Authenticating requesting user. about lumen-passport HOT 5 CLOSED

Lumen Passport includes all Laravel Passport bootstrap stuff, so it registers a correct authentication guard during the boot process. The viaRequest() part has no effect I suppose - since we are not referring to 'api' guard anywhere in the code. It will never be called

What are you trying to achieve?

from lumen-passport.

Thanks for replying. I think my confusion is around where to 'set' the requesting user so I can call endpoints that require $request->user() to be set as shown in PersonalAccessTokenController.

from lumen-passport.

Sorry for posting what appears to be my single issues as opposed to lumen-passport code issues but I have not had much luck with SO.

Can anyone give me an example of how they wrap a route with passport's middleware so that it checks the requesting users token? This seems to be my last hurdle for getting lumen-passport implemented into my project.

If I make the following call:

$app->get('v1/games/{id}', ['middleware' => 'auth:api', function () {
    // code
}]);

If goes into the handle() method inside my Authenticate.php middleware - but according to the passport documentation shouldn't passport be picking up this request and not my App\Middleware\Http\Authenticate.php?

If I follow passport's example of appending ->middleware('auth:api') on the end of the route declaration I get a could not find Request::handle() error.

Passport is selected in auth.php as the driver and it does appear to be loading it but I for the life of me cannot get passport to wrap around the routes. If someone could provide an example it would be greatly appreciated.

from lumen-passport.

@Patskimoto it is actually handled by passport... due to config/auth.php settings (to be more specific..
'guards' => [ 'api' ...].. and even if you do not specify a guard in routing ( auth instead auth:api) it will be still forwarded to api guard (handled by passport) as far it is the only guard defined)

it would be bad if you couldn't modify auth middleware ... and something happen too automagically :> one of the reason is changing unauthorized/401 response format to JSON, like following.

public function handle($request, Closure $next, $guard = null)
{
    if ($this->auth->guard($guard)->guest()) {
        
        return response()->json(["error"=>[
            "code" => 401,
            "message" => "Unauthorized"
        ]], 401);
    }

    return $next($request);
}

personally i havent encountered any problems when following steps from readme.

from lumen-passport.

@az Thanks for your reply. I now have a better idea of how this works and did not realize in the background it was applying the passport guard ontop of my Authenticate class. Upon further debugging I found it it was never working as the access token I was passing in the header was slightly incomplete. Thanks for your assistance.

from lumen-passport.