Where have I to insert my user credential for this custom user provider (performing a REST WS authentication) in my Laravel application?

I am absolutly new in PHP and Laravel, I came from Java.

I am trying to follow this tutorial to implement a custom user provider:

http://ift.tt/1pfYtX4

I briefly expain what I need: my Laravel application is only a front end application, all the business logic, included the user authentication, is performed by a Java back end application that exposes REST web services.

Performing a call to:

http://localhost:8080/Extranet/login

and passing username and password as basic authentication I obtain a JSON response like this that represent the logged user:

{
  "userName": "Painkiller",
  "email": "painkiller@gmail.com",
  "enabled": true
}

So, in my Laravel application, I have to perform this call and then parse the previous returned JSON object to generate the authenticated object into the front end application session.

I think that the previous custom user provider is the neater and most natural solution to do it, but I am finding some difficulties and I have many doubts about how do it in my project.

I am using Larave 5.3 version.

I have implemented all the 4 steps of the previous tutorial and I think that I have correctly replaced the user provider with my custom user provider.

Now I have the following doubts (because the code provided in the example is not related to a real case but in the last steps it only shows stubbed version of classes).

PROBLEMS:

FIRST PROBLEM: In the Stage 3 (Create a user class) it seems to me that he is creating a model user class that have to contains the information of the logged user, so I think that it have to hold these 3 fields: username, email and enabled contained in the JSON object returned by my back end REST web service:

{
  "userName": "Painkiller",
  "email": "painkiller@gmail.com",
  "enabled": true
}

Is my intuition correct? or am I missing something?

At this time my User class only contains the stubbed methods version:

<?php

namespace App\Authentication;

use Illuminate\Contracts\Auth\Authenticatable;

class User implements Authenticatable {
    /**
     * @return string
     */
    public function getAuthIdentifierName()
    {
        // Return the name of unique identifier for the user (e.g. "id")
    }

    /**
     * @return mixed
     */
    public function getAuthIdentifier()
    {
        // Return the unique identifier for the user (e.g. their ID, 123)
    }

    /**
     * @return string
     */
    public function getAuthPassword()
    {
        // Returns the (hashed) password for the user
    }

    /**
     * @return string
     */
    public function getRememberToken()
    {
        // Return the token used for the "remember me" functionality
    }

    /**
     * @param  string $value
     * @return void
     */
    public function setRememberToken($value)
    {
        // Store a new token user for the "remember me" functionality
    }

    /**
     * @return string
     */
    public function getRememberTokenName()
    {
        // Return the name of the column / attribute used to store the "remember me" token
    }
}

So what exactly have I to do? Have I only to insert the previous fields (username, email and **enabled*) and the related getter and setter methods? (So this object will put in the session with these information)? Is it right or am I missing something?

SECOND PROBLEM: In the STEP 4 related to the creation a UserProvider class I am creating the UserProvider class.

It seems to me that this is where I have to retrieve the logged user (if the user is authenticated in the systemo) or an error message if the user is not authenticated. So basically it should be where I have to call my back end REST web service (passing the credential inserted into the login form) to obtain the user information used to create the previous User instance. Is it right?

So this is my UserProvider implementing the Illuminate\Contracts\Auth\UserProvider interface:

<?php

namespace App\Authentication;

use Illuminate\Contracts\Auth\Authenticatable;
use Illuminate\Contracts\Auth\UserProvider as IlluminateUserProvider;
use GuzzleHttp\Client;
use function GuzzleHttp\json_encode;
use function GuzzleHttp\json_decode;

class UserProvider implements IlluminateUserProvider
{
    public function retrieveById($identifier)
    {
        // TODO: Implement retrieveById() method.
    }

    public function retrieveByToken($identifier, $token)
    {
        // TODO: Implement retrieveByToken() method.
    }

    public function updateRememberToken(Authenticatable $user, $token)
    {
        // TODO: Implement updateRememberToken() method.
    }

    public function retrieveByCredentials(array $credentials)
    {
        // TODO: Implement retrieveByCredentials() method.

        $client = new Client(); //GuzzleHttp\Client

        $response = $client->post('http://localhost:8080/Extranet/login',
            [
                'auth' => [
                    'Painkiller',
                    'pswd'
                ]
            ]);


    }

    public function validateCredentials(Authenticatable $user, array $credentials)
    {
        // TODO: Implement validateCredentials() method.
    }

}

So I think that I have to put my webservice call in this method retrieveByCredentials(), this one:

public function retrieveByCredentials(array $credentials)
{
    // TODO: Implement retrieveByCredentials() method.

    $client = new Client(); //GuzzleHttp\Client

    $response = $client->post('http://localhost:8080/Extranet/login',
        [
            'auth' => [
                'Painkiller',
                'pswd'
            ]
        ]);

}

For simplicity, at this time I have hard coded the credential of an existing user returned by the web service doing performing an http request, so for any credential inserted by the user in the login form will always retrieve this user (I want to do a test...then I will integrate with the inserted credential).

Now my doubt is: have I only to parse the JSON response and set the related field of a User instance that represents the user information retrieved by the web service?

Ok and now...the final problem:

I start my Laravel application by the statment: php artisan serve. It starts with no error.

My problem is: I have created all this custom authentication mechanism that should authenticate the inserted credential calling my back end REST web service but...where have I to insert these credential? Where is the username and password login form?

Reading online it seems to me that I can access to a Laravel login page using this URL:

http://localhost:8000/login

but I am obtaining this error message instead the login page:

Sorry, the page you are looking for could not be found.

NotFoundHttpException in RouteCollection.php line 161:
in RouteCollection.php line 161
at RouteCollection->match(object(Request)) in Router.php line 766
at Router->findRoute(object(Request)) in Router.php line 621
at Router->dispatchToRoute(object(Request)) in Router.php line 607
at Router->dispatch(object(Request)) in Kernel.php line 268
at Kernel->Illuminate\Foundation\Http\{closure}(object(Request)) in Pipeline.php line 53
at Pipeline->Illuminate\Routing\{closure}(object(Request)) in CheckForMaintenanceMode.php line 46
at CheckForMaintenanceMode->handle(object(Request), object(Closure)) in Pipeline.php line 137
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in Pipeline.php line 33
at Pipeline->Illuminate\Routing\{closure}(object(Request)) in Pipeline.php line 104
at Pipeline->then(object(Closure)) in Kernel.php line 150
at Kernel->sendRequestThroughRouter(object(Request)) in Kernel.php line 117
at Kernel->handle(object(Request)) in index.php line 54
at require_once('C:\Users\Andrea\Documents\Betrivius\WorkSpace\betriviusExtranet\public\index.php') in server.php line 21

Why? What am I missing? Where can I insert my credential to test if my custom user provides works as I expect?

via Chebli Mohamed