Laravel Broadcast Authentication Not Using Standard User Auth

0
votes

I've spent a couple of days on this now and can not get my head around it. I'm using this Laravel Package Ohmybrew/Laravel-Shopify which does not use the standard Laravel auth as they have their own middleware auth.shop

The issue I am facing is because it does not use the $user variable as the default Auth is not there, broadcast authentication for WebSockets on private channels is always 403 not authorised.

I've tried returning true usings another model, does not work.

Broadcast::channel('shop.{id}', function ($user, $id) {
    $shop = ShopifyApp::shop();
    return (int) $shop->id === (int) $id;
});

I've also tried just returning true no matter what just to see. Also no luck.

Broadcast::channel('shop.{id}', function ($user, $id) {
    return true
});

I've even messed about with the PusherBroadcast.php and BroadcastManager to remove throwing the not authenticated exception. This also does not work.

I'm still getting to grips with the way Laravel works as a whole package so not sure where to look next. I've had a read up on custom auth guards but not sure that will work as the package has its own authentication.

Any steer would be greatly appreciated as I am a little out of things to try. It seems anything I do to get onto a private channel does not work.

Note: It's worth mentioning a test public channel for listening to the WebSockets works fine with the current set up. it is only the private channel authentication which is not working.

Update: Here is how I am listening to the channels

            window.Echo.private('shop.{{ ShopifyApp::shop()->id }}')
                .listen('ScheduleProcessed', function(e) {
                    console.log(e);
                });

            window.Echo.channel(`test`) // Broadcast channel name
                .listen('BroadcastTestEvent', (e) => { // Message name
                        console.log(e); // The operation performed by the message, the parameter e is the data carried
                        alert("GOT S**T");
                    }
                );

The second one for the test channel works completely fine. The 'shop' channel does not and it's partly down to broadcasting/auth always returns 403 when the client tries to connect to the private channel.

broadcast auth failing

Update 2 Seems to have something to do with the fact the default auth needs to use the $request->user() which is empty as the custom auth does not use it at all.

I've read that binding the user might work but not 100% sure how.

$request->merge(['user' => $user]);

//add this
$request->setUserResolver(function () use ($user) {
   return $user;
});
1
phplaravelshopifyphpwebsocket
Can you share the JavaScript code where you are trying to join the private channel? - George Hanson
Hi, @GeorgeHanson added the Laravel Echo code which I am using to listen to the sockets. The problem is that in the network tab, broadcasting/auth never connects as it returns 403 - Kyon147

1 Answers

1
votes

You can specify your own middleware for Broadcast routes. Something like the following should work:

Broadcast::routes(['middleware' => 'auth.shop']);

That should then use the Laravel-Shopify package to authenticate the user.

If you are using sessions, you might also need to specify that you want to use the web middleware too.

Broadcast::routes(['middleware' => ['web', 'auth.shop']]);