GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → renoki-co → hej

renoki-co / hej

Licence: Apache-2.0 license
Hej! is a simple authentication boilerplate for Socialite.

Programming Languages

PHP
23972 projects - #3 most used programming language

Labels

githubsocialpackagelaravelgooglegitlabfacebooktwitterauthenticationpackagesregistersocialitepassportauthentication-flowsocial-accountshejsocialite-provider

Projects that are alternatives of or similar to hej

Auth
:atom: Social (OAuth1\OAuth2\OpenID\OpenIDConnect) sign with PHP
Stars: ✭ 457 (+311.71%)
Mutual labels:  social, facebook
Social Login Helper Deprecated
A simple android library to easily implement social login into your android project
Stars: ✭ 81 (-27.03%)
Mutual labels:  social, facebook
Befriended
Eloquent Befriended brings social media-like features like following, blocking and filtering content based on following or blocked models.
Stars: ✭ 596 (+436.94%)
Mutual labels:  social, package
Flutter auth buttons
Flutter buttons for social platforms
Stars: ✭ 114 (+2.7%)
Mutual labels:  package, facebook
LeonSocialLogin
Leon Social Login is an Android library written to Integrate (Twitter, Facebook, Google, SnapChat) login.
Stars: ✭ 16 (-85.59%)
Mutual labels:  social, facebook
Npmvet
A simple CLI tool for vetting npm package versions
Stars: ✭ 193 (+73.87%)
Mutual labels:  package, packages
Vuepress Plugin Social Share
📣 Social sharing plugin for VuePress
Stars: ✭ 27 (-75.68%)
Mutual labels:  social, facebook
video-downloader
Video Downloader for Facebook.
Stars: ✭ 63 (-43.24%)
Mutual labels:  package, facebook
Socialblocklists
Blocklists to block the communication to social networking sites and privacy harming services
Stars: ✭ 161 (+45.05%)
Mutual labels:  social, facebook
Laravel Passport Social Grant
🔒 API authentication via social networks for your Laravel application
Stars: ✭ 142 (+27.93%)
Mutual labels:  social, passport
Repology Updater
Repology backend service to update repository and package data
Stars: ✭ 348 (+213.51%)
Mutual labels:  package, packages
hashtag.io
Hashtag.io is a PHP based social networking website, which supports exclusive multimedia content, sharing and private or group messaging service.
Stars: ✭ 64 (-42.34%)
Mutual labels:  social, facebook
larafy
Larafy is a Laravel package for Spotify API. It is more like a wrapper for the Spotify API.
Stars: ✭ 53 (-52.25%)
Mutual labels:  package, packages
aboutmeinfo-telegram-bot
ℹ️ About Me Info Bot: Share your social media and links on Telegram
Stars: ✭ 20 (-81.98%)
Mutual labels:  social, facebook
aplus
Aplus Command Line Tool
Stars: ✭ 71 (-36.04%)
Mutual labels:  package, gitlab
Opensource Socialnetwork
Open Source Social Network (OSSN) is a social networking software written in PHP. It allows you to make a social networking website and helps your members build social relationships, with people who share similar professional or personal interests. It is available in 16 international languages.
Stars: ✭ 710 (+539.64%)
Mutual labels:  social, facebook
repology-rules
Package normalization ruleset for Repology
Stars: ✭ 67 (-39.64%)
Mutual labels:  package, packages
repology-webapp
Repology web application
Stars: ✭ 114 (+2.7%)
Mutual labels:  package, packages
Svelte Social Auth
Social Auth for Svelte v3
Stars: ✭ 86 (-22.52%)
Mutual labels:  social, facebook
laravel-passport-socialite
The missing social authentication plugin (i.e. SocialGrant) for laravel passport.
Stars: ✭ 50 (-54.95%)
Mutual labels:  socialite, passport
View All Similar Projects ➔

Hej! - a Socialite authentication flow implementation

CI codecov StyleCI Latest Stable Version Total Downloads Monthly Downloads License

Hej! is a simple authentication flow implementation for Socialite. Out-of-the-box, Hej! can help you login and register users using Socialite providers, or link and unlink social accounts, just by extending a controller.

🤝 Supporting

If you are using one or more Renoki Co. open-source packages in your production apps, in presentation demos, hobby projects, school projects or so, sponsor our work with Github Sponsors. 📦

🚀 Installation

You can install the package via composer:

composer require renoki-co/hej

Publish the config:

$ php artisan vendor:publish --provider="RenokiCo\Hej\HejServiceProvider" --tag="config"

Publish the migrations:

$ php artisan vendor:publish --provider="RenokiCo\Hej\HejServiceProvider" --tag="migrations"

🙌 Usage

For the user (or any Authenticatable instance) you should add the HasSocialAccounts trait and the Sociable interface:

use RenokiCo\Hej\Concerns\HasSocialAccounts;
use RenokiCo\Hej\Contracts\Sociable;

class User extends Authenticatable implements Sociable
{
    use HasSocialAccounts;

    //
}

Out-of-the-box, it works with any Laravel application.

