How to authenticate user without a DB in Laravel?

Question

I created a new project in Laravel that consumes all data from an API. For private data like a user profile, I need an access token to get the data.

Once I have an access token, how do I set the token as Auth::id() in Laravel? Or perhaps I can store the user profile as Auth::user() so that I can use @auth in a frontend blade file?

class CustomAuthController extends Controller
{
    public function index()
    {
        return view('login');
    }

    public function store(Request $request)
    {
        $request->validate([
            'phone' => 'required|numeric'
        ]);

        $data = [
            'phone' => $request->phone
        ];
        $codeSent = GeneralFunction::WebRequestPublicApi('first-login', $data, null, null, null, true);
        if($codeSent->status == "success")
        {
            return redirect('verify');
        } else {
            $errors = new MessageBag();
            $errors->add("phone", "Invalid phone number");
            return view('login')->withErrors($errors);
        }
    }

    public function showVerify()
    {
        return view('verify');
    }

    public function verify(Request $request)
    {
       try {
            $request->validate([
                'verify' => 'required|size:6'
            ]);
            $data = [
                'token_code' => $request->verify,
                'source' => 'web'
            ];
            $token = GeneralFunction::WebRequestPublicApi('verify-login', $data, null, null, null, true);
            if($token->status === "success")
            {
                $userData  = GeneralFunction::WebRequestPublicApi('membership', null, 'GET', null, null, true,  $token->results->access_token);

                if($userData->status !== "error")
                {
                    $user = (array) $userData->results[0];
                    $request->session()->put('token', $token->results->access_token);
                    Auth::attempt($user, false, false);

                    return redirect('/');
                }
            } else {
                $errors = new MessageBag();
                $errors->add("verify", "Invalid Token");
                return view('verify')->withErrors($errors);
            }
       } catch (Exception $e) {
            $errors = new MessageBag();
            $errors->add("verify", $e->getMessage());
            return view('verify')->withErrors($errors);
       }
    }
}

I tried using Auth::attempt, Auth::login(), and the other method, but all of these required a user table. My project does not have a database.

Answer 1

You can do something like following.

In the controller

if($auth_ok)
{
    session(['user' => ['key' => 'value', 'key2' => 'value2'] ]); // set session data
    return view('frontend');
}

In the view

$user = session('user', false);

@if(!$user) // if not logged in

do something

@else // logged in successfully

Welcome my user

@endif

Hope this helps.

Answer 2

i guess the best thing you need to do is to use sqlite and once you got login from your api create a new user from it or find if there is existing already and Auth::login($newUser);