laravel-passport

I installed Laravel Passport using the Laravel docs, the Laravel version is 5.4. Everything worked fine so far now I add these lines into my view: <!-- let people make clients --> <passport-clients></passport-clients> <!-- list of clients people have authorized to access our account --> <passport-authorized-clients></passport-authorized-clients> <!-- make it simple to generate a token right in the UI to play with --> <passport-personal-access-tokens></passport-personal-access-tokens> The Ui looks good, but if I try to add a new Client or Token I get this message: Whoops! Something went wrong!

I'm trying to set up my custom API with Passport (well, I'm already halfway through, just need to build my authentication). Whenever I'm trying to create a personal access token from my Passport dashboard (/home route), I get a 'Whoops, something went wrong!' error. This comes from my Vue component (PersonalAccessTokens.vue), and my console logs me a 500 internal server error at the Post route for storing personal access tokens... \Laravel\Passport\Http\Controllers\PersonalAccessTokenController@store is the method responsible but I can't seem to find something outof the ordinary as I did

Trying to wrap my head around using Laravel's Passport with mobile clients. The Password Grant type of authentication seems to be the way to go, and i have it working with my iOS app, however i can't get token refreshing to work. When authenticating i get a token and a refresh token which i store, however when the token expires, calling the oauth/token/refresh route doesn't work. The route is using the web middleware which means my app using the api route can't access it. I'm not sure if they intended for mobile clients to never refresh or if they wanted you to roll your own refreshing? If

I'm using Laravel passport for API authentication, it works perfectly when I use it with one DB, but gives 401 when using multiple databases, What I'm doing: I have a multi-tenant DB, master DB have users, roles and all OAuth tables. When I create a user with admin role it will create new DB with admin name, it will create sub DB with users, roles and all OAuth table. oauth_clients of sub DB will copy Password Grant Token and Personal Access Token from master DB and insert in sub DB, and also insert client_id in oauth_personal_access_clients . I'm doing all the procedures which passport

I've added this two event listeners to my : EventServiceProvider /** * The event listener mappings for the application. * * @var array */ protected $listen = [ 'Laravel\Passport\Events\AccessTokenCreated' => [ 'App\Listeners\RevokeOldTokens', ], 'Laravel\Passport\Events\RefreshTokenCreated' => [ 'App\Listeners\PruneOldTokens', ], ]; And in my AuthServiceProvider I have : public function boot() { $this->registerPolicies(); Passport::routes(); passport::$revokeOtherTokens; passport::$pruneRevokedTokens; Passport::tokensExpireIn(Carbon::now()->addDays(1)); Passport::refreshTokensExpireIn(Carbon:

so my mobile app would be the client, i generated a client_id and a client_secret for it. users who uses the mobile app have to login using their username/password. Where should i store the client_id and client_secret? is it ok to expose them and simply place them hardcoded in the app? Shuja Ahmed It is definitely not the secure way of hardcoding them and just placing them in an app. Actually its not that straight forward. I assume you created the client from artisan or from the pre-built Vue components. In either case there is more that you have to do in order so safely consume the oauth2 api

I am using passport package for Laravel API Authentication. When I post data I get error: 401 Unauthorized","error":{"error":"Unauthenticated."}. I use Auth::user()->id; to get current user id. How to solve this error? This code helped me: auth()->guard('api')->user() The simplest format is auth('api')->user(); When you use Auth::user()->id in your function's body. You have not logged in before. Please call login api first to get token then set it to the next API call. 来源： https://stackoverflow.com/questions/48417970/how-to-get-current-user-in-laravel-api-using-passport

In our app when user logs out we invalidate the access token for that particular device this way. $user = $request->user(); $value = $request->bearerToken(); $id = (new Parser())->parse($value)->getHeader('jti'); $token = $user->tokens->find($id); $token->revoke(); But when an user deactivates his/her account, we would like to invalidate all the access tokens from all the devices the user is logged in. I looked through the document but did not find anything useful. Thanks Take a look at the HasApiTokens trait provided by passport. The documentation recommends adding this trait to your User