6

I'd like to know is it possible to extend the built-in authentication to use an external API to authenticate a user? I'm a Laravel newbie, so I'd appreciate your help. I'm making a custom app in Laravel 5.2 for my client, but I don't a direct access to their database server and I can only call their API to get users' details.

Thanks.

Kasta
  • 61
  • 3
  • In the past, I've built a custom authentication driver and user model which stores the user in the session, rather than linking to a database. This means that users can't interact with each other, and as soon as the session dies, that user "doesn't exist", but it worked well enough in situations where the application didn't need to store any stateful data itself. – samlev Jan 11 '16 at 14:34
  • Does the external API itself have any authentication mechanism (a la OAuth)? – Jeff Lambert Jan 11 '16 at 14:38
  • I still don't have full docs for their API, but OAuth is not available for sure. I believe I'll need to authenticate the user by JSON calls. @samlev Do you have some code examples that could help figure out a solution? – Kasta Jan 12 '16 at 09:57
  • This is something that I also want to achieve. The login form posts to a custom external Oauth2 Server, then when the bearer token is returned, I use it with internal controllers http requests... – BoqBoq Jun 19 '16 at 20:28

1 Answers1

1

If I understood correctly you want to log users from APIs like facebook, twitter or github for example ? If that's so you need to use a laravel package named Socialite, here is the link to download and use it : https://github.com/laravel/socialite

run on your command this :

composer require laravel/socialite

Next you need to tell laravel you want to use this package, so you need to add this in config/app.php :

'providers' => [
// Other service providers...

Laravel\Socialite\SocialiteServiceProvider::class,
],

and this is the aliases :

'Socialite' => Laravel\Socialite\Facades\Socialite::class,

Basically, you'll need to create an app on the developers site, i'll take facebook for this example.You need to go to this site : https://developers.facebook.com/, create an account and you'll get your app url and secret key. You'll use it on your .env and config/services files.

In your config/services file add this after stripe :

'facebook' => [
    'client_id' => env('FACEBOOK_ID'),
    'client_secret' => env('FACEBOOK_SECRET'),
    'redirect' => env('FACEBOOK_URL'),
],

And in your .env file :

FACEBOOK_ID=*your facebook id*
FACEBOOK_SECRET=*your facebook secret*
FACEBOOK_URL=http://yourwebsite.com/callback

Next you'll need a controller to handle the auth process, create something like SocialAuthController and put this in :

public function redirect()
{
    return Socialite::driver('facebook')->redirect();
}

public function callback() {
    $user = $this->findOrCreateFbUser(Socialite::driver('facebook')->user());


    session([
        'user' => $user
    ]);
    return redirect()->route('/');

}

public function logout() {

    session()->forget('user');

    return redirect()->route('home');
}

protected function findOrCreateFbUser($fbUser) {
    // the data you want to get from facebook
    $fbData = [
        'facebook_id'   => $fbUser->id,
        'avatar'        => $fbUser->avatar,
        'username'      => $fbUser->name,
        'email'         => $fbUser->email,
    ];

    $user = \App\User::where('facebook_id', $fbData['facebook_id'])->first();

    if(!$user) $user = \App\User::create($fbData);

    $user->update([
        'avatar' => $fbUser->avatar,
        'username' => $fbUser->name,
        'email' => $fbUser->email
    ]);


    return $user;
}

Of course you need to add a facebook_id field in your user database and model. In User.php :

protected $fillable = [
    'facebook_id',
    'username',
    'email',
    'avatar'

];

I know this solution isn't really dynamic as it is for only one api, i'm still pretty new at Laravel too and this is my first answer to a stackoverflowquestion, but this did the trick for me :) If I forgot something don't hesitate to tell me so i can update this answer..

I also suggest you follow Jeffrey Way's tutorial on social auth on the Laracasts website, it's very instructive and clear, i could manage it thanks to him !

ABCrafty
  • 278
  • 1
  • 3
  • 16