Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

pl4y312's avatar

Auth using API from other web

Hi,

I'm new to laravel and now trying to develop a Laravel 5 web with no user table. There is separate web and separate database to manage all my user data like info, role, permission, etc. Let's call it 'UserWeb'. In UserWeb, there is an API to check user credentials. I already make custom driver auth to make it happen. Here is my code :

use Illuminate\Contracts\Auth\Authenticatable as UserContract;
use Illuminate\Contracts\Auth\UserProvider as UserProviderInterface;
use Illuminate\Auth\GenericUser;
use Illuminate\Auth\UserInterface;

class SoacUserProvider implements UserProviderInterface {

    protected $model;

    public function __construct(UserContract $model)
    {
        $this->model = $model;
    }

    public function retrieveById($identifier)
    {
        return $this->dummyUser();  
    }

    public function retrieveByCredentials(array $credentials)
    {
        return $this->dummyUser();
    }

    public function validateCredentials(UserContract $user, array $credentials)
    {
        return true;
    }

   protected function dummyUser()
   {

        $credentials = [
            'email'     => 'abc@web.com',
            'password'  => 'password',
        ];

        $this->curll($credentials);
            
            $attributes = [
                'id'                => 'ffbbee27-03cf-4800-acd7-a6ebfc256658',
                'username'          => 'john.doe',
                'password'          => \Hash::make($credentials['password']),
                'name'              => 'John Doe',
                'remember_token'    => csrf_token(),
            ];
            return new GenericUser($attributes);
    }

    public function curll($credentials){
        $url = env('LOGIN_URL');
        $con = curl_init();

        \Crypt::setKey(env('LOGIN_APP_KEY'));

        $data_login = [
            'application_code'      => env('LOGIN_APP_CODE'),
            'application_secret'    => env('LOGIN_APP_SECRET'),
            'application_data'      => \Crypt::encrypt([
                'username' => $credentials['email'],
                'password' => $credentials['password']
            ])
        ];

        curl_setopt($con, CURLOPT_URL, $url);
        curl_setopt($con, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($con, CURLOPT_POST, 1);
        curl_setopt($con, CURLOPT_POSTFIELDS, $data_login);
        
        $result = json_decode(curl_exec($con));
        curl_close($con);
        return $result;
    }

    public function retrieveByToken($identifier, $token)
    {
        return new \Exception('not implemented');
    }

    public function updateRememberToken(UserContract $user, $token)
    {
        return new \Exception('not implemented');
    }

}

Sorry for long line of code. For that code, the curl just for testing only. The problem is, if I execute 'curll' function, laravel won't stored dummyUser to session, but it do otherwise. Any ideas why and how to make it possible with API?

Thanks in advance!

0 likes
0 replies

Please or to participate in this conversation.