smartins/passport-multiauth

Add support to multi-auth on Laravel Passport

Tuesday, July 31, 2018
by sam.martins.dev
Repository
8 Watchers
67 Stars
3,481 Installations

PHP
1 Dependents
0 Suggesters
14 Forks
5 Open issues
16 Versions
63 % Grown

The README.md

Laravel Passport Multi-Auth

, _(*1)

Add multi-authentication support to Laravel Passport, _(*2)

Compatibility

Laravel Passport
^3.0
^4.0
^5.0
^6.0

Installing and configuring

Install using composer:

$ composer require smartins/passport-multiauth

If you are using a Laravel version less than 5.5 you need to add the provider on config/app.php:

    'providers' => [
        // ...
        SMartins\PassportMultiauth\Providers\MultiauthServiceProvider::class,
    ],

Migrate database to create oauth_access_token_providers table:

$ php artisan migrate

Add new provider in config/auth.php using a model that extends of Authenticatable class and use HasApiTokens trait.

Example:, _(*3)

Configure your model:


use Laravel\Passport\HasApiTokens;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;

class Admin extends Authenticatable
{
    use Notifiable, HasApiTokens;
}

And your config/auth.php providers:

    // ...

    'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model' => App\User::class,
        ],

        // ** New provider**
        'admins' => [
            'driver' => 'eloquent',
            'model' => App\Admin::class,
        ],
    ],

    // ...

Add a new guard in config/auth.php guards array using driver passport and the provider added above:

    // ...

    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],

        'api' => [
            'driver' => 'passport',
            'provider' => 'users',
        ],

        // ** New guard **
        'admin' => [
            'driver' => 'passport',
            'provider' => 'admins',
        ],
    ],

    // ...


class Kernel extends HttpKernel
{
    // ...

    /**
     * The application's route middleware.
     *
     * These middleware may be assigned to groups or used individually.
     *
     * @var array
     */
    protected $routeMiddleware = [
        // ...
        'oauth.providers' => \SMartins\PassportMultiauth\Http\Middleware\AddCustomProvider::class,
    ];

    // ...
}

Replace the middleware Authenticate on app/Http/Kernel $routeMiddleware attribute.


class Kernel extends HttpKernel
{
    // ...

    /**
     * The application's route middleware.
     *
     * These middleware may be assigned to groups or used individually.
     *
     * @var array
     */
    protected $routeMiddleware = [
        // 'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
        'auth' => \SMartins\PassportMultiauth\Http\Middleware\MultiAuthenticate::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
        'can' => \Illuminate\Auth\Middleware\Authorize::class,
        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'oauth.providers' => \SMartins\PassportMultiauth\Http\Middleware\AddCustomProvider::class,
        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
    ];

    // ...
}

Encapsulate the passport routes for access token with the registered middleware in AuthServiceProvider. This middleware will add the capability to Passport route oauth/token use the value of provider param on request:

namespace App\Providers;

use Route;
use Laravel\Passport\Passport;
use Illuminate\Support\Facades\Gate;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;

class AuthServiceProvider extends ServiceProvider
{
    // ...

    /**
     * Register any authentication / authorization services.
     *
     * @return void
     */
    public function boot()
    {
        $this->registerPolicies();

        Passport::routes();

        // Middleware `oauth.providers` middleware defined on $routeMiddleware above
        Route::group(['middleware' => 'oauth.providers'], function () {
            Passport::routes(function ($router) {
                return $router->forAccessTokens();
            });
        });
    }
    // ...
}

Optional: Publish migrations:, _(*4)

Just run the vendor:publish artisan command with package provider as parameter:, _(*5)

$ php artisan vendor:publish --provider="SMartins\PassportMultiauth\Providers\MultiauthServiceProvider"

Usage

Add the provider parameter in your request at /oauth/token:

POST /oauth/token HTTP/1.1
Host: localhost
Accept: application/json, text/plain, */*
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache

{
    "username":"user@domain.com",
    "password":"password",
    "grant_type" : "password",
    "client_id": "client-id",
    "client_secret" : "client-secret",
    "provider" : "admins"
}

You can pass your guards on auth middleware as you wish. Example:

Route::group(['middleware' => ['api', 'auth:admin']], function () {
    Route::get('/admin', function ($request) {
        // Get the logged admin instance
        return $request->user(); // You can use too `$request->user('admin')` passing the guard.
    });
});

The api guard use is equals the example with admin., _(*6)

You can pass many guards to auth middleware.

