audunru/social-accounts

Add social login to your Laravel app

Maintainers

Details

github.com/audunru/social-accounts

Source

Issues

Installs: 1 007

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 1

v6.0.0 2024-04-07 10:01 UTC

Requires

Requires (Dev)

MIT d9840d2e423ec64b2c112483a472067a33f5cafb

  • Audun Rundberg <audun.woop@rundberg.no>

oauthlaravelsocialite

This package is auto-updated.

Last update: 2024-04-07 10:01:43 UTC

README

Build Status Coverage Status StyleCI

Add social login (Google, Facebook, and others) to your Laravel app.

This package uses Laravel Socialite to authenticate users, and takes care of storing the provider (eg. Google) and provider user ID (eg. 123456789) as a SocialAccount (a related model of the User model).

Your users can add one or more social logins to their account. It's up to you if you want them to sign up with a normal username and password first, or if they can sign up just by signing in with a provider.

The package also has a JSON API so you can display which social accounts a user has logged in with, and allow them to remove them.

Installation

Step 1: Install with Composer

composer require audunru/social-accounts

Step 2: Make changes to your code

First, you must add the HasSocialAccounts trait to your User model:

use audunru\SocialAccounts\Traits\HasSocialAccounts;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use HasSocialAccounts;
    /**
     * Get user who has logged in with Google account ID 123456789
     * $user = User::findBySocialAccount('google', '123456789')
     *
     * Retrieve all social accounts belonging to $user
     * $user->socialAccounts
     */
}

Second, you need to specify which providers you are going to support. Publish the configuration, and open up config/social-accounts.php and add them to the array.

php artisan vendor:publish --tag=social-accounts-config

There is an array called "providers" where you can specify the ones you want:

'providers' => [
    // 'bitbucket',
    // 'facebook',
    // 'github',
    // 'gitlab',
    'google',
    // 'linkedin',
    // 'twitter',
],

Third, you need to add credentials for your supported social login providers to config/services.php. To login with Google, you would add the following to config/services.php:

'google' => [
    'client_id' => env('GOOGLE_CLIENT_ID'), // Get your client ID and secret from https://console.developers.google.com
    'client_secret' => env('GOOGLE_CLIENT_SECRET'),
    // Note: The "redirect" setting will be configured automatically. You are not required to add it to services.php yourself. If you don't want to use this package's default routes, you will need to configure it. If so, the package will use the value from services.php.
    // 'redirect' => '/social-accounts/login/google/callback',
],

Fourth, you should call the SocialAccounts::routes method within the boot method of your AuthServiceProvider. This method will register the routes necessary to login with your configured providers. It will also register the API routes necessary for a user to retrieve their social accounts and remove them.

<?php

namespace App\Providers;

use audunru\SocialAccounts\SocialAccounts;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;

class AuthServiceProvider extends ServiceProvider
{
    /**
     * Register any authentication / authorization services.
     */
    public function boot()
    {
        $this->registerPolicies();

        SocialAccounts::routes();
    }
}

Optional: You can add web and API routes in separate steps.

SocialAccounts::routes(
    function ($router) {
        $router->forWeb();
    }
);
SocialAccounts::routes(
    function ($router) {
        $router->forApi();
    }
);

Step 3: Configuration and customization

You can find the configuration and documentation of all options in config/social-accounts.php.

Step 4: Run migrations

php artisan vendor:publish --tag=social-accounts-migrations
php artisan migrate

The migrations will create a social_accounts table, which will hold all added social accounts.

If you set the "automatically_create_users" option in config/social-accounts.php to true, the email and password columns in your users table will be made nullable. Not all providers require users to have an email address, and the password column must be nullable because users who sign up this way won't have password.

Usage

Adding social login to existing users

If you want to allow your existing users to log in with Google, add a link to /social-accounts/login/google somewhere in your application:

@auth
<a href="/social-accounts/login/google">Add Google login to my account</a>
@endauth

After clicking on this link, the user will be redirected to Google, where they must authorize the request. Afterwards they will be returned to your app. Then, a new SocialAccount will be added as related model of the User.

