RTippin / messenger

Laravel messenger. A full messenger suite for your new / existing laravel app! Private and group threads between multiple models, with real-time messaging, reactions, attachments, calling, chat bots, and more!
https://tippindev.com
MIT License
417 stars 84 forks source link

Question: API #15

Closed ThcDelux3 closed 3 years ago

ThcDelux3 commented 3 years ago

Hey is the API Explorer all documentation of the API calls?

RTippin commented 3 years ago

Currently it is, as far as a listing of each route and their most updated payloads/responses. I do have older full markdown files HERE, but they are not kept up to date anymore, as I have a command that generates my json outputs for the explorer automatically. I am planning to list each route and explain in human terms a bit more about them (on the TODO).

As for viewing the current API explorer on my demo site, you can clone my messenger-demo instead to have a local/offline copy running on your own machine. After cloning, you can either fully install, or run php artisan download:docs and then the API explorer will load locally.

Let me know if you have any suggestions as well for how I should go about detailing the routes, as I'd love some input.

ThcDelux3 commented 3 years ago

The explorer + the docs are great :) (enough to get things working) quick question API authentication isn't implemented so far?

RTippin commented 3 years ago

@ThcDelux3 Documentation wise, due to the amount of routes / possible states I dealt with, I cheated and used my test suite to generate all of those API responses and such. I am planning to add more context to each route to better explain the purpose behind them (TODO).

Authentication wise, the package alone does not need to implement any "authentication" systems because you have full control to set the middleware in my routing config section. By default, web, auth, and messenger.provider are set as the middleware. My messenger.provider is rather simple...it takes the $request->user() and sets the active provider for my system for that request cycle. Messenger::setProvider($request->user());

Now as an example, in one app I work on, I use passport to authenticate both WEB and the MOBILE app API. My adjusted middleware looks as follows:

'routing' => [
    'api' => [
        'domain' => null,
        'prefix' => 'api/messenger',
        'middleware' => ['api', 'auth:api', 'messenger.provider:required'],
        'invite_api_middleware' => ['api', 'messenger.provider'],
    ],
    'assets' => [
        'domain' => null,
        'prefix' => 'messenger/assets',
        'middleware' => ['bindings', 'cache.headers:public, max-age=86400;'],
    ],
    'channels' => [
        'enabled' => true,
        'domain' => null,
        'prefix' => 'api',
        'middleware' => ['api', 'auth:api', 'messenger.provider:required'],
    ],
],

Now my mobile app simply sends the auth:bearer token, and the web app can use passports web cookie to easily authenticate api access for non-SPA apps (though a web SPA can of course use the regular token/header flow).

Let me know if that answered your question 😉

ThcDelux3 commented 3 years ago

Ok dove a little deeper into the Laravel API. I'm now able to Authenticate a user with laravel Sanctum on my SPA (nuxt.js). I'm using Fortify on the Laravel Side. How or where do I have to add the messenger.provider to the User? I'm still getting 401 (Unauthorized) for http://127.0.0.1:8000/api/messenger/friends

RTippin commented 3 years ago

If you are getting a 401, then in general that just means whatever you are using to authenticate is not working. My default middleware on my routing does just define web and auth, the messenger.provider is simple the last middleware call as it takes the authenticated user from the request to set as the active provider in my messenger for that request. I did recently update my config docs to show an example of my routing with middleware using sanctum:

Routing config

Now if you were properly authenticated using whatever auth driver you chose, but your User was not properly registered as a MessengerProvider, you would get a 403 : Messenger provider not set or compatible. error from my API.

Can you share/confirm your User model is properly registered into messenger, and the middleware you defined in my routing config?

ThcDelux3 commented 3 years ago

Ok, you're right changed from cookie-based Auth approach to token Auth approach, now everything works fine. Felling a little like an idiot sorry for wasting your time :/ it's just a little confusing working with API and Auth for the first time. I think I got the concepts now. Do you have a donation link?

RTippin commented 3 years ago

@ThcDelux3 I promise you are not wasting my time haha. I enjoy answering questions, especially on things I made. I definitely want to be sure my system can work out for as many as possible, and seeing what may slow one person down can help me improve my code or documentation 👍🏻 Definitely feel free to ask questions on here if you have them, or you can add me on discord Tippin#0001, just send a note so I know it is you adding me. I am easier to get ahold of on discord currently.

I actually do not have any donation links or sponsor system setup quite yet...though I suppose I should get on that. I do have CashApp $tipzy 😁

ThcDelux3 commented 3 years ago

Hey, sadly I don't have CashApp. Added you :) my name on Discord is ThcDelux3. So far so good. Next problem :/

I added the traits (Search and Messageable), the use (Messageable, Search), and the Contract MessengerProvider. No matter what I tried I still get an empty array as a response... Did I overread something?

Model User. php https://pastebin.com/mtdZN4Lb

RTippin commented 3 years ago

Solved by attaching messengers using command php artisan messenger:attach:messengers. For others, see : Messenger models