Level 1
hope this question can help to other https://stackoverflow.com/questions/45250407/custom-laravel-passport-check
Jan 24, 2017
1
Level 1
Laravel passport, oauth scopes and roles and permissions
Hi! I am developing SPA in angular and backend API in laravel 5.3. I have integrated laravel passport for oauth.
I have to make roles and permissions impl using views on tables from other database which is maintained by other system. In this system user has 1 role. And role has self reference so there is hierarchical structure, for example:
- canSeeAnimals
- canSeeMammals (child of canSeeAnimals)
- canSeeWolf (child of canSeeMammals)
So I am thinking of following workflow but not sure how to implement it:
- Another system manage users, roles and permissions
- API server(under my control) has access to another system tables via views:
- user
- role
- v_role_level (in this table is defined parent child relationship between roles)
- Client app(angular) request resource from the API server
- API server load users data with roles and permissions and generate token with scope which is mapped to roles and permissions.
Point 4 is under the question. How I can manage to intercept/override token generation in order generate token with scope which depends on user roles and permissions?
Please or to participate in this conversation.