Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

TheOn3's avatar

How to validate received login data via Socialite

So I am using Socialite as the only login/register system in my application. Here is how currently my login and register are handled in LoginController

public function handleCallback()
{
    $user = Socialite::with('provider')->user();

    $existingUsr = User::where('uid', $user->id)->first();

    if ($existingUsr) {
        Auth::login($existingUsr, TRUE);
    } else {
        $newUsr = new User();
        $newUsr->uid = $user->id;
        $newUsr->name = $user->name;
        $newUsr->email = $user->email;
        $newUsr->avatar = $user->avatar;
        $newUsr->save();

    }
    return redirect()->route('dashboard');
}

The problem I am encountering is that the API sometimes returns a null email address (because their user hasn't verified the email address). So I'd like to have a small validation before I attempt to submit the received data to my database. I'd like to use the template of default RegisterController.

class RegisterController extends Controller
{

    use RegistersUsers;

    protected $redirectTo = RouteServiceProvider::HOME;

    public function __construct()
    {
        $this->middleware('guest');
    }

    protected function validator(array $data)
    {
        return Validator::make($data, [
            'id' => ['required', 'string', 'max:255', 'unique:users'],
            'name' => ['required', 'string', 'max:255'],
            'email' => ['required', 'string', 'email', 'max:255'],
            'avatar' => ['string', 'max:255', 'url'],
        ]);
    }

    protected function create(array $data)
    {
        return User::create([
            'uid' => $data['id'],
            'name' => $data['name'],
            'email' => $data['email'],
            'avatar' => $data['avatar'],
        ]);
    }
}

I'd appreciate it if you could show me an example of how I can pass the received data in LoginController to the RegisterController and do the verification and registration there.

0 likes
1 reply
MichalOravec's avatar
public function handleCallback()
{
    $user = Socialite::driver('provider')->user();

    $existingUsr = User::where('uid', $user->getId())->first();

    if ($existingUsr) {
        Auth::login($existingUsr, TRUE);

        return redirect()->route('dashboard');
    } 

    if (! $user->getEmail()) {
        return redirect()->route('social-register', ['token' => $user->token]);
    }

    User::create([
        'uid' => $user->getId(),
        'name' => $user->getName(),
        'email' => $user->getEmail(),
        'avatar' => $user->getAvatar()
    ]);
    
    return redirect()->route('dashboard');
}

Use custom registration controller and there with token you can get the user

public function showRegistrationForm(Request $request, $token)
{
    $user = Socialite::driver('provider')->userFromToken($token);

    // other code similar to classic registration
}

public function register(Request $request, $token)
{
    $user = Socialite::driver('provider')->userFromToken($token);

    // other code similar to classic registration
}

Main idea is that you can retrieve same user by a token.

And just add logic to similar default laravel registration, where the user have to post an email.

Documentation: https://laravel.com/docs/7.x/socialite#retrieving-user-details

1 like

Please or to participate in this conversation.