This is useful when we want to change the values in our production environment without touching the code. env file (and automatically load them from services.php file using getenv()). 'client_secret' => env('GITHUB_CLIENT_SECRET'),Īlthough we can directly put the credentials and the callback URL inside config/services.php, we keep them in our application’s. In this step, we add our Github credentials to config/services.php: It can be or any other valid domain.Īuthorization Callback URL is an endpoint on our website to which the user is redirected after the authorization is completed.Īfter creating the application, we’re redirected to the edit page where we can find (and copy) our keys. This is what the users will see when redirected to Github to authorize our application. On the app creation page, there are a few fields we need to fill:Īpplication Name should be a descriptive name for our application. To test out what we’ve built, let’s add Github as our social authentication (login) option.įirst, we need to register a new OAuth application on Github. If no user is found, we create a new user entry and associate the current social account with it. With that in mind, we search the users table by email, because the user may have registered into our system via the registration form. If no social account is found, either the user does not exist or the user hasn’t linked any social accounts yet. Now, we make email and password fields nullable:įile: database/migrations/xxxxxx_prepare_users_table_for_social_authentication.php string ( 'email' ) -> nullable ( ) -> change ( ) $table -> string ( 'password' ) -> nullable ( ) -> change ( ) } ) } /** Let’s start with users: php artisan make:migration prepare_users_table_for_social_authentication -table users Before modifying the fields in the existing tables, we need to have doctrine/dbal package installed. To modify the schema, we use Laravel’s schema builder. Hence, we need to make email and password fields nullable. Apart from that, the user may not have an email address associated with the respective OAuth provider. Usually, when users take the social authentication approach, they don’t have to choose a password unless we ask them to do so (after OAuth authorization – please don’t do that). Since the users table structure hasn’t been designed to integrate social authentications, we first need to do a few tweaks there.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |