Menu
I'm trying to get a multi-auth system working where Users can log in via the normal web portal, but a separate database of entities (named "robots" for example) can also log in via an API guard token driver. But no matter what I do, the setup I have is not directing my authentication guard to the correct Robot database and keeps trying to authenticate these requests as Users via tokens (which fails, because users don't have tokens).
Can someone help me find where I've gone wrong?
I've started by putting together a middleware group in Kernel.php:
'api' => [
'throttle:60,1',
'auth:api',
],
This uses settings in config/auth.php
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'robots',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'robots' => [
'driver' => 'eloquent',
'model' => App\Models\Robot::class,
],
],
The middleware gets called in routes.php
Route::group(['middleware' => 'api'], function () {
Route::get('api/request', 'API\RequestController@index');
});
It uses this model:
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Contracts\Auth\Authenticatable;
class Robots extends Authenticatable
{
protected $fillable = [
'serial_number','api_token',
];
protected $guard = 'Robots';
protected $hidden = [
'api_token',
];
}
Any ideas?
Update: on further inspection, it appears that most of the settings in auth.php are not applying properly - is there some way I can force these settings to take effect?
651
By default, web routes are configured to use the web guard and API routes are configured to use the api guard, and unless otherwise specified, Laravel will use the web guard by default. This is specified in your config/auth. php file and you are free to change this as needed.
Note: While Laravel ships with a simple, token based authentication guard, we strongly recommend you consider using Laravel Passport for robust, production applications that offer API authentication.
Auth::routes() is just a helper class that helps you generate all the routes required for user authentication. You can browse the code here https://github.com/laravel/framework/blob/5.3/src/Illuminate/Routing/Router.php instead.
Actual issue/solution:
Laravel has a separate, rarely mentioned cache that exists exclusively for its config files. Normal cache and class reset methods like composer dump-autoload and php artisan cache:clear do not affect this cache, which was leading to my confusing state of having none of the settings in my auth.php file take effect.
The correct way to clear this cache is to use the commands:
php artisan config:cache
php artisan config:clear
These resolved my issue.
83
In your config/auth.php you specify the provided model to be used for robots provider: 'model' => App\Models\Robot::class However your Robot class is defined as class Robots extends Authenticatable, which is a mismatch of the class name.
Rename your class to class Robot
42
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
