Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

OneSeventeen's avatar

Electron + Laravel + Passport + Oauth

I'm writing a suite of tools with a Laravel backend that pulls exclusively from a 3rd party API. It also authenticates end users against the 3rd party site (using OAuth 2), but I also have it create/authenticate a local Laravel user so I can leverage all of the Auth object's helpers.

I'm now looking into writing an electron app with Vue.js so I can deploy the app to staff without having to worry which browser they are using (and to enable use of local resources when it makes sense). Unfortunately, consuming the 3rd party's Oauth2 is confusing me a bit on the best course of action for authenticating my Electron app.

Here's my plan on paper:

  1. user clicks login on Electron app and a popup window goes to a login window on my Laravel App, which uses the 3rd party's Oauth middleware to log the user in on their website and redirects to the Laravel app's callback.
  2. My middleware then checks to see if that user exists locally and if so it logs them in manually (if not, it creates their local account and logs them in)
  3. I now have a local user, so I'm thinking I can somehow trigger Passport (still researching this) to generate the API token to pass to my electron app for the locally logged in user.
  4. Somehow I pass the the API token back to my electron app and proceed using passport like you normally would.

Here's where I am stuck:

I have no clue how to make the popup window in electron pass the variable back to the main window (to trigger a vuex commit and a few other things) and then close the popup, especially considering the contents of the popup will be an online resource, not a local resource from within the electron app.

I feel like this has got to be common, when you consider traditional social media logins, but I'm not sure how to implement that myself.

The more I think of it the more I think this will involve using cookies, but I'm not really sure how...

0 likes
4 replies
OneSeventeen's avatar

Minor Update: I can successfully login using my 3rd party app's OAuth2 client and then generate a passport access token for that user, but I'm still super lost for the following 2 things:

  1. How to transfer the client secret to my electron app's local storage (so once they are authenticated they don't have to re-authenticate in the desktop app for up to a year on that particular computer logged in as themselves).
  2. Figure out how to transfer that client secret in a private manner (to be honest, this all feels weird, like I could probably snatch that token and copy it to another computer if I got access to the machine).
OneSeventeen's avatar

Minor Update 2: Based on what I'm reading, it sounds like I need to host a local Node server with a callback page that my app calls and passes the data to (possibly using Guzzle on the PHP side?).

I'm new enough to electron that I think I'll need to watch some more videos to better understand this concept, since the article I read manually started the node server and saw what port it was running on, then added that port to their code. I wouldn't be surprised if that port is randomly generated so I imagine I've got a bit of learning to do before this all clicks into place.

I'll keep posting back here as I learn (because I'll inevitably search for this in 5 years when I decide to pick this project up again, and it will be nice to have my notes here). Feel free to post your experience or thoughts.

1 like
lara3896's avatar

@oneseventeen How'd you get on with this? I've an idea in my mind to try something similar. I'd like to build a simple Task/Time tracking desktop tool that logs in via the Company internal Laravel App. So any updates on progress or links to good resources would be great.

Thanks

n1ch0la5's avatar

For anyone looking for this answer like I was. My use case is an electron app that authenticates with laravel via passport. You would use one client (called a password client) for all users. Look for "Creating A Password Grant Client" in the docs. It's basically the same flow, but you will send a username and password with the oauth/token request. You can create one via the command line with "php artisan passport:client --password"

Please or to participate in this conversation.