How To Use Laravel Passport Token System
I am planning to use Laravel Passport System for the ANGULAR 6 API. Installed as per the documentation.
But I have a bit of confusion. Please try to Resolve It.
1. How to provide a token ?
This is the Correct Method?
OR Coding LIKE is correct Method ?:
$request->request->add([ 'username' => $request->email, 'grant_type' => 'password', 'client_id' => env('PASSWORD_CLIENT_ID'), 'client_secret' => env('PASSWORD_CLIENT_SECRET'), 'scope' => '', ]); // forward the request to the OAuth token request endpoint and Return Token $res = Route::dispatch(request()->create('oauth/token', 'POST', $this->loginCredentials($request))); $this->api_response = json_decode($res->getContent()); return response()->json(['token' => $this->api_response,'usersDetail' => $user], 200);
Which Method need to use and Why Please Elaborate it.?
2. How to handle Refresh Token System for Angular?
Like in Refresh (Mouse button Refresh) need to Call Laravel API? How It should be? Please elaborate with Laravel and Angular Codes.
please answer this question Detaily. looking for a good Answer!!!
How to provide a token ? This is the Correct Method? OR Coding LIKE is correct Method ?
It uses a different grant. The correct method is according to your application needs. Before you implement OAuth, you need to learn about grant types :
Authorization code grant
The authorization code grant should be very familiar if you’ve ever signed into an application using your Facebook or Google account.
The implicit grant is similar to the authorization code grant with two distinct differences.
It is intended to be used for user-agent-based clients (e.g. single page web apps) that can’t keep a client secret because all of the application code and storage is easily accessible.
Secondly instead of the authorization server returning an authorization code which is exchanged for an access token, the authorization server returns an access token
Resource owner credentials grant
This grant is a great user experience for trusted first party clients both on the web and in native device applications.
Client credentials grant
The simplest of all of the OAuth 2.0 grants, this grant is suitable for machine-to-machine authentication where a specific user’s permission to access data is not required.
Refresh token grant
Access tokens eventually expire; however some grants respond with a refresh token which enables the client to get a new access token without requiring the user to be redirected.
Which OAuth 2.0 grant should I use?
A grant is a method of acquiring an access token. Deciding which grants to implement depends on the type of client the end user will be using, and the experience you want for your users.
How to handle Refresh Token System for Angular?
Access tokens eventually expire; The client sends a POST request with following body parameters to
grant_typewith the value
refresh_tokenwith the refresh token
client_idwith the the client’s ID
client_secretwith the client’s secret
scopewith a space-delimited list of requested scope permissions. This is optional; if not sent the original scopes will be used, otherwise you can request a reduced set of scopes.
$http = new GuzzleHttp\Client; $response = $http->post('http://your-app.com/oauth/token', [ 'form_params' => [ 'grant_type' => 'refresh_token', 'refresh_token' => 'the-refresh-token', 'client_id' => 'client-id', 'client_secret' => 'client-secret', 'scope' => '', ], ]); return json_decode((string) $response->getBody(), true);
Or you can using Angular
HTTPInterceptor for token refreshing. HTTP Interceptors are used for adding custom logic for logging, modifying response, error handling, but one common case is to automatically attach authentication informations to request and to refresh token in order to maintain user session active.
- → "failed to open stream" error when executing "migrate:make"
- → October CMS Plugin Routes.php not registering
- → OctoberCMS Migrate Table
- → OctoberCMS Rain User plugin not working or redirecting
- → October CMS Custom Mail Layout
- → October CMS - How to correctly route
- → October CMS create a multi select Form field
- → October CMS - Conditionally Load a Different Page
- → How to disable assets combining on development in OctoberCMS
- → October CMS - Radio Button Ajax Click Twice in a Row Causes Content to disappear
- → OctoberCms component: How to display all ID(items) instead of sorting only one ID?
- → In OctoberCMS how do you find the hint path?
- → How to register middlewares in OctoberCMS plugin?