Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

AngularJS + Laravel 5 Authentication

Tags:

authentication

php

angularjs

laravel

While building my SPA with angularJS, i came to the point where i want to implement user authentication in my angularJS website. However, i have no idea where to start and what the best practices are.

Basically i have a sure that can have one or more roles. I've looked for examples so i could get a basic understanding of how to handle this properly, but so far i've only came across examples that are very simple or are not so secure (like this).

So my question is, how to I implement a authentication service using REST (or custom API urls) to authenticate a user, and then display the user information on the page using angularJS, while also ensuring best security coverage by using (for example) the csrf token from Laravel?

Thanks in advance, Nick van der Meij

like image 427
BattleOn Avatar asked Feb 23 '15 15:02

BattleOn

2 Answers

I'm making an AngularJS app and an API RESTful made with Laravel 5 for the backend, and my approach for the authentication was:

  1. Installed jwt-auth. Basically extends the Auth model of Laravel adding authorization with tokens.
  2. Added simple role package to laravel. I used permiso. Has multiple roles/user and permissions/role. Very simple.
  3. Added jStorage to frontend. (you can use AngularJS module instead).

So the steps are:

  1. Frontend send user credentials (email and pass).
  2. Server checks, jwt-auth makes a token to that user and send it backs.
  3. Frontend save the token on the browser storage (no csrf needed with this approach).
  4. All next calls to the API are made with Authorization: Bearer header (or with ?token=... )
like image 127
neoroger Avatar answered Oct 05 '22 12:10

neoroger

I like the same approach that @neoroger takes using JSON Web Tokens with jwt-auth. I used the Satellizer package for storing the token on the front end and to send it along with each request to the API afterwards.

I put together a couple tutorials that show how to implement the two packages if you are interested:

https://scotch.io/tutorials/token-based-authentication-for-angularjs-and-laravel-apps

http://ryanchenkie.com/token-based-authentication-for-angularjs-and-laravel-apps/

like image 22
cienki Avatar answered Oct 05 '22 14:10

cienki
Sign in to Comment

Related questions

How to filter an associative arrays using array of keys in PHP?
filter_var for password
PHP Pass Data with Redirect
Auto complete for a variable inside a foreach
Multiple calls to $model->save() in Magento over-writing data
jQuery Validator : Validate AlphaNumeric + Space and Dash
Warning: array_push() expects parameter 1 to be array
Loop OBJECT and obtain both key and value
In Yii framework how can I Combine columns and show as display string in dropdownlist
PDO PHP insert into DB from an associative array
PHP DOMDocument is not rendering Unicode Characters Properly
How to create schema table datatype longtext?
Laravel class not found with one-to-many
PHP Curl: SSL routines:SSL23_GET_SERVER_HELLO:reason(1112)
Laravel error in /bootstrap/start.php: \Illuminate\Foundation\Application not found
for loop from A - Z with PHP [duplicate]
MySQL: Is it possible to shorten error messages?
Monolog, how to log PHP array into console?
submit a disabled input in a form could not get value
MAMP with Laravel Unix Socket

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!