Home > Software design >  Laravel Common Api Routes for Different Authentication Guards
Laravel Common Api Routes for Different Authentication Guards

Time:08-06

I have several authentication guards on my app like below:

'api' => [
            'driver' => 'passport',
            'provider' => 'users',
            'hash' => false,
        ],

        'api-customer' => [
            'driver' => 'passport',
            'provider' => 'customers',
            'hash' => false,
        ],

        'api-manufacturer' => [
            'driver' => 'passport',
            'provider' => 'manufacturers',
            'hash' => false,
        ],

I have some common routes for api and api-manufacturer and I created my routes like below

Route::middleware('auth:api', 'verified')->group( function () {
    Route::post('bids/job/update-quote', 'BidController@updateOrCreateQuote');
}
Route::middleware('auth:api-manufacturer')->group(function () {
    Route::post('bids/job/update-quote', 'BidController@updateOrCreateQuote');
}

in this case only second route definition is working, I mean for api-manufacturer guard. I tried to add both middleware like middleware(['auth:api, auth:api-manufacturer']).... but it didn't work also. I think this checks for both auth guards..

How to do that in proper way.. I will need same approach while creating admin user..

CodePudding user response:

Your solution is checking one of two guards not both, like if one of the guards passed then it pass to the route.

you have two options:

  1. First: simplest, create a new route that redirects to the same controller method like:
Route::middleware('auth:api', 'verified')->group( function () {
    Route::post('bids/job/update-quote', 'BidController@updateOrCreateQuote');
}
Route::middleware('auth:api-manufacturer')->group(function () {
    Route::post('bids/job/manufacturer/update-quote', 'BidController@updateOrCreateQuote');
}
  1. Second: add a new middle ware that check if one of the two guard passed, then it pass to route, and implemented to the route:
public function handle($request, Closure $next, $guard = null)
{
    if (!Auth::guard('api')->check() && !Auth::guard('api-manufacturer')->check()) {
        return redirect('/login'); // or any un auth response 
    }

    return $next($request);
}

CodePudding user response:

The auth (Authenticate) middleware takes a list of possible guards to check. You can pass multiple guards to it and it will spin through them until one of them returns a user.

middleware('auth:api,api-manufacturer')

If a guard returns a user then it will also set that as the default guard.

Page link:https//www.codepudding.com/Softwaredesign/501456.html

Prev:OnItemClick in RecyclerView setting int and String (Image and text)
Next:How to abort when the number of rows in the file is less than the number of rows read in the target
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding