Open in app

Sign in

Write

Sign in

API authentication via social networks for your Laravel application

Ilya Sakovich
2 min readJul 8, 2018

--

Introduction

Laravel makes API authentication a breeze using Laravel Passport, which provides a full OAuth2 server implementation for your Laravel application in a matter of minutes.

But what about API authentication via social networks? Laravel Passport doesn’t provide such ability by default. So we are going to implement that in this article. Let’s go!

Step 1: Install and configure Laravel Passport

This article assumes you are already familiar with Laravel Passport (can install and configure it on your own) so this process won’t be described. If not, then it’s recommended to familiarize yourself with API Authentication (Passport) section of Laravel documentation and go back to this tutorial.

Step 2: Install and configure Laravel Socialite

Install Laravel Socialite with:

composer require laravel/socialite

Then add credentials for the OAuth services your application utilizes. These credentials should be placed in your config/services.php configuration file, and should use the key equals to provider name (e.g., facebook, google, github etc.)

For example:

'google' => [
    'client_id' => env('GOOGLE_CLIENT_ID'),
    'client_secret' => env('GOOGLE_CLIENT_SECRET'),
    'redirect' => env('GOOGLE_REDIRECT_URL'),
],

We will use Socialite just for retrieving user details from an access token so we can fill client_id, client_secret, redirect with empty strings (not NULL) because they won’t be used in our flow.

If you want to use a provider that is not provided in Socialite by default take a look on Socialite Providers.

Step 3: Implement managing of social accounts that are linked to users

Create LinkedSocialAccount model with according migration:

php artisan make:model Models\\LinkedSocialAccount -m

Add linkedSocialAccounts relation for User model.

Make password, email fields nullable in users table by creating a migration:

php artisan make:migration make_password_and_email_fields_nullable_in_users_table --table=users

Run all migrations:

php artisan migrate

Create an SocialAccountsService that will be responsible for finding/creating of User instance by provider credentials.

Step 4: Install and configure Laravel Passport Social Grant

In order to enable social grant we will use Laravel Passport Social Grant. Install it with:

composer install hivokas/laravel-passport-social-grant

To make it work create SocialUserResolver that implements SocialUserResolverInterface where we will:

  • retrieve user details from an access token (with usage of Laravel Socialite);
  • return null if Socialite has thrown an exception;
  • otherwise find/create the User instance corresponding to user details retrieved above (with usage of SocialAccountsService);
  • return found/created User instance.

Bind SocialUserResolverInterface to our implementation. You can do it by adding the appropriate key-value pair to $bindings property in AppServiceProvider:

Step 5: Ensure that all works perfectly

As you can see it works like a charm!

Laravel
Package
Web Development
PHP
Tutorial

--

--

Ilya Sakovich

Written by Ilya Sakovich

32 Followers

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams