search

sfelix-martins / passport-multiauth

Add support to multi-authentication to Laravel Passport
MIT License
288 stars 51 forks source link

Auth::attempt() not working #109

Closed evansbusobozi closed 5 years ago

evansbusobozi commented 5 years ago

Hello, the auth::attempt() function is not working for me even when the user already exists in the database.

Here is my login function.

`public function login(Request $request) { $request->validate([ 'email' => 'required|string|email', 'password' => 'required|string', 'remember_me' => 'boolean' ]);

    $credentials = $request->only('email', 'password');

    if(!Auth::attempt($credentials)){
        return response()->json([
            'message' => 'Unauthorized'
        ], 401);
    }

    $rider = $request->rider();
    $tokenResult = $rider->createToken('Personal Access Token');
    $token = $tokenResult->token;

    if ($request->remember_me){
        $token->expires_at = Carbon::now()->addWeeks(1);
    }

    $token->save();
    return response()->json([
        'access_token' => $tokenResult->accessToken,
        'token_type' => 'Bearer',
        'expires_at' => Carbon::parse(
            $tokenResult->token->expires_at
        )->toDateTimeString()
    ]);
}`

Whenever I attempt to login a user, I get a message saying unauthorized.

aytaceminoglu commented 5 years ago

Hi answer is here

` use Illuminate\Contracts\Hashing\Hasher; use Illuminate\Foundation\Auth\User as Authenticatable;

class AuthenticateExample { protected $model;

protected $hasher;

public function __construct(Authenticatable $model, Hasher $hasher)
{
    $this->model = $model;
    $this->hasher = $hasher;
}

public function getEntityByCredentials($username, $password)
{
    if (method_exists($this->model, 'findForPassport')) {
        $user = (new $this->model)->findForPassport($username);
    } else {
        $user = (new $this->model)->where('email', $username)->first();
    }

    if (! $user) {
        return;
    } elseif (method_exists($user, 'validateForPassportPasswordGrant')) {
        if (! $user->validateForPassportPasswordGrant($password)) {
            return;
        }
    } elseif (! $this->hasher->check($password, $user->getAuthPassword())) {
        return;
    }

    return $user;
}

}

`

`
$entity = $this->authExample->getEntityByCredentials($username, $password);

  if (! $entity) {
      throw OAuthServerException::invalidCredentials();
  }

  $accessToken = $entity->createToken($name);

`

evansbusobozi commented 5 years ago

So @aytaceminoglu, how do I use this code in my project?

sfelix-martins commented 5 years ago

@Evanzsnr instead of use Auth::attempt() you will check the user credentials like on examples. If all is correct you can create a personal access token using the method createToken() from entity logged.

aytaceminoglu commented 5 years ago

Hi @Evanzsnr

My MultiAuth Controller:


namespace App\Http\Controllers;

use Illuminate\Support\Facades\Hash;

class MultiAuth
{
    protected $models;

    public function __construct($models)
    {
        $this->models = $models;
    }

    public function getEntityByCredentials($username, $password)
    {
        foreach ($this->models as $model) {
            if (method_exists($model, 'findForPassport')) {
                $user = (new $model)->findForPassport($username);
            } else {
                $user = (new $model)->where('username', $username)->first();
            }
            if($user) break;
        }

        //dd($user);

        if (! $user) {
            return;
        } elseif (method_exists($user, 'validateForPassportPasswordGrant')) {
            if (! $user->validateForPassportPasswordGrant($password)) {
                return;
            }
        } elseif (! Hash::check($password, $user->getAuthPassword())) {
            return;
        }

        return $user;
    }
}

And im calling like that in another controller:

        $multiAuth = new MultiAuth([StudentParent::class, Teacher::class]);
        $user = $multiAuth->getEntityByCredentials($username, $password);
sfelix-martins commented 5 years ago

@Evanzsnr here has good example how to implements it too

evansbusobozi commented 5 years ago

Thanks @sfelix-martins, let me try it out.