Route::group(['middleware' => ['api', 'auth:admin,api']], function () {
    Route::get('/admin', function ($request) {
        // The instance of user authenticated (Admin or User in this case) will be returned
        return $request->user();
    });
});

You can use too the Auth facade:, _(*7)

Auth::check();
Auth::user();

Refreshing tokens

Add the provider parameter in your request at /oauth/token:

POST /oauth/token HTTP/1.1
Host: localhost
Accept: application/json, text/plain, */*
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache

{
    "grant_type" : "refresh_token",
    "client_id": "client-id",
    "client_secret" : "client-secret",
    "refresh_token" : "refresh-token",
    "provider" : "admins"
}

Using scopes

Just use the scope and scopes middlewares from Laravel\Passport.

protected $routeMiddleware = [
    'scopes' => \Laravel\Passport\Http\Middleware\CheckScopes::class,
    'scope' => \Laravel\Passport\Http\Middleware\CheckForAnyScope::class,
];

Unit tests

Instead to use the Laravel\Passport\Passport::actingAs() method, use SMartins\PassportMultiauth\PassportMultiauth::actingAs(). The difference is that the actingAs from this package get the guard based on Authenticatable instance passed on first parameter and authenticate this user using your guard. On authenticated request (Using auth middleware from package - SMartins\PassportMultiauth\Http\Middleware\MultiAuthenticate) the guard is checked on Request to return the user or throws a Unauthenticated exception. E.g.:, _(*8)

use App\User;
use Tests\TestCase;
use SMartins\PassportMultiauth\PassportMultiauth;

class AuthTest extends TestCase
{
    public function fooTest()
    {
        $user = factory(User::class)->create();

        PassportMultiauth::actingAs($user);

        $this->json('GET', 'api/user');
    }

    public function withScopesTest()
    {
        $user = factory(User::class)->create();

        PassportMultiauth::actingAs($user, ['see-balance']);

        $this->json('GET', 'api/balance');
    }
}

Contributors

Based on renanwilian responses to Passport Multi-Auth issue., _(*9)

The Versions

31/07 2018

2.0.x-dev

2.0.9999999.9999999-dev

Add support to multi-auth on Laravel Passport

library passport-multiauth

Add support to multi-auth on Laravel Passport

smartins/passport-multiauth

The README.md

Laravel Passport Multi-Auth

Compatibility

Installing and configuring

Usage

Refreshing tokens

Using scopes

Unit tests

Contributors

The Versions

2.0.x-dev

The Requires

The Development Requires

by Samuel Martins

v2.0.2

The Requires

The Development Requires

by Samuel Martins

dev-hotfix-empty-guards-auth

The Requires

The Development Requires

by Samuel Martins

v2.0.1

The Requires

The Development Requires

by Samuel Martins

dev-master

The Requires

The Development Requires

by Samuel Martins

v2.0.0

The Requires

The Development Requires

by Samuel Martins

dev-new-request-facade

The Requires

The Development Requires

by Samuel Martins

v1.1.0

The Requires

The Development Requires

by Samuel Martins

v1.0.1

The Requires

The Development Requires

by Samuel Martins

dev-analysis-zGo14g

The Requires

The Development Requires

by Samuel Martins

v1.0.0

The Requires

The Development Requires

by Samuel Martins

dev-new-unit-tests

The Requires

The Development Requires

by Samuel Martins

dev-analysis-zeKw1a

The Requires

by Samuel Martins

v0.1.2

The Requires

by Samuel Martins

v0.1.1

The Requires

by Samuel Martins

v0.1.0

The Requires

by Samuel Martins