After you have configured Socialite, the only thing to do is to point your desired redirect and callback paths to the package controller:

Route::get('/social/{provider}/redirect', [\RenokiCo\Hej\Http\Controllers\SocialController::class, 'redirect']);
Route::get('/social/{provider}/callback', [\RenokiCo\Hej\Http\Controllers\SocialController::class, 'callback']);

Route::middleware('auth')->group(function () {
    Route::get('/social/{provider}/link', [\RenokiCo\Hej\Http\Controllers\SocialController::class, 'link']);
    Route::get('/social/{provider}/unlink', [\RenokiCo\Hej\Http\Controllers\SocialController::class, 'unlink']);
});

The paths can be any, as long as they contain a first parameter which is going to be the provider you try to authenticate with. For example, accessing this link will redirect to Github:

https://my-link.com/social/github/redirect

Extending Controllers

Hej! is really flexible and does a lot of things in the background to register or login using Socialite.

However, you need to extend the controller and you will then be able to replace some methods to customize the flow.

use RenokiCo\Hej\Http\Controllers\SocialController;

class MySocialController extends SocialController
{
    //
}

Then you should point the routes to the new controller.

Provider whitelisting

Due to the fact that the endpoints are opened to get any provider, you can whitelist the Socialite provider names that can be used:

/**
 * Whitelist social providers to be used.
 *
 * @var array
 */
protected static $allowedSocialiteProviders = [
    //
];

For example, allowing only Facebook and Github should look like this:

protected static $allowedSocialiteProviders = [
    'facebook',
    'github',
];

If one of the providers accessed via the URL is not whitelisted, a simple redirect is done automatically. However, you can replace it and redirect to your custom redirect action.

Custom Socialite Redirect & Retrieval

With Socialite, you can use ->redirect() to redirect the user and ->user() to retrieve it. You can customize the instances by replacing getSocialiteRedirect and getSocialiteUser.

Here is the default configuration:

/**
 * Get the Socialite direct instance that will redirect
 * the user to the right provider OAuth page.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  string  $provider
 * @return mixed
 */
protected function getSocialiteRedirect(Request $request, string $provider)
{
    return $this->socialite
        ->driver($provider)
        ->redirect();
}

/**
 * Get the Socialite User instance that will be
 * given after the OAuth authorization passes.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  string  $provider
 * @return \Laravel\Socialite\AbstractUser
 */
protected function getSocialiteUser(Request $request, string $provider)
{
    return $this->socialite
        ->driver($provider)
        ->user();
}

Registering new users

When the Social account that the user logged in is not registered within the database, it creates a new authenticatable model, but in order to do this, it should fill it with data.

By default, it fills in using Socialite Provider's given data and sets a random 64-letter word password:

/**
 * Get the Authenticatable model data to fill on register.
 * When the user gets created, it will receive these parameters
 * in the `::create()` method.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  string  $provider
 * @param  \Laravel\Socialite\AbstractUser  $providerUser
 * @return array
 */
protected function getRegisterData(Request $request, string $provider, $providerUser): array
{
    return [
        'name' => $providerUser->getName(),
        'email' => $providerUser->getEmail(),
        'email_verified_at' => now(),
        'password' => Hash::make(Str::random(64)),
    ];
}

Handling duplicated E-Mail addresses

Sometimes, it can happen for the users to have an account created with E-Mail address only, having no social accounts. A new social account with the same E-Mail address will trigger a new authenticatable record in the database on callback.

For this, a Redirect is made to handle this specific scenario.

Filling the Social table

After registration or login, the Socialite data gets created or updated, either the user existed or not.

By default, it's recommended to not get overwritten, excepting for the fact you want to change the table structure and extend the Social model that is also set in config/hej.php.

/**
 * Get the Social model data to fill on register or login.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  string  $provider
 * @param  \Illuminate\Database\Eloquent\Model  $model
 * @param  \Laravel\Socialite\AbstractUser  $providerUser
 * @return array
 */
protected function getSocialData(Request $request, string $provider, $model, $providerUser): array
{
    return [
        'provider_nickname' => $providerUser->getNickname(),
        'provider_name' => $providerUser->getName(),
        'provider_email' => $providerUser->getEmail(),
        'provider_avatar' => $providerUser->getAvatar(),
    ];
}

Callbacks

Right before the user is authenticated or registered successfully, there exist callback that trigger and you can replace them for some custom logic.

