I am developing SPA in angular and backend API in laravel 5.3. I have integrated Laravel Passport for oauth.
I have to make roles and permissions implementation using views on tables from other database which is maintained by other system. In this system user has 1 role. And role has self reference so there is hierarchical structure, for example:
- canSeeAnimals
- canSeeMammals (child of canSeeAnimals)
- canSeeWolf (child of canSeeMammals)
So I am thinking of following workflow but not sure how to implement it:
- Another system manage users, roles and permissions
- API server(under my control) has access to another system tables via views:
- user
- role
- v_role_level (in this table is defined parent child relationship between roles)
- Client app(angular) request resource from the API server
API server load users data with roles and permissions and generate token with scope which is mapped to roles and permissions.
Point 4 is under the question.
How I can manage to intercept/override token generation in order generate token with scope which depends on user roles and permissions?
Best Answer
This answer seems to help with it. https://stackoverflow.com/questions/39436509/laravel-passport-scopes
When you're authenticating the user, check the database for roles and permissions. Then add the scopes to the request like they do.