Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

murilo's avatar
murilo
OP
1 year ago
Level 10

authenticate with laravel passport and get the abilities token scope

hello , I recently saw this Jeremy tutorial - https://laracasts.com/series/laravel-api-master-class/episodes/17

he created a ability permission that user can have , and when the user authenticates , so he get those abilities and bring that on the scope . like this -

https://github.com/laracasts/laravel-api-master-class/blob/episode_24/app/Http/Controllers/Api/AuthController.php

   public function login(LoginUserRequest $request) {
        $request->validated($request->all());

        if (!Auth::attempt($request->only('email', 'password'))) {
            return $this->error('Invalid credentials', 401);
        }

        $user = User::firstWhere('email', $request->email);

        return $this->ok(
            'Authenticated',
            [
                'token' => $user->createToken(
                    'API token for ' . $user->email,
                    Abilities::getAbilities($user),
                    now()->addMonth())->plainTextToken
            ]
            );
    }

but he is working with sanctun , I am working in my project with passport . I have this authentication -

  if (!Auth::guard('admin')->attempt($request->only('email', 'password'))) {
            return $this->error('Invalid credentials', 401);
        }

        $user = User::firstWhere('email', $request->email);

        $http = new Client;
        return  $http->post(config('services.passport.login'), [
            'form_params' => [
                'grant_type' => 'password',
                'client_id' => $this->client_id,
                'client_secret' => $this->client_secret,
                'username' => $request->email ,
                'password' => $request->password ,
                'scope'    => Abilities::getAbilities($user)            ]
         ]);

at my config -

  'admins' => [
            'driver' => 'passport',
            'provider' => 'admin_users',
            'hash' => false,
        ]

it gives this error -

   "message": "Method Laravel\\Passport\\Guards\\TokenGuard::attempt does not exist.",

because at config , 'driver' is 'passport' ( AND it is not a SESSION ). well , the way I found, to do that was -

	$user = $this->getUser($request->email, $request->password  );
   return  $http->post(config('services.passport.login'), [
            'form_params' => [
                'grant_type' => 'password',
                'client_id' => $this->client_id,
                'client_secret' => $this->client_secret,
                'username' => $request->email ,
                'password' => $request->password ,
                'scope'    => Abilities::getAbilities($user)            ]
         ]);

private function getUser($email, $password ) {
	$user = UserAdmin::where('email', $email)->first();
        if (!$user || ! Hash::check($request->password, $user->password)) {
           throw ValidationException::withMessages([
                'email' => ['The provided credentials are incorrect.'],
            ]);
        }
	return $user;
}

the problem here , is that the user can have many attempts and fail checks that he wants . he can make many try of wrong passwords , because the user will only start counting fail attempt when make - $http->post in Passport .

what wold be the best way to do that ?

0 likes
0 replies

Please or to participate in this conversation.