If you'd like to view the source code featured in this video, you can check it out here: github.com/aschmelyun/video-auth-laravel-passport Also I'm using a new style of recording and editing in this video where I talked while recording, instead of doing them separately like my previous videos. If you noticed a difference and did (or did not) like it compared to my previous videos, please let me know below!
Greate tutorial, I was able to learn the concept behind this and how to integrate laravel/passport to my api. Thank you so much for this. Hoping to find more useful tutorial from you. God bless!
Thanks Andrew for a great video as always. As a sidenote, am loving your updated thumbnail style (Legend has it you have updated even past videos with this new style)
hi Andrew Schmelyun, thanks for the video. Whats the flow to get an authorization code for mobile application? Should the mobile app user should redirect to the browser for authentication and follow the same process as in web or there is another process for mobile application?
hi, I have an error with Authorizing A Client ( "hint": "Cannot decrypt the authorization code"). I searched for this error on google but it is not clear and I can't understand it. Thanks!
Hi, Andrew thank you so much for this, I am implementing the same thing, but I got one blocker, if a user does not verify their emails, still that endpoint of authorize will be consumed regardless of user email verification, any idea on how to check email verification before issuing that code
How would you go about making this work for a separated front end that's following a micro-service architecture? I have Project #1: Laravel Back End and Project #2: VueJS Front End What's the correct way to continue? A) Create a dedicated middleman route to hit externally, which hits the client creation route internally. B) Redirect To a Client Management page inside of the Backend project.
hi...im new to laravel passport...my project is multipage app...how should i handle for refresh token??do i have to check token expiry on each request??
How to use client id and client_secret in the frontend? cause they are needed for authorization API, so somebody can see in the frontend. So how to use it securely? Please reply. I am using the Oauth2 passport library in laravel and frontend angular.
i think i have listened your voice somewhere ?? may be in the "Windows Narrator", the exactly the same voice as you, I came to your video from the laracast series and channels
Yes, you definitely can. They both serve kind of separate purposes though. If you want to just authenticate some users to your application and be able to provide them an auth token, I'd reach for Sanctum.
I don't think you neeeeed to, but it's probably a good idea so your users can manage permissions for their authorized/connected apps, I think. Otherwise there would be no way for your users to remove permissions
If you'd like to view the source code featured in this video, you can check it out here: github.com/aschmelyun/video-auth-laravel-passport
Also I'm using a new style of recording and editing in this video where I talked while recording, instead of doing them separately like my previous videos. If you noticed a difference and did (or did not) like it compared to my previous videos, please let me know below!
Greate tutorial, I was able to learn the concept behind this and how to integrate laravel/passport to my api. Thank you so much for this. Hoping to find more useful tutorial from you.
God bless!
Thanks Andrew for a great video as always.
As a sidenote, am loving your updated thumbnail style (Legend has it you have updated even past videos with this new style)
Thanks, I'm glad you're liking the new style!
Thank you so much for the detailed explanation
Great help for Laravel passport package usage,
Thanks.👍
Thank you very much for this video!
Thanks for amazing content!!!!👍
Thanks for detailed explanation
I'm glad you liked it!
THis example if the passport used in the same system. How about if they are in the different system?
Hey Andrew, what if we are using an API instead of having a client? Will it be the same flow?
Great Explanation.. But how can I get the refresh token without sending the client secret (I'm using PKCE)? Can anyone explain it to me?
Which dev tool did you use in this video?
How do i implement this with a frontend built
hi Andrew Schmelyun, thanks for the video. Whats the flow to get an authorization code for mobile application? Should the mobile app user should redirect to the browser for authentication and follow the same process as in web or there is another process for mobile application?
great channel🤩🤩
how can i logout, reset password...
Thank you, and how to get the details for the domain that is used in our API
hi, I have an error with Authorizing A Client ( "hint": "Cannot decrypt the authorization code"). I searched for this error on google but it is not clear and I can't understand it. Thanks!
hi
I am using passport oauth2 in lumen
I got error Authorization request was not present in the session.
I am receiving 'Unauthenticated ' message when trying to access data using access-token
Hi, Andrew thank you so much for this, I am implementing the same thing, but I got one blocker, if a user does not verify their emails, still that endpoint of authorize will be consumed regardless of user email verification, any idea on how to check email verification before issuing that code
Must a client belong to a user? why did passport create 2 clients with user_id == null? Can those 2 clients be used?
Great tutorial. The keyboard sound bit annoying though
is the scope on passport same with access permission for the user?
Which IDE/editor you are using?
and it's settings? :) please share
How would you go about making this work for a separated front end that's following a micro-service architecture?
I have Project #1: Laravel Back End
and Project #2: VueJS Front End
What's the correct way to continue?
A) Create a dedicated middleman route to hit externally, which hits the client creation route internally.
B) Redirect To a Client Management page inside of the Backend project.
Hi, I have same scenario did you get the solution ?
can make 1 token oauth api to use the other api in laravel passport?
How to create your dashboard UI? Please share more your clip.
how to connect keycloak.
hi...im new to laravel passport...my project is multipage app...how should i handle for refresh token??do i have to check token expiry on each request??
Phostorm
How to use client id and client_secret in the frontend? cause they are needed for authorization API, so somebody can see in the frontend. So how to use it securely? Please reply. I am using the Oauth2 passport library in laravel and frontend angular.
OAuth authors recommend to use PKCE flow in this case.
Who is My Client? Logged in User?
look at this cool tutorial !
you miss how to handle the state field
is anyone else getting Undefined method 'routesAreCached' ? You have any idea what that is?
I'm new to laravel, and I'm also getting this error, haven't figured out any solution yet. :(
change it to this
/** @var CachesRoutes $app */
$app = $this->app;
if (!$app->routesAreCached()) {
Passport::routes();
}
i think i have listened your voice somewhere ?? may be in the "Windows Narrator", the exactly the same voice as you, I came to your video from the laracast series and channels
is it brad? 🤣
can I use sanctum and passport at the same time?
Yes, you definitely can. They both serve kind of separate purposes though. If you want to just authenticate some users to your application and be able to provide them an auth token, I'd reach for Sanctum.
thank you sir
Why I got null, when I trying “dd($request->user()->clients)” that I created a Passport Client after?
how did you fix it?
@@franzkafka9734 run the migration
@@Hann0T thx
@@franzkafka9734 How????????
Awesome!
Which theme are you using in phpstorm?
I'm using the Material UI plugin, and the Atom One Dark color scheme with it.
still valid in Laravel 10?
no
what IDE is this?
This is PHPStorm, with the Material Theme UI package
❤️❤️❤️❤️❤️
Why would we need to make a crud for the OAuth client
I don't think you neeeeed to, but it's probably a good idea so your users can manage permissions for their authorized/connected apps, I think. Otherwise there would be no way for your users to remove permissions
You sound and talk exactly like Not Just Bikes... what the hell, for a second i thought he does laravel tutorials lol...
could have at least finished by saying how to return a better unauthorized result instead of a full trace
Man, too much unnecessary scenes, why do i need to watch the video if u just saying something on the page which i can read on ?
Then read the docs and don't watch the video.