Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Laravel passport gives 401 Unauthenticated error

I'm using Laravel passport for API authentication, it works perfectly when I use it with one DB, but gives 401 when using multiple databases,

What I'm doing:

  • I have a multi-tenant DB, master DB have users, roles and all OAuth tables.
  • When I create a user with admin role it will create new DB with admin name, it will create sub DB with users, roles and all OAuth table. oauth_clients of sub DB will copy Password Grant Token and Personal Access Token from master DB and insert in sub DB, and also insert client_id in oauth_personal_access_clients.
  • I'm doing all the procedures which passport:install command does. (If I'm not missing something).

  • When I login with credentials from master DB it works perfectly, the real problem starts when I login with credentials from sub-database, I can get sub DB from a param client_code which I input with email,password while login.

  • It allows me login from sub DB but I get 401 Unauthenticated error, get Access token while login and I pass Authentication Header with Bearer on every request after login from Angular front.

  • Don't know what I'm missing here.

DBConnection Middleware

DBConnection middleware sets connection on every request after login,

public function handle($request, Closure $next)     {         if ( $request->method() != 'OPTIONS' ) {                         $this->access_code = $request->header('access-code');              if ( $this->access_code != '' && $this->access_code != 'sa'  ) {                 app('App\Http\Controllers\Controller')->setDB(AppHelper::DB_PREFIX.$this->access_code);             } else {                 app('App\Http\Controllers\Controller')->setDB(AppHelper::DB_DEFAULT);             }         }         return $next($request);     } 

DBConnection sets default DB in database.php dynamically, for that, I'm calling setDB method created on Controller.php

setDB Controller.php

public function setDB($database='') {       $config = app()->make('config');       $connections = $config->get('database.connections');       $default_connection = $connections[$config->get('database.default')];       $new_connection = $default_connection;       $new_connection['database'] = $database;       $config->set('database.connections.'.$database, $new_connection);       $config->set('database.default', $database);   } 

Is it possible to use passport with 2 different DB for same code?

Laravel 5.4 Passport 4.0 Angular 4.4 in front-end

like image 354
Nikhil Radadiya Avatar asked Dec 01 '17 13:12

Nikhil Radadiya


People also ask

What is Passport authentication in Laravel?

Laravel Passport is an OAuth 2.0 server implementation for API authentication using Laravel. Since tokens are generally used in API authentication, Laravel Passport provides an easy and secure way to implement token authorization on an OAuth 2.0 server.

Does Laravel Passport use JWT?

Passport uses JWT authentication as standard but also implements full OAuth 2.0 authorization.

How can I get Passport token in Laravel?

Requesting Tokens Once you have created a password grant client, you may request an access token by issuing a POST request to the /oauth/token route with the user's email address and password. Remember, this route is already registered by the Passport::routes method so there is no need to define it manually.


1 Answers

To answer your question: Yes you can!

In our middleware we do some like this:

config([   'database.connections.tenant.schema' => $tenant ]);  DB::connection('tenant')->statement("SET search_path = $tenant"); 

It really sounds to me that your search_path is not set up in properly. This would explain why you get a 401. Because Laravel Passport is searching in the wrong database in which it can't find the right token in your users table.

From PostgreSQL docs (https://www.postgresql.org/docs/9.1/static/runtime-config-client.html):

search_path (string)

This variable specifies the order in which schemas are searched when an object (table, data type, function, etc.) is referenced by a simple name with no schema specified. When there are objects of identical names in different schemas, the one found first in the search path is used. An object that is not in any of the schemas in the search path can only be referenced by specifying its containing schema with a qualified (dotted) name.

like image 88
tprj29 Avatar answered Sep 24 '22 16:09

tprj29