Getting started with Laravel Passport and OAuth2

Рет қаралды 70,737

Күн бұрын

In this 29 minute video, I'll show you how to install and use the powerful Passport authentication package in an example Laravel application. Postman helps a little, too.
Join my newsletter for weekly tips on Laravel, Vue, and Docker: aschmelyun.substack.com
You'll learn how to:
- Install and setup Laravel Passport
- Create and view a user's clients
- Generate authentication tokens with OAuth2 flow
- Create and use scopes to guard specific routes
0:00 - Intro
2:40 - Installing Passport
4:22 - Creating Clients
11:30 - Authorizing A Client
17:38 - Using Tokens
21:48 - Refreshing Tokens
23:58 - Using Scopes
29:08 - Wrapping Up
Follow me on Twitter! / aschmelyun

Пікірлер: 67

@aschmelyun 3 жыл бұрын

If you'd like to view the source code featured in this video, you can check it out here: github.com/aschmelyun/video-auth-laravel-passport Also I'm using a new style of recording and editing in this video where I talked while recording, instead of doing them separately like my previous videos. If you noticed a difference and did (or did not) like it compared to my previous videos, please let me know below!

@kennethramos2795 Жыл бұрын

Greate tutorial, I was able to learn the concept behind this and how to integrate laravel/passport to my api. Thank you so much for this. Hoping to find more useful tutorial from you. God bless!

@Samuel.Mwangi 3 жыл бұрын

Thanks Andrew for a great video as always. As a sidenote, am loving your updated thumbnail style (Legend has it you have updated even past videos with this new style)

@aschmelyun 3 жыл бұрын

Thanks, I'm glad you're liking the new style!

@dev_jeongdaeri 3 жыл бұрын

Thanks for amazing content!!!!👍

@rjee6511 Жыл бұрын

Great help for Laravel passport package usage, Thanks.👍

@Nageswararao93 Жыл бұрын

Thank you so much for the detailed explanation

@moreoverid1722 2 жыл бұрын

Thank you very much for this video!

@uweopfern 2 жыл бұрын

Hi, Andrew thank you so much for this, I am implementing the same thing, but I got one blocker, if a user does not verify their emails, still that endpoint of authorize will be consumed regardless of user email verification, any idea on how to check email verification before issuing that code

@AnilBaniyaNep 2 жыл бұрын

hi Andrew Schmelyun, thanks for the video. Whats the flow to get an authorization code for mobile application? Should the mobile app user should redirect to the browser for authentication and follow the same process as in web or there is another process for mobile application?

@googlemap3641 3 жыл бұрын

hi, I have an error with Authorizing A Client ( "hint": "Cannot decrypt the authorization code"). I searched for this error on google but it is not clear and I can't understand it. Thanks!

@madhand1472 2 жыл бұрын

hi I am using passport oauth2 in lumen I got error Authorization request was not present in the session.

@adics Жыл бұрын

Great Explanation.. But how can I get the refresh token without sending the client secret (I'm using PKCE)? Can anyone explain it to me?

@srikanthsanjeev 2 жыл бұрын

Thanks for detailed explanation

@aschmelyun 2 жыл бұрын

I'm glad you liked it!

@delvinnj7941 Жыл бұрын

Thank you, and how to get the details for the domain that is used in our API

@jjplays404 Жыл бұрын

Which IDE/editor you are using? and it's settings? :) please share

@SEOng-gs7lj 2 жыл бұрын

Must a client belong to a user? why did passport create 2 clients with user_id == null? Can those 2 clients be used?

@ajisurya2818 Жыл бұрын

can make 1 token oauth api to use the other api in laravel passport?

@devarm 3 ай бұрын

Hey Andrew, what if we are using an API instead of having a client? Will it be the same flow?

@user-lw9xq8qs9w Жыл бұрын

is the scope on passport same with access permission for the user?

@jacktapanut876 2 жыл бұрын

How to create your dashboard UI? Please share more your clip.

