vteam #164 recently handled a project for an event and ticketing management system (software). It uses RESTful web services interface for tickets and events administration built using Laravel 4.2. Using these web services customers can login, register, add tickets, update tickets, and delete tickets in the shopping cart. The site admin can manage gift cards, promo codes, user orders, invoicing and all related operations.
The existing system used authentication/authorization functions like Auth::attempt(), Auth::check(), Auth::user() and Auth::id() for login. These functions use database calls underneath. New web service end points had already been developed for authentication/authorization from the client’s side. But by default, Laravel 4.2 doesn’t support authentication process through service end points. That is why, vteams engineer Ehtasham Nasir was required to replace these database calls.
Laravel 4.2 has only two built-in authorization drivers i.e. Database & Eloquent. It also overrides custom drivers but these are only driven for PDO, SQL Lite and MSSQL databases (not for web service end points). vteam #164 had two options to resolve this problem:
- Change authentication/authorization code for all pages where the above mentioned functions were used.
- Implement a generic way without changing the existing code/functions so that they could work as they were. However, actual authorization/authentication would be performed through web service end points at a single location using web services as a default authorization wrap.
For login authentication, Ehtasham used custom authentication driver hooks and then customized them to support web services end points. For future use in any laravel project, he also wrapped them in a custom package.
The package configuration was generated in the default app/config directory. Now, the following functions are being used as they were but the functionality underneath them is using web service end points:
To develop a custom authentication driver for web service endpoints, the above solution was implemented that enabled vteam #164 to avail custom driver provision. The Custom API Authentication Driver Package is now ready to be released as an Open Source solution.