Social Authentication with Laravel

Sign in Get started

This episode is for members only

Sign up to access "Social Authentication with Laravel" right now.

Already a member? Sign in to continue

Playing

10. Allowing a user to set a password

Episodes

0%

Your progress

Total: 1h 4m
Played: 0m
Remaining: 1h 4m

Join or sign in to track your progress

01. Introduction

01. Introduction and demo

02. Laravel Socialite Basics

03. OAuth redirect basics

04. Getting user data on redirect

05. Updating the user table

06. Storing a user

03. Making it reusable

07. Factory basics

08. Using a factory to create users

04. Implementation examples

05. Extras

10. Allowing a user to set a password

11. Triggering email verification

12. Redirecting to the social authentication route

Transcript

00:00

OK, so we have one problem here. Depending on the starter kit you're using, or if you're using a starter kit at all,

00:06

you're eventually going to want users to change their password. Now, because we're using social authentication here just to log the user in and create an account, that means that they now have an account on your app,

00:18

but they also have the ability to set a password. So of course, you can change around the flow here to just disable passwords altogether if you're not allowing users to register with an e-mail address

00:29

and a password, but in our case, we have this update password bit here. So personally, I'd like users to be able to set a password and log in with their username

00:40

and password if they wanted to. OK, so we've got this update password here. When I try and set this, the problem that we have is over in the database, we don't have a password column.

00:50

So I could try and set a new password in here if I wanted to, but it's not going to work. My current password is null, so even if I fill this in with something that's just

01:00

completely irrelevant, it's just not going to work. In fact, we get an error here. So we'll fix this up. So if you do want to allow passwords, this will work,

01:08

and the user can set a new password. OK, so the first thing that we need to do, if a user does not have a password, if they have just signed it up with either X or GitHub,

01:19

they don't have a current password. So we kind of want to hide this from the form. So what we're going to do is head over to the user model, and I'm going to add in a really simple helper method

01:30

on here called HasPassword. So that will just allow us to really easily use that anywhere we need. So all this is going to do is just check

01:39

if the password is not null. So we're just going to pass in the user's password here, check it's not null, and we now have a nice helper for this, so we don't have to do this in our templates.

01:49

So we're going to head over to where in Laravel Breeze specifically all of this stuff is. So if we just come over to Resources, Views, and Auth, we have the, oh no, it might be on a profile, yes.

02:03

So we've got this update password form. So let's open this up and let's look for current password, and that's just here. So we can pretty much just wrap that in an if statement.

02:14

So we'll say if user has password, then of course we want to show the current password, otherwise we don't. So let's end the if statement here,

02:24

pull this in, and there we go. So now we don't have a password, but we have the ability to set a new password if we want to. Now this still isn't going to work.

02:33

We saw an error with this earlier, so if I try and set a new password here and save that, nothing's going to work. We haven't actually set a password here.

02:42

If we just check this out, nothing's been done. So to update this, we're going to come over to the Password Controller under Controllers and Auth, and we're going to look at where this is validating.

02:51

So it's validating just here when we update this, and we are requiring a current password in here. This is required, and it needs to match the current password of the user.

03:02

Now the user doesn't have a password, and we have gotten rid of that field, so obviously we need to change this around. So there are a bunch of clever things that we could do

03:10

in here to try and sort of make these required rules go away if the user doesn't have a password, but to be honest, I'm just going to do a really simple ternary in here

03:20

and just return an empty array for the current password if we don't have a password. So we're just going to say if not auth user has password, so we'll use that helper.

03:33

If they don't have a password, we'll just give an empty array here for this current password rule. Otherwise, we'll give the standard rules

03:41

that we would expect. So that's pretty much it, to be honest. If we come over now, what we should see is when I type in a new password and hit save,

03:50

and we go over, that has now set a password. So what that means is as well as logging in with these two, I can just normally come over to login, I can enter my email address,

04:04

enter that password I just set, and I can sign in as well. So that's how easy it is to just swap that over if you wanted to allow passwords to be set

04:13

when the user has authenticated with some sort of social service. And to be honest, that is pretty much it. We are now allowing users to change their password,

04:23

and of course, we're getting rid of that current password if the user does not really have a password. So if I wanted to change my password now that I've set one, of course, that is going to work as normal.

12 episodes•1 hr 4 mins•1 year ago

Overview

Need to add social authentication to your Laravel apps? It’s almost zero effort using Laravel Socialite.

We start with the basics, add authentication with one provider, then use a design pattern to make adding additional services a breeze.

Alex Garrett-Smith

Alex Garrett-Smith

Hey, I'm the founder of Codecourse!

Episode discussion

No comments, yet. Be the first!