Laravel Socialite: Streamlining Social Authentication in Laravel Applications

This article, peer-reviewed by Wern Ancheta and other SitePoint reviewers, explores Laravel Socialite, a package simplifying social authentication.

Socialite directly supports Google, Facebook, Twitter, LinkedIn, GitHub, and Bitbucket. While no further official providers are planned, the community-driven Socialite Providers project offers numerous unofficial extensions.

This tutorial assumes a working Laravel application. Homestead Improved is suggested for a robust development environment.

Key Concepts:

• Laravel Socialite abstracts complex social login authentication.
• It supports major OAuth providers, with community-provided extensions.
• Configuration involves registering your app on each social platform to obtain credentials and updating config/services.php.
• Database schema adjustments (e.g., making email and password nullable) are necessary.
• Custom providers extend Socialite's functionality for unsupported platforms.
• The tutorial demonstrates GitHub social login, including OAuth callbacks and user authentication updates.

Standard Form-Based Authentication:

Before integrating social logins, set up Laravel's default form-based authentication:

php artisan make:auth
php artisan migrate

Navigating to /login should display a functional login page.

Adding Social Authentication with Socialite:

Install Socialite using Composer:

composer require laravel/socialite

Register the service provider and facade in config/app.php:

'providers' => [
    // ...
    Laravel\Socialite\SocialiteServiceProvider::class,
],

'aliases' => [
    // ...
    'Socialite' => Laravel\Socialite\Facades\Socialite::class,
],

Socialite is a lazy-loaded singleton service.

Configuration:

Register an OAuth application on each desired platform to obtain client ID and secret keys. Add these credentials to config/services.php:

'facebook' => [
    'client_id'     => env('FB_CLIENT_ID'),
    'client_secret' => env('FB_CLIENT_SECRET'),
    'redirect'      => env('FB_URL'),
],
// ...similar entries for other providers...

Store actual key values in your .env file.

Database Modifications:

To accommodate social logins, modify the users table schema to allow nullable email and password fields. Install doctrine/dbal:

composer require doctrine/dbal

Create a migration:

php artisan make:migration prepare_users_table_for_social_authentication --table users

Update the migration file (database/migrations/...) to make email and password nullable.

Create a model and migration for linked social accounts (LinkedSocialAccount): This migration should include user_id, provider_name, and a unique provider_id. Run php artisan migrate.

Models:

Define a one-to-many relationship between User and LinkedSocialAccount in both models. Make provider_name and provider_id mass assignable in LinkedSocialAccount.

Controllers:

Create a SocialAccountController with redirectToProvider and handleProviderCallback methods. redirectToProvider redirects to the OAuth provider. handleProviderCallback handles the callback, using a SocialAccountsService helper class to find or create users and link social accounts.

SocialAccountsService Helper Class:

This class's findOrCreate method checks for existing linked accounts or creates new users and links.

Routes:

Add routes for social login redirects and callbacks in routes/web.php:

php artisan make:auth
php artisan migrate

GitHub Login Example:

Register a GitHub OAuth application, obtain credentials, and add them to config/services.php and .env. Add a GitHub login link to your login view.

Socialite Providers Project:

The Socialite Providers project offers many unofficial providers. Replace Laravel's Socialite service provider with the Socialite Providers' service provider in config/app.php. Register each provider's event listener in app/Providers/EventServiceProvider.php.

Spotify Login Example:

Install the Spotify provider using Composer, register the app on Spotify's developer platform, add credentials to .env, and add a Spotify login link to your view.

Creating Custom Providers:

Create a provider class extending LaravelSocialiteTwoAbstractProvider and an event listener to register it. Refer to the Deezer provider example in the original article for guidance.

The complete code is available on GitHub. The article concludes with FAQs covering installation, configuration, error handling, security, and testing.

The above is the detailed content of Easily Add Social Logins to Your App with Socialite. For more information, please follow other related articles on the PHP Chinese website!