forked from mongodb/laravel-mongodb
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathuser-authentication.txt
304 lines (212 loc) · 9.24 KB
/
user-authentication.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
.. _laravel-user-authentication:
===================
User Authentication
===================
.. facet::
:name: genre
:values: tutorial
.. meta::
:keywords: php framework, odm, code example
.. contents:: On this page
:local:
:backlinks: none
:depth: 2
:class: singlecol
Overview
--------
In this guide, you can learn how to authenticate MongoDB users
by using Laravel's native authentication functionality.
Laravel provides a native ``Auth`` module that includes authentication services,
such as guards that define how users are authenticated and providers that define
how users are retrieved. To learn more about these services, see `Authentication
<https://laravel.com/docs/{+laravel-docs-version+}/authentication>`__ in the
Laravel documentation.
Modify the User Model
---------------------
By default, Laravel generates the ``User`` Eloquent model in your ``App/Models``
directory. To enable authentication for MongoDB users, your ``User`` model
must extend the ``MongoDB\Laravel\Auth\User`` class.
To extend this class, navigate to your ``app/Models/User.php`` file and replace the
``use Illuminate\Foundation\Auth\User as Authenticatable`` statement with the following
code:
.. code-block:: php
use MongoDB\Laravel\Auth\User as Authenticatable;
Next, ensure that your ``User`` class extends ``Authenticatable``, as shown in the following
code:
.. code-block:: php
class User extends Authenticatable
{
...
}
After configuring your ``User`` model, create a corresponding controller. To learn how to
create a controller, see the :ref:`laravel-auth-controller` section on this page.
Example
~~~~~~~
The following code shows a ``User.php`` file that extends the ``MongoDB\Laravel\Auth\User``
class:
.. literalinclude:: /includes/auth/AuthUser.php
:language: php
:dedent:
.. _laravel-auth-controller:
Create the User Controller
--------------------------
To store functions that manage authentication, create an authentication controller for
your ``User`` model.
Run the following command from your project root to create a controller:
.. code-block:: php
php artisan make:controller <filename>
Example
~~~~~~~
The following command creates a controller file called ``AuthController.php``:
.. code-block:: php
php artisan make:controller AuthController
The ``AuthController.php`` file can store ``login()`` and ``logout()`` functions to
manage user authentication, as shown in the following code:
.. literalinclude:: /includes/auth/AuthController.php
:language: php
:dedent:
Customize User Authentication
-----------------------------
You can customize your authentication files to align with your application's
needs and enable additional authentication features.
This section describes how to use the following features to customize the MongoDB user
authentication process:
- :ref:`laravel-user-auth-sanctum`
- :ref:`laravel-user-auth-passport`
- :ref:`laravel-user-auth-reminders`
.. _laravel-user-auth-sanctum:
Laravel Sanctum
~~~~~~~~~~~~~~~
Laravel Sanctum is an authentication package that can manage API requests and
single-page application authentication. To manage API requests, Sanctum issues
API tokens that are stored in the database and authenticates incoming HTTP
requests by using the ``Authorization`` header. To authenticate single-page applications,
Sanctum uses Laravel's cookie-based authentication services.
You can install Laravel Sanctum to manage your application's authentication
process. Run the following commands from your project root to install Laravel
Sanctum and publish its migration file:
.. code-block:: bash
composer require laravel/sanctum
php artisan vendor:publish --provider="Laravel\Sanctum\SanctumServiceProvider"
To use Laravel Sanctum with the {+odm-short+}, modify the ``PersonalAccessToken`` model provided
by Sanctum to use the ``DocumentModel`` trait from the ``MongoDB\Laravel\Eloquent`` namespace.
The following code modifies the ``PersonalAccessToken`` model to enable MongoDB:
.. literalinclude:: /includes/auth/PersonalAccessToken.php
:language: php
:dedent:
Next, run the following command to modify the database schema:
.. code-block:: bash
php artisan migrate
You can now instruct Sanctum to use the custom ``PersonalAccessToken`` model by calling
the ``usePersonalAccessTokenModel()`` method in one of your application's
service providers. To learn more, see `Overriding Default Models
<https://laravel.com/docs/{+laravel-docs-version+}/sanctum#overriding-default-models>`__
in the Laravel Sanctum guide.
.. tip::
To learn more about the ``DocumentModel`` trait, see
:ref:`laravel-third-party-model` in the Eloquent Model Class guide.
