1

I am writing an API at the moment in Laravel, and using passport. My client will consume it's own API, so I am using personal access in Passport.

I am not wanting to show my oauth route and grant id, or secret in the POST request so I have created a route that sits the user posts too to login, and then deals with send a POST request to the oauth/token route, like below, 

protected function authenticate(Request $request) {
        //return $request->input();
        //return Response::json($this->client);
        $email = $request->input('username');
            $password = $request->input('password');
            $request->request->add([
                'username' => $email,
                'password' => $password,
                'grant_type' => 'password',
                'client_id' => $this->client->id,
                'client_secret' => $this->client->secret,
                'scope' => '*'
            ]);

            $tokenRequest = Request::create(
                env('APP_URL').'/oauth/token',
                'post'
            );

            return Route::dispatch($tokenRequest)->getContent();

        }

My problem is that my authentication returns 200 irrespective of whether the oauth login was successful. Is there a way to fire a route from a controller and return that http code for that rather than the method it was called from http response?

Udders
  • 6,914
  • 24
  • 102
  • 194
  • If your frontend is consuming the API directly and within the same application and using JavaScript, you can simply use the built-in CSRF token. Have you seen this? https://laravel.com/docs/5.3/passport#consuming-your-api-with-javascript – tptcat Oct 02 '16 at 14:48
  • Possible duplicate of [Access Controller method from another controller in Laravel 5](http://stackoverflow.com/questions/30365169/access-controller-method-from-another-controller-in-laravel-5) – tptcat Oct 02 '16 at 15:52

1 Answers1

2

this should fix the problem.

$data = [
        'grant_type'=> 'password',
        'client_id'=> 99,
        'client_secret'=> 'hgfhfhjnhnjnjnjnj',
        'username'=> $request->username,
        'password'=> $request->password,
        'scopes'=> '[*]'
    ];
$request = Request::create('/oauth/token', 'POST', $data);
return app()->handle($request);
OmEr
  • 31
  • 7
  • Welcome to Stack Overflow! Please don't answer just with source code. Try to provide a nice description about how your solution works. See: [How do I write a good answer?](https://stackoverflow.com/help/how-to-answer). Thanks – sɐunıɔןɐqɐp Sep 30 '18 at 08:01
  • It helped though. – Robert May 25 '20 at 21:07