Signing up users

If you want to allow users to sign up with this package, you must first publish the configuration file and then set automatically_create_users to true.

'automatically_create_users' => true,

Then, run the migrations so that the email and password columns are made nullable.

php artisan migrate

Then add a link to /social-accounts/login/google:

<a href="/social-accounts/login/google">Sign up with Google</a>

Logging in

For users who are not signed in, simply add a link to /social-accounts/login/google:

<a href="/social-accounts/login/google">Sign in with Google</a>

Remember Me

Add "remember" to the login URL to keep the user signed in:

<a href="/social-accounts/login/google?remember">Sign in with Google</a>

API

The JSON API, which by default is accessible at /social-accounts, allows authenticated users to retrieve their social accounts and remove them.

To retrieve an array of social accounts, make a GET request to /social-accounts.

To retrieve a single social account, make a GET request to /social-accounts/123, where 123 is the ID of the account.

To delete a social account, make a DELETE request to /social-accounts/123.

Users can't update social accounts through the API, they will have to delete them first and then authorize again.

Optional Parameters, Access Scopes and Stateless Authentication

To include optional parameters in the request, call the registerProviderSettings method on the facade. The method takes three parameters, the provider name, the name of the method to call on the provider object, and an array of parameters.

For example, you can use this to limit the domains a Google user can choose to sign in with to just one:

SocialAccounts::registerProviderSettings('google', 'with', ['hd' => 'seinfeld.com']);

See Socialite's documentation for more info on Optional Parameters, Access Scopes and Stateless Authentication

Gates

You can use gates to allow or deny certain actions. Gates should be defined within the boot method of your AuthServiceProvider.

<?php

namespace App\Providers;

use App\User;
use audunru\SocialAccounts\SocialAccounts;
use Laravel\Socialite\Contracts\User as ProviderUser;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;

class AuthServiceProvider extends ServiceProvider
{
    /**
     * Register any authentication / authorization services.
     */
    public function boot()
    {
        $this->registerPolicies();
        /*
         * If your company uses G Suite and you want to ensure that only employees can log in, you can define a "login-with-provider" gate.
         *
         * If you don't define this gate, any ProviderUser is allowed to pass through.
         */
        Gate::define('login-with-provider', function (?User $user, ProviderUser $providerUser) {
            /*
             * $providerUser->user['hd'] contains the domain name the Google account belongs to.
             *
             * It's good practice to verify that the account does in fact belong to your company after the user has authorized with Google and returned to your application.
             */
            return 'company.com' === $providerUser->user['hd'];
        });
        /*
         * If you want to restrict who can add social accounts, you can define a "add-social-account" gate.
         *
         * If you don't define this gate, any authenticated user can add a social account.
         */
        Gate::define('add-social-account', function (User $user, ProviderUser $providerUser) {
            /*
             * isAdmin() is a hypothetical method you could define on your User model.
             *
             * In this case, only administrators would be allowed to add social accounts.
             */
            return $user->isAdmin();
        });
        SocialAccounts::routes();
    }
}

Events

When a user is created after authenticating with a provider, a SocialUserCreated event is dispatched. The event receives the User, SocialAccount and ProviderUser model.

When a social account is added to an existing user, a SocialAccountAdded event is dispatched. The event receives the User, SocialAccount and ProviderUser model.

For instance, you could listen for an event and grab more details about the user.

<?php

namespace App\Listeners;

use audunru\SocialAccounts\Events\SocialUserCreated;

class AddUserAvatar
{
    /**
     * Handle the event.
     *
     * @param  SocialUserCreated  $event
     * @return void
     */
    public function handle(SocialUserCreated $event)
    {
        /*
         * The package only saves the user's name and email when creating a new user.
         *
         * By listening for the event, we can grab more details about the user.
         */
        $event->user->update([
            'avatar' => $event->providerUser->getAvatar();
        ]);
    }
}

Alternatives

laravel-social-auth

Easy Socialite

Development

Testing

Run tests:

composer test