How to authorize a user from another site?

P

page4042020-12-06 22:28:18

Laravel

page404, 2020-12-06 22:28:18

there are two sites. one receives all data from site 2 (api) because DB one with which the site2 is connected.
On site 1, the user enters a login password in the form to enter site1 - site1 sends a request to site 2 with the data entered by the user (login, password) to the corresponding api route - which, in turn, calls the controller in which the user is searched in the database with such data and if it is, then sends a response to site 1 (true falls or whatever is required). (on Laravel 5...)

site1:
web.php

Route::post('/login','[email protected]')->name('login');

HomeController.php

namespace App\Http\Controllers;
use Illuminate\Http\Request;
use GuzzleHttp\Exception\GuzzleException;
use GuzzleHttp\Client as GuzzleClient;

class HomeController extends Controller
{   
    public function login(Request $request)
    {
            $email = $request->email;
            $pass = $request->password;
       
             $client = new GuzzleClient([
                                                         'base_uri' => 'http://site1/api/',  
                                                       ]);
             $responce = $client->request('POST', 'login', [
   'headers' => [
    ???? - и обязательно ли ?     
                         ],
    'form_params' => [  
     'data_form' => [
      'email' => $email, 
   'password'=>$pass
     ]
      ]);

        $body = $responce->getBody();
          dd($body->getContents());

    }

site2
api.php ApiController.php

Route::post('login', '[email protected]');

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use App\User;

class ApiController extends Controller
{
    public function login(Request $request)
    {
         $emailUser = trim($request->data_form['email']);
         $passUser =trim($request->data_form['password']);

            $userFrom = User::where('email',$emailUser)->get();
        
            dd($userFrom->id);
    }

error:
Server error: `POST site2/api/login ` resulted in a `500 Internal Server Error` response: ......Illuminate\Database\QueryException: SQLSTATE[HY000] [1049] Unknown database 'laravel' ( S (truncated...)
i.e. trying to make a request to site1 in its database (if you change the database in site 1 in .env to the database of site 2, everything is OK).

Why is this happening? it turns out that site 1 uses only the code that on site 2 to get into my database.But I need site 1 to give data and wait for a response from site 2 (which will be checked and the like)
what's wrong?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

I

Ilya Chubarov, 2020-12-07
@agoalofalife

The error can be in different places, here we do not have all the information, it turns out that we can only make assumptions.
- Error in configuration files. Check that your .env files or config/database.php match all the options.
- Check that the database (which you rely on) exists and is available in any other way (via the terminal) according to the parameters that you specify in the config files.
About the code
I don’t know which version of Laravel you are using, but trim has been available since version 5.4 of the Guzzle documentation
, you can first get it from the container in the login method and configure it in the service provider.
Variables can not be created, but immediately transferred where necessary, since there is no need for this.

$email = $request->email;
    $pass = $request->password;

It's the same story here, snakecase is bad practice, and there is no need to create additional nesting in sts either.

$emailUser = trim($request->data_form['email']);
 $passUser =trim($request->data_form['password']);

Regarding the task
On site 1, which you have a client, you will need to additionally organize middleware to check the session or you can write your own custom user provider, documentation
Also think about whether you will have more clients and you may need to organize some kind of central authentication service.