use Laravel's built-in auth mechanism (or anything which makes this work really) to be able to create pages and routes only for logged in users. It seems a lot of work to reinvent the wheel.

[TLDR] Basically I need some code which checks if the API returns an HTTP/200, stores the token somewhere (session/cookie [but not database]) and then provide's some way to easily (virtually) log users into the Laravel app. That way I can create pages for logged in users only.

So far I have done this:

APIUser class:

protected $attributes = [];

public function __construct($attributes)
{
    $this->attributes = $attributes;
}
public function __get($attribute)
{
    return $this->attributes[$attribute];
}
public function getKey()
{
    return $this->attributes['userId'];
}
/**
 * Get the name of the unique identifier for the user.
 *
 * @return string
 */
public function getAuthIdentifierName()
{
    return 'userId';
}
/**
 * Get the unique identifier for the user.
 *
 * @return mixed
 */
public function getAuthIdentifier()
{
    return $this->attributes['userId'];
}
/**
 * Get the password for the user.
 *
 * @return string
 */
public function getAuthPassword()
{
    return null;
}

public function getAuthIdentifierEmail()
{
    return $this->attributes['email'];
}

/**
 * Get the token value for the "remember me" session.
 *
 * @return string
 */
public function getRememberToken()
{
    return $this->attributes[$this->getRememberTokenName()];
}
/**
 * Set the token value for the "remember me" session.
 *
 * @param  string  $value
 * @return void
 */
public function setRememberToken($value)
{
    $this->attributes[$this->getRememberTokenName()] = $value;
}
/**
 * Get the column name for the "remember me" token.
 *
 * @return string
 */
public function getRememberTokenName()
{
}

public function getAttributes()
{
    return $this->attributes;
}

ApiUserProvider:

protected $model;
protected $modelUser;

public function __construct(Request $request)
{
    $this->model = APIUser::class;
}

public function fetchUser($credentials) {
    if ($credentials['email'] and $credentials['password']) {
        $email = $credentials['email'];
        $password = $credentials['password'];

        $client = new \GuzzleHttp\Client([
            'headers' => ['Content-Type' => 'application/json'],
        ]);

        $url = config('apilist.login');

        try {
            $response = $client->request('POST', $url, [
                'json' => [
                    'email' => $email,
                    'password' => sha1($password),
                ],
            ]);
        } catch (GuzzleException $e) {
            print_r($e->getResponse());
        }

        $array = json_decode($response->getBody()->getContents(), true);


        if($array["responseMessage"]["code"] == 200){

            $userInfo = $array["responseMessage"]["object"];

            return new $this->model($userInfo);

        } else {
            return $array["responseMessage"]["message"] ?: "Something went wrong. Please try again";
        }
    }
}

public function retrieveById($identifier) {
    return $this->modelUser;
}

/**
 * Retrieve a user by their unique identifier and "remember me" token.
 *
 * @param  mixed  $identifier
 * @param  string  $token
 * @return \Illuminate\Contracts\Auth\Authenticatable|null
 */
public function retrieveByToken($identifier, $token) {}

/**
 * Update the "remember me" token for the given user in storage.
 *
 * @param  \Illuminate\Contracts\Auth\Authenticatable  $user
 * @param  string  $token
 * @return void
 */
public function updateRememberToken(Authenticatable $user, $token){}

/**
 * Retrieve a user by the given credentials.
 *
 * @param  array  $credentials
 * @return \Illuminate\Contracts\Auth\Authenticatable|null
 */
public function retrieveByCredentials(array $credentials){
    $user = $this->fetchUser($credentials);

    return $user;
}

/**
 * Validate a user against the given credentials.
 *
 * @param  \Illuminate\Contracts\Auth\Authenticatable  $user
 * @param  array  $credentials
 * @return bool
 */
public function validateCredentials(Authenticatable $user, array $credentials){
    //return ($credentials['email'] == $user->getAuthIdentifierEmail());
    return true;
}

config/auth.php:

'providers' => [
        'users' => [
            'driver' => 'apiuserprovider',
        ],

LoginController:

public function login(Request $request){ 
$credentials = $request->only('email', 'password');

        if (Auth::attempt($credentials)) {
            // Authentication passed...
            return redirect()->intended('/');
        }
}

And in the login function, when I do:

dd($this->guard()->user());

it gives me user's information. Everything works fine, however, it does not login a user to the system. What is the problem?

Improve this question
0

1 Answer 1

Reset to default
2

Change public function retrieveById($identifier) function inside and retrieve all user information from API

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.