I can see you use Password Grant in this example from your AuthenticationController. But when I compare with what I read in Laravel documentation : laravel.com/docs/7.x/passport#requ..., I wonder how you get to use your code for issuing access token with Password Grant flow.
I know the User model uses HasApiTokens trait that has createToken method. But there is no clue, either in that HasApiTokens trait or in your code which specifies sufficient parameters usually required for Password Grant, i.e client_id and client_secret.
Maybe I missed something, but where in your code those parameters for Password grant are supplied for requesting access token ?
As as comparison, this is code snippet I find in other article :
public function login(Request $request) {
$input = $this->validate($request, [
'email' => 'required|email|exists:users,email',
'password' => 'required|min:6',
], [
'email.exists' => 'The user credentials were incorrect.',
]);
request()->request->add([
'grant_type' => 'password',
'client_id' => env('PASSWORD_CLIENT_ID'),
'client_secret' => env('PASSWORD_CLIENT_SECRET'),
'username' => $input['email'],
'password' => $input['password'],
]);
$response = Route::dispatch(Request::create('/oauth/token', 'POST'));
$data = json_decode($response->getContent(), true);
if (!$response->isOk()) {
return response()->json($data, 401);
}
return $data;
}
We see it also includes /oauth/token route for requesting access token as always mentioned in Laravel documentation.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I can see you use Password Grant in this example from your AuthenticationController. But when I compare with what I read in Laravel documentation : laravel.com/docs/7.x/passport#requ..., I wonder how you get to use your code for issuing access token with Password Grant flow.
I know the User model uses HasApiTokens trait that has createToken method. But there is no clue, either in that HasApiTokens trait or in your code which specifies sufficient parameters usually required for Password Grant, i.e client_id and client_secret.
Maybe I missed something, but where in your code those parameters for Password grant are supplied for requesting access token ?
As as comparison, this is code snippet I find in other article :
We see it also includes /oauth/token route for requesting access token as always mentioned in Laravel documentation.