sumatoreo/multi-passport

Laravel Passport multi table authorization.

Maintainers

Details

github.com/sumatoreo/multi-passport

Source

Issues

Installs: 6

Dependents: 0

Suggesters: 0

Security: 0

Stars: 1

Watchers: 1

Forks: 0

Open Issues: 0

dev-master 2020-06-04 11:47 UTC

Requires

  • php: ^7.2

MIT b5cabff8a0b9a3a65189d8bc472087dff7a78e6e

  • Iskander Kamaliev <iskander.kamaliev.woop@gmail.com>

oauthlaravelmultipassportsumatoreo

This package is auto-updated.

Last update: 2025-07-04 23:01:24 UTC

README

Laravel Passport added multi-table authentication functionality.

https://laravel.com/docs/7.x/passport#customizing-the-user-provider

This project is irrelevant

Introduction

The add-on for Laravel Passport allows you to use an unlimited number of tables for authorization of different users. Worked for Password Grant Token https://laravel.com/docs/7.x/passport#password-grant-tokens

Install

./artisan vendor:publish --tag multipassport-config
./artisan vendor:publish --tag multipassport-migrations
./artisan migrate

Example

auth.php

<?php

return [

    /*
    |--------------------------------------------------------------------------
    | Authentication Defaults
    |--------------------------------------------------------------------------
    |
    | This option controls the default authentication "guard" and password
    | reset options for your application. You may change these defaults
    | as required, but they're a perfect start for most applications.
    |
    */

    'defaults' => [
        'guard' => 'webmaster',
        'passwords' => 'webmasters',
    ],

    /*
    |--------------------------------------------------------------------------
    | Authentication Guards
    |--------------------------------------------------------------------------
    |
    | Next, you may define every authentication guard for your application.
    | Of course, a great default configuration has been defined for you
    | here which uses session storage and the Eloquent user provider.
    |
    | All authentication drivers have a user provider. This defines how the
    | users are actually retrieved out of your database or other storage
    | mechanisms used by this application to persist your user's data.
    |
    | Supported: "session", "token"
    |
    */

    'guards' => [
        'webmaster' => [
            'driver' => 'passport',
            'provider' => 'webmasters',
        ],
        'admin' => [
            'driver' => 'passport',
            'provider' => 'admins',
        ]
    ],

    /*
    |--------------------------------------------------------------------------
    | User Providers
    |--------------------------------------------------------------------------
    |
    | All authentication drivers have a user provider. This defines how the
    | users are actually retrieved out of your database or other storage
    | mechanisms used by this application to persist your user's data.
    |
    | If you have multiple user tables or models you may configure multiple
    | sources which represent each model / table. These sources may then
    | be assigned to any extra authentication guards you have defined.
    |
    | Supported: "database", "eloquent"
    |
    */

    'providers' => [
        'webmasters' => [
            'driver' => 'eloquent',
            'model' => App\Models\Webmaster::class,
        ],
        'admins' => [
            'driver' => 'eloquent',
            'model' => App\Models\Admin::class
        ]

        // 'users' => [
        //     'driver' => 'database',
        //     'table' => 'users',
        // ],
    ],

    /*
    |--------------------------------------------------------------------------
    | Resetting Passwords
    |--------------------------------------------------------------------------
    |
    | You may specify multiple password reset configurations if you have more
    | than one user table or model in the application and you want to have
    | separate password reset settings based on the specific user types.
    |
    | The expire time is the number of minutes that the reset token should be
    | considered valid. This security feature keeps tokens short-lived so
    | they have less time to be guessed. You may change this as needed.
    |
    */

    'passwords' => [
        'webmasters' => [
            'provider' => 'webmasters',
            'table' => 'password_resets',
            'expire' => 60,
            'throttle' => 60,
        ],
        'admins' => [
            'provider' => 'admins',
            'table' => 'password_resets',
            'expire' => 60,
            'throttle' => 60,
        ],
    ],

    /*
    |--------------------------------------------------------------------------
    | Password Confirmation Timeout
    |--------------------------------------------------------------------------
    |
    | Here you may define the amount of seconds before a password confirmation
    | times out and the user is prompted to re-enter their password via the
    | confirmation screen. By default, the timeout lasts for three hours.
    |
    */

    'password_timeout' => 10800,

    /*
    |--------------------------------------------------------------------------
    | Default provider
    |--------------------------------------------------------------------------
    |
    | User in UserRepository and PassportAccessTokenCreatedListener
    |
    */

    'passport' => [
        'guard' => 'webmaster'
    ]
];

Example request

Using an additional field guard, you can log in to the desired user table.

$http = new GuzzleHttp\Client;

$response = $http->post('http://your-app.com/oauth/token', [
    'form_params' => [
        'grant_type' => 'password',
        'client_id' => 'client-id',
        'client_secret' => 'client-secret',
        'username' => 'taylor@laravel.com',
        'password' => 'my-password',
        'scope' => '',
        'guard' => 'admin'
    ],
]);

return json_decode((string) $response->getBody(), true);

Authentication

During authentication, the desired model is selected, so you will not have problems if you try to get it.

$user = auth()->user();