Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Model not signed in after authorization #985

Closed
elimentz opened this issue Mar 8, 2019 · 4 comments
Closed

Model not signed in after authorization #985

elimentz opened this issue Mar 8, 2019 · 4 comments

Comments

@elimentz
Copy link

elimentz commented Mar 8, 2019
edited
Loading

Project: Laravel 5.7, passport 7.2.0

I have a project where my customers have "Accounts", and employees of my customers can log in to the application using the "User" model. Even though users have their own logins, all data is linked to the account model.

User logins work normally, since it's pretty straightforward. The app also has an API however but the API is Account-specific, not User-specific. Each customer (so each Account) has a website that consumes the API. They also have one or more people working for them, who can log into my project (User model). For obvious reasons, the customer website should only retrieve the information linked to the Account, not those for a specific user. Meaning that I need to authenticate the account, and not the user.

In order to do this, I use Laravel passport as an OAuth server. I added the necessary traits to the Account model and set up the provider in the config:

// config/auth.php

return [

    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],

        'api' => [
            'driver' => 'passport',
            'provider' => 'accounts',
        ],
    ],

    'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model' => App\Models\User::class,
        ],

        'accounts' => [
            'driver' => 'eloquent',
            'model' => App\Models\Account::class,
        ],

        // 'users' => [
        //     'driver' => 'database',
        //     'table' => 'users',
        // ],
    ],
];
class Account extends Model {

    use Authenticatable, HasApiTokens;

    protected $table = 'accounts';

    public function users()
    {
        return $this->hasMany( User::class );
    }
}
class User extends Model implements AuthenticatableContract, AuthorizableContract, CanResetPasswordContract {

    use Authenticatable, Authorizable, CanResetPassword;

    protected $table = 'users';

    public function account()
    {
        return $this->belongsTo( Account::class );
    }
}

Now I set up the code as shown above, created the OAuth tables and generated the personal keys. When I use the access token as a "Bearer" API authentication method, the user is not authenticated. The correct UserProvider is loaded, the Bearer token is detected and decoded, the correct Account model is recovered from the database. But when I use the Auth facade to get the authenticated user (Auth::user()), it returns null. In short, even though the request is authenticated, no user has been signed in

How can I sort this out? What do I need to change in order to allow the app to authenticate Accounts using the API Bearer tokens?
@elimentz elimentz changed the title Model not signed in after authentication Model not signed in after authorization Mar 8, 2019
@driesvints
Copy link
Member

Hi there,

Looks like this is a question which can be asked on a support channel. Please only use this issue tracker for reporting bugs with the library. If you have a question on how to use functionality provided by this repo you can try one of the following channels:

@elimentz
Copy link
Author

elimentz commented Mar 8, 2019

While I agree with your assessment, I have to admit I am somewhat dismayed by the "close ticket and move on" mentality. I ask this question because this is a serious issue that I'm dealing with and I honestly have no idea how to solve it. To be more precise: nobody seems to. I came here as a last resort, having tried not one, not two but three of the suggestions you gave above: nobody seems to be able (or willing) to help me.

I don't doubt the commitment nor the willingness to help of the PHP (Laravel) community, I just think this is a very uncommon issue that not a lot of people know the answer to. Given all that, I don't think it's too much of a stretch to go and ask for help from the people who "wrote the book on the subject", as it were.

Again, I get it from your point of view: this is open source, you do this on your own time - I have packages of my own, I know what it's like. But on the other hand, this is clearly not a noobie question (e.g. "how do I install this package?") and I think it merits at least some assistance... But maybe that's just me.

@driesvints
Copy link
Member

@elimentz I think you need multi-auth which this library doesn't supports at the moment. This is currently being discussed here: #982

@elimentz
Copy link
Author

@driesvints Thanks, that actually helps out a lot.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@driesvints @elimentz