Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

If load_user_from_database' is set to false, there is no way to get user info from db ? #108

Open
raj-saroj-vst-au4 opened this issue Mar 11, 2024 · 5 comments
Open

If load_user_from_database' is set to false, there is no way to get user info from db ? #108

raj-saroj-vst-au4 opened this issue Mar 11, 2024 · 5 comments

Comments

@raj-saroj-vst-au4
Copy link

If load_user_from_database is set to false, and i try auth()->user() it throws an empty array.

Is there any specific method available that i can call to get the user data from db ?
my flow is as follows :-
the user authenticates through keycloak > is forced on to signup page(due to a middleware that checks for user auth and signupcomplete column) > user signs up > records in db and sets signupcomplete to 1

now since i have set the load_user_from_database to false how do i get user info from db like auth()->user() or any other way ?
@robsontenorio
Copy link
Owner

If you set it to “false” of course this package won’t try to load the user from the database.

So , you need to do it by yourself using some middleware

@raj-saroj-vst-au4
Copy link
Author

raj-saroj-vst-au4 commented Mar 12, 2024
edited
Loading

but bro if the user is logging in for the first time, how would db contain user data to be able to pull his info ?
and we cant even have an unprotected api route cause of security issues.

all am asking for is a feature wherein i could define which routes i want to just authenticate(for initial signup api) and all other routes on which i want to have retrieveByCredentials or load_from_db to be true

@raj-saroj-vst-au4
Copy link
Author

raj-saroj-vst-au4 commented Mar 12, 2024
edited
Loading

can u make this method more modular
KeycloakGuard::class->validate()

so that i can call it explicitly ?
like Auth::validate($credentials, false)

where second parameter is a boolean and would define whether to load user from db or not !

for example

$loadfromdb = $this->config['load_user_from_database'];

public function validate(array $credentials = [], $loadfromdb = true)
    {
        $this->validateResources();

        if ($loadfromdb) {
            $methodOnProvider = $this->config['user_provider_custom_retrieve_method'] ?? null;

            if ($methodOnProvider) {
                $user = $this->provider->{$methodOnProvider}($this->decodedToken, $credentials);
            } else {
                $user = $this->provider->retrieveByCredentials($credentials);
            }

            if (!$user) {
                throw new UserNotFoundException("User not found. Credentials: ".json_encode($credentials));
            }
        } else {
            $class = $this->provider->getModel();
            $user = new $class();
        }

        $this->setUser($user);

        return true;
    }

@robsontenorio
Copy link
Owner

Take a look at “user_provider_custom_retrieve_method” on README.

@raj-saroj-vst-au4
Copy link
Author

Yeah i read that but, that part would execute only if the load_user_from_db is true…

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@robsontenorio @raj-saroj-vst-au4