I'm integrating Laravel with a 3rd party app on the same domain, which provides an api with a few endpoints. If I query the api with the session cookie I can receive back the user's information.
My question is how can I integrate it so that Auth::check()/Auth::user() for example queries that endpoint?
The API also provides endpoints like /users, so I was curious if I could some how make User::find() query this endpoint and return User model instances that can be used like regular Laravel models with relationships etc...
I've looked at Custom User Providers and Custom Guards per the docs but I'm still a bit confused as to how they work, and I'm unsure if using a custom user provider would even give me the functionality described above.
@roughpenguin If there’s some sort of single sign-on server you’re authenticating against, then you should be authorising against that server and getting user details. You should then use those details to create and authenticate a user in your application.
Think about authorising with Facebook. When you authorise you don’t send them a session token, nor do you query their users. You get information on the Facebook user and it’s up to you to create and authenticate a user in your application based on that data.
@martinbean Thanks for the reply. I'm authenticating against some 3rd party forum software that has a REST API included with it for querying things like users, threads, etc... The session token thing is just so if the user is logged into the forum, then they are "automatically" logged into the Laravel app as well since it's all hosted on the same domain and cookies are shared.
I don't mind the approach you suggested, but one problem I have with it is keeping information in sync. Forum data changes quite rapidly. A user can change their email, username, avatar, etc... How would I keep that in sync correctly?
