README

Requirement

• Create laravel project.

$ composer create-project laravel/laravel "Name"

• Install auth.

$ php artisan make:auth

• Config database in .env file.

• Install passport.

$ composer require laravel/passport

• Run migrations.

$ php artisan migrate

• Create clients.

$ php artisan passport:install

Create two more clients with ID 3 and 4.

$ php artisan passport:client --password

Installing and configuring package

• Install with composer:

$ composer require danilo/passport ~1.1.0-a

• Add provider to config/app.php file:

    'providers' => [
        ...
        jumpitt\passport\MultiServiceProvider::class,
    ],

• Publish components:

$ php artisan vendor:publish

And choose the provider jumpitt\passport\MultiServiceProvider

• Run migrations:

$ php artisan migrate

• Modify User Model, make it use HasApiTokens and add some constant for use as client_id from the oauth_clients table.

<?php

namespace App;

use Laravel\Passport\HasApiTokens;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use HasApiTokens, Notifiable;

    const PASSPORT = 4;

    protected $fillable = [
        'name', 'email', 'password',
    ];
    ...
}

• Register the published middlewares PassportCustomProvider and CheckGuard on $routeMiddleware on app/Http/Kernel.

class Kernel extends HttpKernel
{
    ...
    protected $routeMiddleware = [
        'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
        'can' => \Illuminate\Auth\Middleware\Authorize::class,
        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
        'check-guard' => \App\Http\Middleware\CheckGuard::class,
        'custom-provider' => \App\Http\Middleware\PassportCustomProvider::class,
    ];
    ...
}

Basic usage

• Add the 'provider' parameter in your request at /oauth/token:

POST /oauth/token HTTP/1.1
Host: localhost
Accept: application/json, text/plain, */*
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache

{
    "username":"emailcustomer@domain.com",
    "password":"password",
    "grant_type" : "password",
    "client_id": "client-id",
    "client_secret" : "client-secret",
    "provider" : "customers"
}

• Add middleware to route, for example:

<?php

use Illuminate\Http\Request;

Route::group(['middleware' => ['check-guard:customer', 'auth:customer']], function(){
    Route::post('details', 'TestController@details');
});

• Create a new customer, login with customers provider parameter on oauth/token and call route with access token:

post /api/details HTTP/1.1
Host: localhost
Accept: application/json
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbG ...

Response if is customer:

{
    "success": {
        "id": 1,
        "name": "name",
        "email": "correocustomer@gmail.com",
        "created_at": "2018-01-03 13:11:25",
        "updated_at": "2018-01-03 13:11:25"
    }
}

Response if isn't customer:

{
    "error": "Unauthorised"
}