Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Laravel 4 custom Auth

First of all sorry about my english, I'll try to do my best.

Im new to Laravel, im trying to implement custom auth throught a SOAP WS, I declare new class that implement UserProviderInterface. I success on implement retrieveByCredentials and validateCredentials methods but since i dont have access to database or global users information i cant implement retrieveByID method. Is there any way to make custom Auth not based on users id's ?

I need:

- Login and validate user throught SOAP WS
- Store User Info returned by WS.
- Remember me functionality
- Secure routes based on logged user and level of access
- Logout

Implemented class:

 <?php
    namespace Spt\Common\Providers;
    use Illuminate\Auth\UserProviderInterface;
    use Illuminate\Auth\GenericUser;
    use Illuminate\Auth\UserInterface;

    class AuthUserProvider implements UserProviderInterface{
        private $user;

        public function __construct(){
            $this->user = null;
        }

        public function retrieveByID($identifier){
            return $this->user;
        }

        public function retrieveByCredentials(array $credentials){
            $client = new \SoapClient('webserviceurl');
            $res = $client->Validar_Cliente($credentials);
            $res = $res->Validar_ClienteResult;

            if($res->infoError->bError === true){
                return;
            }

            $res->id = $res->id_cliente;
            $user =  new GenericUser((array) $res);
            return $user;
        }

        public function validateCredentials(UserInterface $user, array $credentials){
             //Assumed that if WS returned a User is validated
             return true;
        }
    }

I think that re-implement UserProviderInterface its not the solution but i googled and not found other way

Any Idea?

like image 593
jmoreno Avatar asked Feb 27 '14 09:02

jmoreno


1 Answers

You're almost done, apart from the fact that private variable $user of AuthUserProvider doesn't survive the current http request. If you cannot "retrieve by id" from your web service, I guess the only way is to store the entire user in the session - Laravel itself stores the user's id in the session and the fact that it stores only the id (not the entire user) is one of the reasons why a retrieveByID method is needed.
The following is only to clarify and is untested.

class AuthUserProvider implements UserProviderInterface {

    public function retrieveByCredentials(array $credentials) {
        $client = new \SoapClient('webserviceurl');
        $res = $client->Validar_Cliente($credentials);
        $res = $res->Validar_ClienteResult;
        if($res->infoError->bError === true) {
            return;
        }
        $res->id = $res->id_cliente;

        Session::put('entireuser', $res);

        $user =  new GenericUser((array) $res);
        return $user;
    }


    public function retrieveByID($identifier) {

        $res = Session::get('entireuser');

        return new GenericUser((array) $res);
    }

//  ...

}

If you can't retrieve by id from your web service, I guess you cannot either retrieve by remember token, so it may be impossible for you to implement the "remember me" functionality, unless you store part of users data in a second database (which at that point could be used in place of the session above).

like image 154
matpop Avatar answered Nov 05 '22 16:11

matpop