@FullMe7alJacke7 2 жыл бұрын

How would you go about making this work for a separated front end that's following a micro-service architecture? I have Project #1: Laravel Back End and Project #2: VueJS Front End What's the correct way to continue? A) Create a dedicated middleman route to hit externally, which hits the client creation route internally. B) Redirect To a Client Management page inside of the Backend project.

@Imagine51204 Жыл бұрын

Hi, I have same scenario did you get the solution ?

@fatima-cf1bj 2 ай бұрын

great channel🤩🤩

@mrarmani2079 2 күн бұрын

THis example if the passport used in the same system. How about if they are in the different system?

@joalbertylosorio1895 Жыл бұрын

How do i implement this with a frontend built

@oketafred 3 жыл бұрын

Awesome!

@shashikanthd3294 8 күн бұрын

Which dev tool did you use in this video?

@amitleuva8739 Жыл бұрын

I am receiving 'Unauthenticated ' message when trying to access data using access-token

@aspirinemaga 3 жыл бұрын

thank you sir

@subhadipghorui2216 3 жыл бұрын

How to use client id and client_secret in the frontend? cause they are needed for authorization API, so somebody can see in the frontend. So how to use it securely? Please reply. I am using the Oauth2 passport library in laravel and frontend angular.

@Boris2811ust 3 жыл бұрын

OAuth authors recommend to use PKCE flow in this case.

@MrMatni45 3 жыл бұрын

hi...im new to laravel passport...my project is multipage app...how should i handle for refresh token??do i have to check token expiry on each request??

@mohammedrizwan8123 8 ай бұрын

Phostorm

@fadihijazi8574 2 жыл бұрын

look at this cool tutorial !

@nguyennhat8284 2 жыл бұрын

how can i logout, reset password...

@igerardogc 3 жыл бұрын

Which theme are you using in phpstorm?

@aschmelyun 3 жыл бұрын

I'm using the Material UI plugin, and the Atom One Dark color scheme with it.

@chengchengchengchen4857 3 жыл бұрын

Why I got null, when I trying “dd($request->user()->clients)” that I created a Passport Client after?

@franzkafka9734 2 жыл бұрын

how did you fix it?

@Hann0T 2 жыл бұрын

@@franzkafka9734 run the migration

@franzkafka9734 2 жыл бұрын

@@Hann0T thx

@accountdua9375 Жыл бұрын

@@franzkafka9734 How????????

@user-up8pc1iv3o Жыл бұрын

how to connect keycloak.

@MisterCuriousController 2 жыл бұрын

can I use sanctum and passport at the same time?

@aschmelyun 2 жыл бұрын

Yes, you definitely can. They both serve kind of separate purposes though. If you want to just authenticate some users to your application and be able to provide them an auth token, I'd reach for Sanctum.

@kornflakesss 2 жыл бұрын

is anyone else getting Undefined method 'routesAreCached' ? You have any idea what that is?

@blueice1364 2 жыл бұрын

I'm new to laravel, and I'm also getting this error, haven't figured out any solution yet. :(

@jamestangeres3519 2 жыл бұрын

change it to this /** @var CachesRoutes $app */ $app = $this->app; if (!$app->routesAreCached()) { Passport::routes(); }

@nikolicvladimir 2 жыл бұрын

Who is My Client? Logged in User?

@augischadiegils.5109 2 жыл бұрын

❤️❤️❤️❤️❤️

@naungyehtet1231 2 жыл бұрын

Why would we need to make a crud for the OAuth client

@MAxAMILLIoN757 Жыл бұрын

I don't think you neeeeed to, but it's probably a good idea so your users can manage permissions for their authorized/connected apps, I think. Otherwise there would be no way for your users to remove permissions

@dfordemo981 2 жыл бұрын

i think i have listened your voice somewhere ?? may be in the "Windows Narrator", the exactly the same voice as you, I came to your video from the laracast series and channels

@jamestangeres3519 2 жыл бұрын

is it brad? 🤣