Level 35
@petrogromovo Run this command php php artisan passport:install and it will generate the client_id and client-secret for you.
Jan 4, 2020
4
Level 5
Register/login flow with passport in REST API
Hello, I make @vue/cli/axios 4.0.5 app with data reading from Laravel 6 Backend REST API with passport auth driver. I want to clarify register/login flow, as except this I will need also to use passport client toaken for oauth2 connection.
When in register method I create new user, like :
DB::beginTransaction();
$requestData= $request->all();
$newUser = new User();
$newUser->name= $requestData['name'];
$newUser->password= Hash::make($requestData['password']);
$newUser->status= 'A';
$newUser->email= $requestData['email'];
$newUser->save();
Have I also to create oauth_clients row with user_id created at rows above? like:
const data = {
name: 'Client Name',
‘user_id’ : $newUser.id, // CONNECT USER USER CREATED ABOVE
redirect: 'http://example.com/callback'
};
axios.post('/oauth/clients', data)
.then(response => {
console.log(response.data);
})
.catch (response => {
// List errors on response...
});
As I do not create new client in command line
For login I have to use this docs https://laravel.com/docs/6.x/passport#requesting-password-grant-tokens :
Requesting Tokens
Once you have created a password grant client, you may request an access token by issuing a POST request to the /oauth/token route with the user's email address and password. Remember, this route is already registered by the Passport::routes method so there is no need to define it manually. If the request is successful, you will receive an access_token and refresh_token in the JSON response from the server:
$http = new GuzzleHttp\Client;
$response = $http->post('http://your-app.com/oauth/token', [
'form_params' => [
'grant_type' => 'password',
'client_id' => 'client-id',
'client_secret' => 'client-secret',
'username' => '[email protected]',
'password' => 'my-password',
'scope' => '',
],
]);
return json_decode((string) $response->getBody(), true);
That is clear with username and password parameters, but what are client_id, client_secret parameters? have I before running
$response = $http->post('http://your-app.com/oauth/token'
to get oauth_clients(I need to create model for this table ) rows by user_id ?
"laravel/framework": "^6.2",
"laravel/passport": "^8.1",
Thanks!
Level 5
@prasadchinwal5, I have already run
php artisan passport:install
command creating 2 rows in oauth_clients table. And that is really what confuse me. I suppose that for any registered user in users table must be relative row in oauth_clients table related by user_id field. is it so ?
I looked several step by step manualls on youtube with passpord oauth2 authorization and in any command
php artisan passport:install
was run in console and token retrieved in Postman. That is ok for demo, but if many users would be resitered at site? I suppose any of them has 1 row in users table and relative row in oauth_clients table related by user_id field with unique secret key. is it so ?
Level 35
@petrogromovo Forgive me if I am wrong but I may have misunderstood the above comment.
The oauth_clients table would only store the values related to the client, in this case the Laravel application serving the API's.
The users have no role whatsoever to play in this. All users would have same client_id as they would be requesting resource from same client(Laravel App).
Level 67
@petrogromovo Watch this... Taylor actually wires two apps together with Passport...
https://laracasts.com/series/whats-new-in-laravel-5-3/episodes/13
25 likes
Please or to participate in this conversation.