.. _laravel-user-auth-passport:
Laravel Passport
~~~~~~~~~~~~~~~~
Laravel Passport is an OAuth 2.0 server implementation that offers
API authentication for Laravel applications. Use Laravel Passport if
your application requires OAuth2 support.
.. tip::
To learn more about Laravel Passport and the OAuth 2.0 protocol, see
the following resources:
- `Laravel Passport <https://laravel.com/docs/{+laravel-docs-version+}/passport>`__ in the
Laravel documentation.
- `OAuth 2.0 <https://oauth.net/2/>`__ on the OAuth website.
Install Laravel Passport
````````````````````````
To install Laravel Passport and run the database migrations required
to store OAuth2 clients, run the following command from your project root:
.. code-block:: bash
php artisan install:api --passport
Next, navigate to your ``User`` model and add the ``Laravel\Passport\HasApiTokens``
trait. This trait provides helper methods that allow you to inspect a user's
authentication token and scopes. The following code shows how to add ``Laravel\Passport\HasApiTokens``
to your ``app\Models\User.php`` file:
.. code-block:: php
<?php
namespace App\Models;
use MongoDB\Laravel\Auth\User as Authenticatable;
use Laravel\Passport\HasApiTokens;
class User extends Authenticatable
{
use HasApiTokens;
...
}
Then, define an ``api`` authentication guard in your ``config\auth.php``
file and set the ``driver`` option to ``passport``. This instructs your
application to use Laravel Passport's ``TokenGuard`` class to authenticate
API requests. The following example adds the ``api`` authentication guard
to the ``guards`` array:
.. code-block:: php
:emphasize-lines: 6-9
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'users',
],
],
Use Laravel Passport with {+odm-long+}
`````````````````````````````````````````
After installing Laravel Passport, you must enable Passport compatibility with MongoDB by
defining custom {+odm-short+} models that extend the corresponding Passport models.
To extend each Passport model class, include the ``DocumentModel`` trait in the custom models.
You can define the following {+odm-short+} model classes:
- ``MongoDB\Laravel\Passport\AuthCode``, which extends ``Laravel\Passport\AuthCode``
- ``MongoDB\Laravel\Passport\Client``, which extends ``Laravel\Passport\Client``
- ``MongoDB\Laravel\Passport\PersonalAccessClient``, which extends ``Laravel\Passport\PersonalAccessClient``
- ``MongoDB\Laravel\Passport\RefreshToken``, which extends ``Laravel\Passport\RefreshToken``
- ``MongoDB\Laravel\Passport\Token``, which extends ``Laravel\Passport\Token``
The following example code extends the default ``Laravel\Passport\AuthCode``
model class when defining a ``MongoDB\Laravel\Passport\AuthCode`` class and includes
the ``DocumentModel`` trait:
.. code-block:: php
class MongoDB\Laravel\Passport\AuthCode extends Laravel\Passport\AuthCode
{
use MongoDB\Laravel\Eloquent\DocumentModel;
protected $primaryKey = '_id';
protected $keyType = 'string';
}
After defining custom models that extend each ``Laravel\Passport`` class, instruct
Passport to use the models in the ``boot()`` method of your application's
``App\Providers\AppServiceProvider`` class. The following example adds each custom
model to the ``boot()`` method:
.. literalinclude:: /includes/auth/AppServiceProvider.php
:language: php
:emphasize-lines: 26-30
:dedent:
Then, you can use Laravel Passport and MongoDB in your application.
.. _laravel-user-auth-reminders:
Password Reminders
~~~~~~~~~~~~~~~~~~
To add support for MongoDB-based password reminders, register the following service
provider in your application:
.. code-block:: php
MongoDB\Laravel\Auth\PasswordResetServiceProvider::class
This service provider modifies the internal ``DatabaseReminderRepository``
to enable password reminders.
Example
```````
The following code updates the ``providers.php`` file in the ``bootstrap`` directory
of a Laravel application to register the ``PasswordResetServiceProvider`` provider:
.. code-block:: php
:emphasize-lines: 4
return [
App\Providers\AppServiceProvider::class,
MongoDB\Laravel\MongoDBServiceProvider::class,
MongoDB\Laravel\Auth\PasswordResetServiceProvider::class
];
Additional Information
----------------------
To learn more about user authentication, see `Authentication <https://laravel.com/docs/{+laravel-docs-version+}/authentication>`__
in the Laravel documentation.
To learn more about Eloquent models, see the
:ref:`laravel-eloquent-model-class` guide.