I select the "remember me" checkbox when I log in, and I check in the code that this is excecuted:
if($this->_identity->errorCode===UserIdentity::ERROR_NONE) {
$duration= 3600*24*30; // 30 days
Yii::app()->user->login($this->_identity,$duration);
return true;
}
So I am setting this. However, if I leave my browser and come back, i am logged out. Any ideas as to what I can look at that could be causing this?
You need to set allowAutoLogin in your config/main.php file to allow cookie-based login
'components' => array(
'user'=>array(
// enable cookie-based authentication
'allowAutoLogin'=>true,
...
),
...
Related
I hope someone could explain why I'm unauthenticated when already has performed a successfull Oauth 2 authentication process.
I've set up the Passport package like in Laravel's documentation and I successfully get authenticated, receives a token value and so on. But, when I try to do a get request on, let say, /api/user, I get a Unauthenticated error as a response. I use the token value as a header with key name Authorization, just as described in the docs.
Route::get('/user', function (Request $request) {
return $request->user();
})->middleware("auth:api");
This function is suppose to give back my self as the authenticated user, but I'm only getting Unauthenticated. Likewise, if I just return the first user, I'm again getting Unauthenticated.
Route::get('/test', function(Request $request) {
return App\User::whereId(1)->first();
})->middleware("auth:api");
In a tutorial from Laracast, guiding through the setup of Passport, the guider doesn't have the ->middleware("auth:api") in his routes. But if its not there, well then there's no need for authentication at all!
Please, any suggestions or answers are more then welcome!
You have to set an expiration date for the tokens you are generating,
set the boot method in your AuthServiceProvider to something like the code below and try generating a new token. Passports default expiration returns a negative number
public function boot()
{
$this->registerPolicies();
Passport::routes();
Passport::tokensExpireIn(Carbon::now()->addDays(15));
Passport::refreshTokensExpireIn(Carbon::now()->addDays(30));
}
Check your user model and the database table, if you have modified the primary id field name to say something other than "id" or even "user_id" you MIGHT run into issues. I debugged an issue regarding modifying the primary id field in my user model and database table to say "acct_id" instead of keeping it as just "id" and the result was "Unauthenticated" When I tried to get the user object via GET /user through the auth:api middleware. Keep in mind I had tried every other fix under the sun until I decided to debug it myself.
ALSO Be sure to UPDATE your passport. As it has had some changes made to it in recent weeks.
I'll link my reference below, it's VERY detailed and well defined as to what I did and how I got to the solution.
Enjoy!
https://github.com/laravel/passport/issues/151
I had this error because of that I deleted passport mysql tables(php artisan migrate:fresh), php artisan passport:install helps me. Remember that after removing tables, you need to re-install passport!
I had exactly the same error because I forgot to put http before the project name.
use Illuminate\Http\Request;
Route::get('/', function () {
$query = http_build_query([
'client_id' => 3,
'redirect_uri' => 'http://consumer.dev/callback',
'response_type' => 'code',
'scope' => '',
]);
// The redirect URL should start with http://
return redirect('passport.dev/oauth/authorize?'.$query);
});
Route::get('/callback', function (Request $request) {
$http = new GuzzleHttp\Client;
$response = $http->post('http://passport.dev/oauth/token', [
'form_params' => [
'grant_type' => 'authorization_code',
'client_id' => 3,
'client_secret' => 'M8y4u77AFmHyYp4clJrYTWdkbua1ftPEUbciW8aq',
'redirect_uri' => 'http://consumer.dev/callback',
'code' => $request->code,
],
]);
return json_decode((string) $response->getBody(), true);
});
I use the REST api in my nodejs application.
All is working good with sandbox but when i update with live credentials i get:
{ [Error: Response Status : 401]
response:
{ error: 'invalid_client',
error_description: 'The client credentials are invalid',
httpStatusCode: 401 },
httpStatusCode: 401 }
I updated my account to buisness but still not working, i use the live endpoint and Live credentials.
What should i do in order to make this work?
I had the same issue using PayPalSDK/rest-sdk-nodejs and solved passing with the configuration parameters (host, client_id, client_secret, ...) also the parameter 'mode' set to 'live'. Otherwise the default mode used by the library is 'sandbox' and hence the impossibility to use the live credentials.
As matteo said, if you switch from dev to live environment, only updateing the client id and secret isn't enough. You need to set the ApiContext-Mode to "live".
PayPals PHP REST-API-SDK comes with some great samples. Take a look at the bootstrap.php in /vendor/paypal/rest-api-sdk-php/sample/ in line 84. There are some configurations happening, after getting the api context.
<?php
$apiContext = new ApiContext(
new OAuthTokenCredential(
$clientId,
$clientSecret
)
);
// Comment this line out and uncomment the PP_CONFIG_PATH
// 'define' block if you want to use static file
// based configuration
$apiContext->setConfig(
array(
'mode' => 'sandbox',
'log.LogEnabled' => true,
'log.FileName' => '../PayPal.log',
'log.LogLevel' => 'DEBUG', // PLEASE USE `INFO` LEVEL FOR LOGGING IN LIVE ENVIRONMENTS
'cache.enabled' => true,
// 'http.CURLOPT_CONNECTTIMEOUT' => 30
// 'http.headers.PayPal-Partner-Attribution-Id' => '123123123'
//'log.AdapterFactory' => '\PayPal\Log\DefaultLogFactory' // Factory class implementing \PayPal\Log\PayPalLogFactory
)
);
I have some question about yii authentication.
can yii create authentication for module and for site separated authentication. for example I have module learnings it will have it's own authentication. and also site has own authentication.
somesite/login - this will be site login
somesite/module_name/login - this will be module authentication
and then it can't access user from site login to module actions and
user from module login can't access site actions
where need authentication
let assume Admin is your module ,
Inside your admin/AdminModule.php file, add the following lines to the 'init' function
Yii::app()->setComponents(array(
'errorHandler' => array(
'errorAction' => 'admin/default/error',
),
'user' => array(
'class' => 'CWebUser',
'stateKeyPrefix' => '_admin',
'loginUrl' => Yii::app()->createUrl($this->getId() . '/default/login'),
),
));
for more info Module based login yii
When authenticating a user in Laravel 4, the Auth::attemp(..) method returns false if the authentication failed. Is there a way to narrow down why it failed so I can indicate to my users whether, for example, it was the password vs their username that was in error?
Thanks
No direct one, but you can always:
if ( ! User::where('email', Input::get('email'))->first())
{
/// email's wrong
}
else
{
if ( ! Auth::attempt(['email' => Input::get('email'), 'password' => Input::get('password')])
{
/// password's wrong
}
}
If you need to give this information to your user, there's nothing wrong in doing this.
I have some code in AppControler::beforeFilter()
$this->Auth->authorize = array('Actions' => array('actionPath' => 'controllers'));
$this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
$this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login');
But the Auth does not redirect me to the users/login when I'm trying to load nonpublic action in browser. Instead it redirects me to the '/'. What I'm doing wrong?
It's probably because you have not granted permissions to the Login action in the users controller. Add this to the top of the users controller:
function beforeFilter(){
parent::beforeFilter();
$this->Auth->allow('login');
}
As a side note, the loginAction already defaults to /users/login. The same goes for the logoutRedirect. Try removing both as they are not really needed since you are already wanting it to go to the default location.
UPDATE
Have you included the component in the top of the AppController?
public $components = array('Auth');
The other thing to confirm is that you are not already logged in. If you are already logged in but have not granted permission to a specific action within a controller for logged in users, it can redirect as well.