larapkg/laravel-social-user

Social controller setup for using with Laravel Socialite

Maintainers

Details

github.com/LaraPKG/laravel-social-user

Source

Issues

Installs: 91

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 2

Forks: 0

Open Issues: 3

Type:project

dev-master 2023-03-26 19:37 UTC

Requires

Requires (Dev)

MIT 6b440c20647361f199e9bfbc838dd2318c290521

  • Ron Appleton <ron.appleton.woop@mercatura.co.uk>

This package is auto-updated.

Last update: 2024-04-06 22:46:16 UTC

README

Laravel Social User is a package that allows you to easily add social login to your Laravel API.

Combined with Laravel Socialite, Laravel Socialite Providers and Laravel Passport, you can easily add social login to your API for many social login providers.

Installation

You can install the package via composer:

composer require larapkg/laravel-social-user

To publish the configuration file which enables the setting of your applications user model, run:

php artisan vendor:publish --provider="Larapkg\LaravelSocialUser\Providers\LaravelSocialProviderServiceProvider" --tag="config"

If you want to alter the migrations, you can publish them with:

php artisan vendor:publish --provider="Larapkg\LaravelSocialUser\Providers\LaravelSocialProviderServiceProvider" --tag="migrations"

Usage

Run the migration to create the user_social_providers table.

Then attach the HasSocialUsers trait to your user model.

Publish the config and set up your required details, ensuring you set the user model.

Remove any fields you no longer need from the user table migration or create and run a migration to remove them, or make fields nullable.

Add a social login button to your frontend application and use the social provider's SDK to get the user's access token. Then send a POST request to your API with the access token and the provider name.

/social-login/[provider-name] passing the access_token in the request body.

Considerations

So every application needs a user strategy, and this package does not provide one.

Well it does, but it's not necessarily a good one or suitable for your use case.

So do you ONLY want social login, so your not responsible for user accounts?, or do you want to manage user accounts yourself? From a GDPR point of view etc., unless you know what you are doing, you should probably use the social login only strategy, and avoid storing any user data yourself that is not necessary. And provide a way for users to delete their accounts and maybe consider storing last_login details and deleting accounts after a period of inactivity (good practice to email users before).

As such, this package stores only the social provider's user id, name, email address and avatar, and when a user is deleted, if you have attached the HasSocialUsers trait to your user model, it will also delete the social user records for that user.

When using this package, when passing the social providers access_token to your API, it will always create a new user unless the social provider account has the same name and email as an existing user. i.e. on social login of a previously used social login account, the same user will be used, but social login from a different social login account will create a new user and those accounts will not be linked in any way.

When using the HasSocialUsers trait, the socialUsers() method will return a HasMany relationship, so you can access the social users for a user.

Other Considerations

Socialite and Passport should be installed, your social providers setup and your user model setup to use passport.

Those things are out of scope for this readme, but you can find more information on those things in the links below.

This package does not contain any tests.