/**
 * Handle the callback after the registration process.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  \Illuminate\Database\Eloquent\Model  $model
 * @param  \Illuminate\Database\Eloquent\Model  $social
 * @param  \Laravel\Socialite\AbstractUser  $providerUser
 * @return void
 */
protected function registered(Request $request, $model, $social, $providerUser)
{
    //
}

/**
 * Handle the callback after the login process.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  \Illuminate\Database\Eloquent\Model  $model
 * @param  \Illuminate\Database\Eloquent\Model  $social
 * @param  \Laravel\Socialite\AbstractUser  $providerUser
 * @return void
 */
protected function authenticated(Request $request, $model, $social, $providerUser)
{
    //
}

/**
 * Handle the callback after the linking process.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  \Illuminate\Database\Eloquent\Model  $model
 * @param  \Illuminate\Database\Eloquent\Model  $social
 * @param  \Laravel\Socialite\AbstractUser  $providerUser
 * @return void
 */
protected function linked(Request $request, $model, $social, $providerUser)
{
    //
}

/**
 * Handle the callback after the unlink process.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  \Illuminate\Database\Eloquent\Model  $model
 * @param  string  $provider
 * @return void
 */
protected function unlinked(Request $request, $model, string $provider)
{
    //
}

Redirects

You are free to overwrite the actions' redirects within the controller:

use Illuminate\Support\Facades\Redirect;
use Illuminate\Support\Facades\Session;

/**
 * Specify the redirection route after successful authentication.
 *
 * @param  \Illuminate\Database\Eloquent\Model  $model
 * @return \Illuminate\Http\RedirectResponse
 */
protected function redirectToAfterAuthentication($model)
{
    return Redirect::route('home');
}

/**
 * Specify the redirection route to let the users know
 * the authentication using the selected provider was rejected.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  string  $provider
 * @return \Illuminate\Http\RedirectResponse
 */
protected function redirectToAfterProviderIsRejected(Request $request, $provider)
{
    return Redirect::route('home');
}

/**
 * Specify the redirection route to let the users know
 * the E-Mail address used with this social account is
 * already existent as another account. This is most often
 * occuring during registrations with Social accounts.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  string  $provider
 * @param  \Laravel\Socialite\AbstractUser  $providerUser
 * @return \Illuminate\Http\RedirectResponse
 */
protected function redirectToAfterDuplicateEmail(Request $request, $provider, $providerUser)
{
    return Redirect::route('home');
}

Link & Unlink

Prior to creating new accounts or logging in with Socialite providers, Hej! comes with support to link and unlink Social accounts to and from your users.

You will need to have the routes accessible only for your authenticated users:

Route::middleware('auth')->group(function () {
    Route::get('/social/{provider}/link', [\RenokiCo\Hej\Http\Controllers\SocialController::class, 'link']);
    Route::get('/social/{provider}/unlink', [\RenokiCo\Hej\Http\Controllers\SocialController::class, 'unlink']);
});

Further, you may access the URLs to link or unlink providers.

Additionally, you may implement custom redirect for various events happening during link/unlink:

use Illuminate\Support\Facades\Redirect;
use Illuminate\Support\Facades\Session;

/**
 * Specify the redirection route to let the users know
 * the social account is already associated with their account.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  string  $provider
 * @param  \Illuminate\Database\Eloquent\Model  $model
 * @return \Illuminate\Http\RedirectResponse
 */
protected function redirectToAfterProviderIsAlreadyLinked(Request $request, $provider, $model)
{
    return Redirect::route('home');
}

/**
 * Specify the redirection route to let the users know
 * the social account is associated with another account.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  string  $provider
 * @param  \Illuminate\Database\Eloquent\Model  $model
 * @param  \Laravel\Socialite\AbstractUser  $providerUser
 * @return \Illuminate\Http\RedirectResponse
 */
protected function redirectToAfterProviderAlreadyLinkedByAnotherAuthenticatable(
    Request $request, $provider, $model, $providerUser
) {
    return Redirect::route('home');
}

/**
 * Specify the redirection route to let the users know
 * they linked the social account.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  \Illuminate\Database\Eloquent\Model  $model
 * @param  \Illuminate\Database\Eloquent\Model  $social
 * @param  \Laravel\Socialite\AbstractUser  $providerUser
 * @return \Illuminate\Http\RedirectResponse
 */
protected function redirectToAfterLink(Request $request, $model, $social, $providerUser)
{
    return Redirect::route('home');
}

/**
 * Specify the redirection route to let the users
 * they have unlinked the social account.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  \Illuminate\Database\Eloquent\Model  $model
 * @param  string  $provider
 * @return \Illuminate\Http\RedirectResponse
 */
protected function redirectToAfterUnlink(Request $request, $model, string $provider)
{
    return Redirect::route('home');
}

Custom Authenticatable

When trying to login or register, the package uses the default App\User as defined in config/hej.php. However, this can easily be replaced at the request level:

/**
 * Get the model to login (or register).
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  string  $provider
 * @return string
 */
public function getAuthenticatable(Request $request, string $provider)
{
    return config('hej.default_authenticatable');
}

For example, you can change the model to authenticate as for different Socialite providers:

public function getAuthenticatable(Request $request, string $provider)
{
    if ($provider === 'medium') {
        return \App\AnotherUser::class;
    }

    return config('hej.default_authenticatable');
}

Keep in mind that the model should also use the Trait and the Interface and be Authenticatable.

🐛 Testing

vendor/bin/phpunit

🤝 Contributing

Please see CONTRIBUTING for details.

🔒 Security

If you discover any security related issues, please email [email protected] instead of using the issue tracker.

🎉 Credits

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].