How to give roles and permissions to externally authenticated users

@piljac1

Hey, that makes a lot of sense. I understand in theory what you're suggesting, but I'm unsure how to do the "override or copy the Auth0's Callback class and alter it to firstOrCreate or updateOrCreate a user with their Auth0 user ID" section of your answer. Do I just include a firstOrCreate function into the Callback class and ask it to make a new user in the user table with their attached Auth0 userID, so then they appear in the user table afterwards?

@Tchopa firstOrCreate and updateOrCreate are model methods provided by the Laravel framework (i.e. User::firstOrCreate(...)). I would just look at where the user is retrieved within the __invoke method of the Callback class and alter (by extending or copying the class) it to persist it in your database's users table.

@piljac1

Hey mate, thanks a lot for your help yesterday, I managed to figure it out. Only issue I'm having now is capturing the Auth0 user ID. I've attached a link to a screenshot of the session info I'm trying to capture data from. (https://imgur.com/a/COQMpAS).

Inside the Callback class I've included this line to try and capture the auth0_session_user -> "sub" as that is the Auth0 USER ID that matches their database.

$authID = $request->session('auth0_session_user')->get('sub');
        
        $newUser = User::firstOrCreate([
            'Auth0_ID' => $authID,
            'email' => $guard->user()->email,
            'first_name' => 'First Name',
            'last_name' => 'Last Name',
            ]);

However it captures everything but their "sub", any idea how I can capture that specific piece of session data?

Thanks

@Tchopa I'm not sure I understand what's going on there. Why don't you use the $user variable in their __invoke method ?

I'm talking about this section:

// Ensure we have a valid user:
$user = $guard->user();

if (null !== $user) {
    event(new \Illuminate\Auth\Events\Validated($guard::class, $user));

    $request->session()->regenerate();

    // Throw hookable event to allow custom application logic for successful logins:
    $event = new \Auth0\Laravel\Event\Stateful\AuthenticationSucceeded($user);
    event($event);
    $user = $event->getUser();

    // Apply any mutations to the user object:
    $guard->setUser($user);

    event(new \Illuminate\Auth\Events\Login($guard::class, $user, true));
    event(new \Illuminate\Auth\Events\Authenticated($guard::class, $user));
}

@piljac1

Understood. This is what I've got now.

        // Ensure we have a valid user:
        $user = $guard->user();
        

        if (null !== $user) {
            event(new \Illuminate\Auth\Events\Validated($guard::class, $user));

            $request->session()->regenerate();

            // Throw hookable event to allow custom application logic for successful logins:
            $event = new \Auth0\Laravel\Event\Stateful\AuthenticationSucceeded($user);
            event($event);
            $user = $event->getUser();

            // Apply any mutations to the user object:
            $guard->setUser($user);

            event(new \Illuminate\Auth\Events\Login($guard::class, $user, true));
            event(new \Illuminate\Auth\Events\Authenticated($guard::class, $user));
        
            $newUser = User::firstOrCreate([
            'Auth0_ID' => $user->id,
            'email' => $user->email,
            'first_name' => 'First Name',
            'last_name' => 'Last Name',
            ]);

Unfortunately the Auth0_user_id is still not being captured, not sure what its labelled as in the request?