Mohammad Mohammad - 16 days ago 10
AngularJS Question

How to create Token-Based Authentication(oauth2) for AngularJS and Laravel Apps via passport

I created an web app which it uses laravel default registration(auth), I've tested passport oauth2 client access token from taylor tutorial. My web app uses angular js for UI and laravel for backend , so I need to create user, when create user request is sent from angular and then create a global access token to give it in my response to angular which then in all later request I use it to authenticate requests.

actually I want to implement oauth2 authentication for my web app, but so far I've searched a lot but I couldn't find any useful step by step tutorial for it.

anyone can help me out?

FYI: I'm using laravel 5.3 with passport enabled and angular js 1.5 for frontend.

Answer

I've solved this. I've Customized laravel auth for login and register and created a method which will send a request to the server to create an access token for registering user or log in. I've set up passport and test it as taylor did in his toturial. then in AuthenticatesUsers.php I've changed sendloginResponse method response like :

protected function sendLoginResponse(Request $request)
    {
        isset($request->token) ? $token = $request->token : $token = null;//Check if login request contain token

        $request->session()->regenerate();

        $this->clearLoginAttempts($request);

        return $this->authenticated($request, $this->guard()->user())
            ? $this->StatusCode($token,$this->credentials($request),$status=false) : $this->StatusCode($token,$this->credentials($request),$status=true);

    }

And I have added this method to request access token and send it as json response :

public function StatusCode($token,$user,$status){

        if( $token != null && $token != ''){
            return ($status == true) ? response()->json(GetToken($user),200) : response()->json(['Message' => 'Failed to log in'],403);

        }

        function GetToken($userobject)
        {
            $http = new Client;

            $response = $http->post('http://localhost/iranAd/public/oauth/token', [
                'form_params' => [
                    'grant_type' => 'password',
                    'client_id' => '1',
                    'client_secret' => 'xKqNbzcXyjySg20nVuVLw5nk5PAMhFQOQwRTeTjd',
                    'username' => $userobject['email'],
                    'password' => $userobject['password'],
                    'scope' => '',
                ],
            ]);

            return json_decode((string) $response->getBody(), true);
        }

        function RefreshToken($token,$userobject)
        {
            $http = new Client;

            $response = $http->post('http://localhost/iranAd/public/oauth/token', [
                'form_params' => [
                    'grant_type' => 'refresh_token',
                    'refresh_token' => 'refresh_token',
                    'client_id' => '1',
                    'client_secret' => 'xKqNbzcXyjySg20nVuVLw5nk5PAMhFQOQwRTeTjd',
                    'username' => $userobject['email'],
                    'password' => $userobject['password'],
                    'scope' => '',
                ],
            ]);

            return json_decode((string) $response->getBody(), true);
        }

            return ($status == true) ? response()->json(GetToken($user),200) : response()->json(['Message' => 'Failed to log in'],403);

    }

Same Procedure for register users.