Facebook API Question posted in
The official documentation for the Facebook APIs can be found here.

how to check if user is authenticated with passport (get user from token using laravel-passport)

I am using Passport to log in users to a Laravel API endpoint, users get authenticated using their social accounts (google, facebook) using laravel-socialite package.

the workflow of logging users in and out works perfectly (generating tokens…Etc). The problem is I have a controller that should return data based on whether there is a user logged in or not.

I do intercept the Bearer token from the HTTP request but I couldn’t get the user using the token (I would use DB facade to select the user based on the token but I am actually looking whether there is a more clean way already implemented in Passport)

I also don’t want to use auth:api middleware as the controller should work and return data even if no user is logged in.

this is the api route:

Route::get("/articles/{tag?}", "ArticleController@get_tagged");

this is the logic I want the controller to have

public function get_tagged($tag = "", Request $request)
{
    if ($request->header("Authorization"))
        // return data related to the user
    else
        // return general data
}
Tags:

2

Answers


  1. 0

    Assuming that you set your api guard to passport, you can simply call if (Auth::guard('api')->check()) to check for an authenticated user:

    public function get_tagged($tag = "", Request $request)
{
    if (Auth::guard('api')->check()) {
        // Here you have access to $request->user() method that
        // contains the model of the currently authenticated user.
        //
        // Note that this method should only work if you call it
        // after an Auth::check(), because the user is set in the
        // request object by the auth component after a successful
        // authentication check/retrival
        return response()->json($request->user());
    }

    // alternative method
    if (($user = Auth::user()) !== null) {
        // Here you have your authenticated user model
        return response()->json($user);
    }

    // return general data
    return response('Unauthenticated user');
}

    This would trigger the Laravel authentication checks in the same way as auth:api guard, but won’t redirect the user away. In fact, the redirection is done by the Authenticate middleware (stored in vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php) upon the failure of the authentication checking.

    Beware that if you don’t specify the guard to use, Laravel will use the default guard setting in the config/auth.php file (usually set to web on a fresh Laravel installation).

    If you prefer to stick with the Auth facade/class you can as well use Auth::guard('api')->user() instead or the request object.

    Login or Signup to reply.
  2. 0

    thanks to @mdexp answer

    In my case I can resolve my problem with using

    if (Auth::guard('api')->check()) {
    $user = Auth::guard('api')->user();
}

    In my controller.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search