17 May, 2022

Laravel 9: change table and fields for authentication and login

           ,      No comments   

 0

I have changed the table and the Laravel Breeze fields for authentication to some custom ones. It looks fine but in AuthenticatedSessionController.php while I get Auth::Check() == true when it executes return redirect()->intended(RouteServiceProvider::HOME); I get redirected to login page without any error message.

AuthenticatedSessionController.php

public function store(LoginRequest $request)
{
    $request->authenticate();

    $request->session()->regenerate();
    //Auth::Check() == true here I get true.

    return redirect()->intended(RouteServiceProvider::HOME);
}

I have only modified $user->getAuthPassword to return the new field for password and the protected $table variable (and fillables) in user model to show the new table.



Answer

0

Did you specify the protected $primaryKey if your custom table primary key is not 'id'. In my case, it redirected me to dashboard when I specify the $primaryKey.

Would like a php version of php 8.1 for a specific virtual website

           ,      No comments   

 

Answer

0

If using Debian/Ubuntu:

apt -y install software-properties-common
add-apt-repository ppa:ondrej/php
apt -y install php8.1

CentOS:

dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
dnf install dnf-utils http://rpms.remirepo.net/enterprise/remi-release-8.rpm

dnf remove php* -y
dnf module list reset php -y
dnf module enable php:remi-8.1
dnf install php

Laravel 9 - Passport custom api for Authorization

                No comments   

 In my application, I am using Passport for Authentication. I have created a Password grant client for generating access tokens for our mobile and web app.

Now I have to add a third-party client that can access some of our resources. For this, I created a client.

Now for a user that can authorize this third-party client for access the resources on behalf of him have to come to our website and login and then needs to authorize to get the authorization code. This I want to do in our own web app. For that, I need to create an API where as a request I will receive client_id, client_secret, grant_type, redirect_url, scopes, etc and return the authorization code.

But nowhere I see an option to create a custom API for generating the authorization code?

-- Edited

https://laravel.com/docs/9.x/passport#approving-the-request

As mentioned here Passport will automatically display a template to the user allowing them to approve or deny the authorization request

We have our own SPA, we can't use the template provided by Passport. Somehow we need to override this and create an API that our SPA can call for authoring or denying the authorization request.

After Login/Signup, Laravel returns "419 PAGE EXPIRED."

                No comments   

 

Answer

0

I hope you have already fixed this. But in case you didn't or someone else has the same problem.The answer should be to edit session.php in config file changing 'same_site' to null. Let me know if this helps.

Downloading 1000s of images using php , how to bypass blank images

                No comments   

 

 Answer

1

is what i have done the best method for what i'm trying to achieve ?

Answers to such kind of questions are generally based on your explanation of 'best'. Since you said you have very little knowledge of php, I just guess you want a simple approach, and the simplest approach I can find is:

file_put_contents($img, file_get_contents($url));

Notice that you should set allow_url_fopen = On and enable openssl (extension=openssl) in php.ini.

Here is a full example:

foreach ($espn_ar as $value) {
    $url = "https://a.espncdn.com/i/headshots/nfl/players/full/$value.png";
    $img = "images/$value.png";
    $content = file_get_contents($url);
    file_put_contents($img, $content);
}

when using the desktop app it doesn't download a blank image if the url path doesn't contain an image , however using the php method it does download a blank image if one of the url paths doesn't contain any image , so how can i add something to not download a blank png file , or only download files over 1kb , or delete all files 1kb or smaller after all files downlaoded, not sure what is best way to handle that.

Because I can't check all the URLs, I guess these blank images may be caused by 404 error, or the images are really blank. I'll check them all.

    $content = file_get_contents($url);
    
    # download failed
    if($content === false)
        continue;
    
    # 404 error
    if(strpos($http_response_header[0], '404 Not Found') !== false)
        continue;

    # size < 1kb
    if(strlen($content) < 1024)
        continue;

    file_put_contents($img, $content);

Order payment status check failing when waiting for payment status through a webhook

                No comments   

 

 Answers

0

Looks like your your do/while conditional checks the get_status() method's return value against un-prefixed strings "pending" and "failed", while the update_status() method in the second block of code is presumably setting the class variable for order status to stings that all include a "wc-" prefix (wc-failed, wc-processing, wc-completed etc).

Change $loopOrder->get_status() == "pending" to $loopOrder->get_status() == "wc-pending" and $loopOrder->get_status() == "failed" to $loopOrder->get_status() == "wc-failed" in your first block.

What would be a proper way to handle tokens in monolith application?

                No comments   

 

1 Answer

1

The users of your application never have to be mixed up / mistaken with your foreign API. You can and should provide you own mechanism (i.e. tokens) to authenticate any users. If users are authenticated the external API is used, else an error-message could be provided by your application.

As users also fill several different form it's quite possible that you save some user-data. If every user has own authentication credentials it's easy and much more secure to provide only the user's own data. If you use for every user the same authentication token in your own application you might get the situation that one user can see data from another user.

So see it like this:
You / your application is the user of the external API, therefore you need only one authenticqation token for it. Your application users use the external API as a service and as that you should provide it in your app. The data though that are provided to the service might differ from user to user.

Example payment application:
The API is always the same, you as developer get an API key, but the payments are for every user of your application differently. As developer you might never even able to see, store or track the user-data that are exchanged between the foreign service and the user, but your app serves as hub and provides perhaps also some products or services that are considered in any payments.

Meta

Popular Posts

Categories

Social Media Links

Blog Archive

Laravel News

Loading...