Category : laravel-passport

I’m using Laravel Passport to authenticate users with JWT tokens. I send the tokens to the frontend via cookies. I have a middleware that takes the value of the cookie and set it in the authorization header. <?php namespace AppHttpMiddleware; use Closure; use IlluminateAuthMiddlewareAuthenticate as Middleware; class Authenticate extends Middleware { public function handle($request, Closure ..

Read more

I’m currently having trouble getting Laravel Passport setup. In my case, I didnt use User as my model, instead I have ApiAccount. So when laravel passport added the oauth migrations, I changed all of mentions of user_id to api_account_id. Now i am having trouble adding a personal access client from running php artisan passport:install. The ..

Read more

So my authentication works with no issues. I just have various login cases where depending on a failure reason I want to display different message. I thought it’s extra trivial to do, but no matter what, Laravel ignores my changes. So inside findAndValidateForPassport I try to log user in (it works flawlessly) but when user ..

Read more

I can’t install passport in my laravel project. Whenever I run php artisan passport:install I get the following error: [previous exception] [object] (PDOException(code: 42P01): SQLSTATE[42P01]: Undefined table: 7 ERROR: relation "oauth_clients" does not exist LINE 1: insert into "oauth_clients" ("user_id", "name", "secret", "p… ^ at /var/www/webroot/ROOT/vendor/laravel/framework/src/Illuminate/Database/Connection.php:485) [stacktrace] #0 /var/www/webroot/ROOT/vendor/laravel/framework/src/Illuminate/Database/Connection.php(485): PDOStatement->execute() #1 /var/www/webroot/ROOT/vendor/laravel/framework/src/Illuminate/Database/Connection.php(685): IlluminateDatabaseConnection->IlluminateDatabase{closure}(‘insert into "oa…’, ..

Read more

I have a Laravel app where some routes are protected with the ‘client’ middleware from Laravel Passport (Example from the docs): Route::get(‘/orders’, function (Request $request) { … })->middleware(‘client’); When I need to explicitly check for the success of authentication in my code, I normally do this with: IlluminateSupportFacadesAuth::check(); However, this function appears to always return ..

Read more

i’m new with nuxt and i want to use nuxt auth, this my configuration in nuxt.config.js: auth: { strategies: { local: { token: { property: ‘data.success.data.access_token’, type: ‘Bearer’ }, user: { property: ‘data.success.data.user’, autoFetch: true }, endpoints: { login: {url: process.env.BASE_URL_API + ‘/authentication’, method: ‘post’}, logout: { url: process.env.BASE_URL_API + ‘/_revoke’, method: ‘post’ }, user: ..

Read more

Hello im trying to secure API with laravel passport, but always throws me 401 unauthorized. where am i making a mistake? Any help? Thank you. i added into User.php HasApiTokens, and uncomment ‘AppModel’ => ‘AppPoliciesModelPolicy’ and added to boot Passport:routes() in AutServiceProvider.php, in auth.php ‘api’ => [ ‘driver’ => ‘passport’,] in RegisterController.php protected function create(array ..

Read more

I have created a laravel project with three guards. Each guard has it’s own provider. For example users are being stored in users table, admins are being stored in admins table and mentors are being stored in mentors table. I am using Laravel passport for authentication. Here are my proviers and guards from config/auth.php ‘guards’ ..

Read more

im using laravel 8 with api passport im trying to access the api of my project but it seems to have a problem the PROBLEM: The ‘Access-Control-Allow-Origin’ header contains multiple values ‘*, *’, but only one is allowed. My Cors config ‘paths’ => [‘api/*’, ‘sanctum/csrf-cookie’], ‘allowed_methods’ => [‘*’], ‘allowed_origins’ => [‘*’], ‘allowed_origins_patterns’ => [], ‘allowed_headers’ ..

Read more

I have a web app whose api endpoints i want to test using Gatling. I have set up the Gatling successfully. I have run the engine successfully against the recorded simulation. A report is generated. However I notice that all the api endpoints in the report return KO meaning they failed. When I log the ..

Read more

Passport Version: v10.1.3 Laravel Version: v8.0.0 PHP Version: 7.4.16 Description: When multiple guards are being used for authentication and each guard has a different model provider, the model when implementing the HasApiTokens trait, the clients reaction method is returning clients that are not from it but from the other model because it does not have ..

Read more

it always return 401 unauthorized even I have an access token. In my local computer it is working fine, but in production server (production has private IP to private IP connection with the database server). I don’t know if the problem is in the config of the server. I already check the database connection, it ..

Read more

The login validation I use is not Laravel’s default. How do I customize Passport methods? The following code I use to validate with web middleware. $username = $request->username; $password = strtoupper(md5($request->password)); $system = env("CODE_SYSTEM", 12); $sql = "SELECT user.validate( ‘$system’ , ‘$username’, ‘$password’)"; $stmt = DB::select(DB::raw($sql)); $result = $stmt[0]->validation; if ($result == "ok") { $user ..

Read more

I am using Laravel 8 and after generating token I got "message": "Unauthenticated.". Accept is application/json Authorization is Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiI4IiwianRpIjoiNWEwZTMxMjU3YmU4OWM1YWQyMjcxZDZiMjBmNGRmZWEzMDk2ZTU2YWUyNmMxNjljZDQ5NmNhZjVhNjdlNmQ2OTFiMTAzMTdmYTAzNmJjOGYiLCJpYXQiOjE2MjQ4MDkwMTIsIm5iZiI6MTYyNDgwOTAxMiwiZXhwIjoxNjI3NDA2NDU3LCJzdWIiOiIiLCJzY29wZXMiOltdfQ.X5IQ3sb2TSYdzp9oEyn-CODL79DDE9ezUsv5jCDNsJSeJsbe3gTuzEeJ6ENIc8ZDGwOZ0-JCqIZuTOK39i7IYZ2Q4S4ctO0vp6DEw7HaDVa0bWpFO7bVC9d05rbBsZpzmidMixerwOgT1GAILBVTI_qKQyjdaKHV1m9qihU5AMQ2XCceq0m9RL24T2Pg4NV8xsOxkv3pl4TDCBfZ8MwdKBZ5Z0WTJAh6YFrKGSLhZOA0u9aSl6iuaJGAR_LblTdugjsmwkfijMzRR4wucaa67wbL6HF0eUpvPQ0rdoc1VgR4D_Y8nWfLfCOi1PNsitnc8-Qbr7t8ijLnKe0tDmJVvNxq49TNKnFv_y-EcumIOW1pzzQKvX1zWMS2yrsqlbhftN5dJWGbwA01qZpjJITyGW1C-VOEVG_Wpcjxlk7rd4vIghq4IiTzlUu3Mz4s7aLAtdyaNT0Mkv1aurG4L0hOmvrZkJaiiNtrGNcWBkU9yc9ISFUaFagszOnDo52YPnzu7CCDNk0ekUIWQwsJlA7Tcbib69JuL_XpD9fMcz0QD1BhHkCEdPna7rhtcT-xOto0QOL5YluHW7svwcSuYc5JcoLXwdLLFNlkyxFcbYIYjyOjc8ytMvYYZsar36waLL7boOiu5DyvjHDqnStBvJIHXAWSs-Y6DfGAVvTxOoqwEa0 In the form-data, I have grant_type is client_credentials client_id is 8 client_secret is mOu1oBuLHyExwTnRY9Noq9MvQdnbHkNKmPkdVyrz Sourc..

Read more

If i understand right, the CreateFreshApiToken-middleware uses a cookie-based authentication mechanism (https://laravel.com/docs/8.x/passport#consuming-your-api-with-javascript). Accordingly the use of csrf-protection makes sense. What exactly is the difference between using the CreateFreshApiToken-middleware or simply accessing my API through the web-middleware, since both seem to be stateful. In my scenario im working on a laravel-module (https://nwidart.com/laravel-modules/v6/introduction) which is supposed to ..

Read more