i am trying to make api with passport if user try to login or sign up with socialite find user than generate access_token then redirect to frontend with access_token in url parameters
i tried register and login than generate access_token with user email and default password which is not good for security
my code is like this
try {
$serviceUser = Socialite::driver($service)->stateless()->user();
} catch (\Exception $e) {
return redirect(config('app.client_url') . '/auth/social-callback?error=Unable to login using ' . $service . '. Please try again' . '&origin=login');
}
$email = $serviceUser->getEmail();
$name = $serviceUser->getName();
$user = $this->getExistingUser($serviceUser, $email, $service);
$newUser = false;
if (!$user) {
$newUser = true;
$user = new User;
$user->name = $name;
$user->email = $email;
$user->username = Str::random(10);
if($service === 'facebook'){
$user->image = $serviceUser->avatar;
}
$user->verify = true;
$user->save();
}
if ($this->needsToCreateSocial($user, $service)) {
Social::create([
'user_id' => $user->id,
'social_id' => $serviceUser->getId(),
'service' => $service
]);
}
$http = new Client;
$response = $http->post(config('app.url') . '/oauth/token', [
'form_params' => [
'grant_type' => 'password',
'client_id' => '2',
'client_secret' => 'oBKWxgF2fDvrxwA05ciapwy4JYKaHxzhGzr6D24X',
'username' => $email,
'password' => 'gebdandi',
'scope' => '',
],
]);
$body = json_decode((string) $response->getBody(), true);
$accessToken = $body['access_token'];
return redirect(config('app.client_url') . '/social-callback?token=' . $accessToken . '&origin=' . ($newUser ? 'register' : 'login'));
i can't find any solution on documentation
if possible please show good code
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire