Social Authentication with Laravel
This episode is for members only

Sign up to access "Social Authentication with Laravel" right now.

Get started
Already a member? Sign in to continue
Playing
06. Storing a user

Episodes

0%
Your progress
  • Total: 1h 4m
  • Played: 0m
  • Remaining: 1h 4m
Join or sign in to track your progress

Transcript

00:00
So once again, creating a user once we redirect back
00:03
isn't quite as simple as it seems. We do want to create a user, but we do not want any duplicate users. Remember, what this is going to be
00:12
is a sign-in plus a create a user. So once the user has first authenticated with the service that we want to use and they're redirected back, that will create the user and sign them in.
00:24
But the next time around, we don't want to create another user account for them. So there's a couple of things that we're going to want to either tweak or check out for.
00:32
OK, so let's just make sure that our sign-in process is working. So I'm going to click on this. We won't get our initial screen for this particular service. We'll just be redirected straight back.
00:42
And again, this will give us all of the details that we need. OK, so what we want to do here is obviously create a user. So let's go and just assign this to a user variable. And we'll go down here and just start to create this user out.
00:57
So I'm going to use the user model. And we'll go ahead and create this. And of course, we want to go ahead and add in the xid, which as we know because we looked at the class earlier,
01:07
we can just use the getId method for this. And we're going to want to store in the user's name. So we can just say getName. And we're going to want to store the user's email address
01:18
as well. And again, we'll just use getEmail. OK, so this looks like it's probably going to work. But let's just see what's going to happen here.
01:27
So I'm actually going to go and head straight back over to our auth page, hit sign in with x. And once we're returned, we should have that data in the database.
01:37
Great. So we've got an email address. We've got a name. And of course, we've got that xid.
01:42
Now, when I come back to this application a little bit later and I want to sign in, what's going to happen is when I do that, it's going to redirect us back. And we're going to end up with an error
01:54
because we are creating a user account again here. But there's no check that we're performing to stop that happening. So what we're going to want to do in here
02:02
is either use an if statement. Or in this case, what we can do is say update or create. So we could say update or create. The first array here we give is what's unique to this.
02:16
Now, what's unique is the xid, which we could have set over in our add x to users table. So we could have appropriately added a unique column in there, which I'm actually going to leave in there
02:29
because that's pretty important. And then we can move this over to here. So what this will do is it will update this user with a new name and email from this service
02:40
only if this doesn't exist. Now, update or create might not be what you want. What you might want to do is use first or create. So if you did want to keep the name and the email address
02:52
up to date with what the user is using on the service, you could do that. And it will refill it. But I think first or create is much more appropriate
03:00
because we don't really want to kind of sync these up between the services. OK, let's try this out. So I'm going to go over to the database.
03:06
I'm going to get rid of this user in the database. And we're going to head back over to our start page. Let's click on this. We'll, of course, be redirected back.
03:15
And that will create that user's account. Now, when we do this again, so if we go over to here and hit this again, we are not going to create that user again.
03:25
We'll just grab the first instance of it based on that xid. And sure enough, we don't end up with a duplicate or an error. So although it seems pretty straightforward, first of all,
03:35
we need to really think about these things and how our app's going to work. OK, so the next step is actually authenticating the user. This is pretty straightforward.
03:44
All we want to now do is say Auth and Login. And then let's just take what we've got here. And we'll put that directly into Login inside of here. We're going to be changing this up later anyway.
03:57
So User First or Create, that's either going to grab the user who wants to sign in or create an account. And it's going to pass that directly to Auth Login and, of course, log them in.
04:06
Now, the last step we need to do is return and redirect somewhere. So I'm going to go ahead and redirect over. Now, it's up to you how you implement this.
04:15
But over in the Root Service Provider within Laravel, what you'll find is this home page here, this constant that you can use anywhere in your app. So I'm going to go ahead and reference our Root Service
04:27
Provider. And I'm just going to reference that home constant. But you can choose any route to redirect to. OK, great.
04:34
So now we are creating or looking the user up, logging them in, and then redirecting. Let's go over and see what we get. So I'm going to go and go straight back to Auth here.
04:44
I'm going to get rid of this in the database. And I'm going to hit Sign In with X. Of course, that's already been authenticated. So if we just redirect straight back, we're logged in.
04:54
We can head over to our profile. We can see all of the data that's come directly from Twitter. And we're good to go.
05:00
Everything is just going to work normally now. Now, if I log out and then I log back in, that's just going to look that user up now that's already been created, pass it back to Auth Login,
05:10
and we're signed in. So we've now completed the entire social authentication flow with one service. But we kind of want to look at how we add more services really
05:22
conveniently. If we look at what we've done so far, we're just assuming that we're always authenticating with X and we don't have any other services.
05:31
We don't really want to duplicate a bunch of controllers to have a controller per service. We want to make this a little bit more flexible. So let's go over and look at that next.

Episode summary

In this episode, we focus on properly storing a user when they sign into our app using a social login (like Twitter/X). After the user authenticates and is redirected back to our app, our job is to create a user account for them—but only if they don’t already have one. We talk through why it’s important to avoid creating duplicate users every time someone signs in, and how to make sure we handle this correctly.

We cover how to pull in the details we need (like the user's ID, name, and email) and store those in the database. To avoid duplicates, we look at different database methods: updateOrCreate (which will update data if the user already exists, or create them if not), and firstOrCreate (which only creates a new user if one doesn’t exist yet, keeping things simple). We discuss why firstOrCreate is probably the right fit for most situations here.

Once the user is securely in the database, we move on to logging them in and redirecting them to the home page or wherever you want. There’s a quick check to make sure everything works smoothly—you can log out and log back in, and you won’t ever get a duplicate user or an error.

Finally, we talk briefly about how this setup currently assumes you only have one social provider (Twitter/X), and start thinking about making it more flexible to support other services in the future. That’s what we’ll look at next!

Episode discussion

No comments, yet. Be the first!