Issue
First of all, i'm not a pro in PHP development or Laravel but will try to explain my question as well as possible for me. I also try to give enough information but when something is missing, please let me know whats missing and i will add it!
Some important context about my project:
- Laravel 6.18 (will update soon if my first goal is reached)
- I use Hyn/Multi-tenant to make my application mutli tenant.
- I use a Vue front end, i give a
bearer token
to Vue via theapp.js
The application should be a multi tenant application where each tenant has its own user table. I first built everything as "single tenant". When the basic functionality was implemented and worked fine, i added Hyn/MT to make it multi tenant, moved the tenant specific tables to the tenant db folder and updated the models. Now i know it was better to start with Hyn/MT before building all the functionality but so far i got everything working fine.
After i added the multi tenant support to my project and fixed the broken functionality i decided to add an admin specific area to manage the tenants. To achieve this i added a SystemU ser
table to the master
database which contains the admin users. After that i update my web.php
so it gives the subdomain to the LoginController.guard()
function. My code:
// web.php
Route::group(array('domain' => '{subdomain}.festipay.xlan'), function () {
Route::post('login', 'Auth\LoginController@login');
});
// LoginController.php
protected function guard()
{
if (Request::route("subdomain") == "admin") {
return Auth::guard('admin_web');
} else {
return Auth::guard('web');
}
}
I also updated my config/auth.php
, it looks like this now:
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'admin_web' => [
'driver' => 'session',
'provider' => 'admin_users',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'admin_users' => [
'driver' => 'eloquent',
'model' => App\SystemUser::class,
]
],
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
],
],
Except for the mentoined changes i did not implement any admin specific logic yet. So i expect that the admin users are handeled exactly the same except for the way they are authenticated.
The tenant users who log in to e.g. tenant_x.domain.com
are redirected to /dashboard
when they login and are redirected back to /login
when they log out. The admin users who log in to admin.domain.com
are not redirected to /dashboard
when the login is successfull but are redirected back to /login
again. Offcourse this is not the expected behaviour as it should be (currenly) the same as the tenant users (so a redirect to /dasboard
when the login is succesfull)
I think that the authentication them selve works fine as the LoginController.attemptLogin()
returns true
when i use valid admin credentials and false
(and view shows wrong credetials) when i use invalid credentials.
I found in this post that is may be a session issue and i tried to apply the solution mentoined in that post. Unfortunately did adding protected $primaryKey = 'id';
to the SystemUser
class not solve the issue. I also compared the tenant User
class with the SystemUser
class but they are almost identical exccept for unimportant fields i removed from the SystemUser
like address.
I have no idea how i can find out where the issue occurs or how to solve this. The goal is that an admin which logged in succesfully is redirect to another page as the /dashboard
. Can someone help me find out what goes wrong? i'm already happy when someone can help me to get the same behaviour for the admin's as the tenants currently have.
Thanks in advance!
Update 1 @David Barker
When its about the session, i think this is important to know as well:
- I use a Vue front end, i give a
bearer tokento Vue via the
app.js``
My session config:
<?php
use Illuminate\Support\Str;
return [
'driver' => env('SESSION_DRIVER', 'file'),
'lifetime' => env('SESSION_LIFETIME', 120),
'expire_on_close' => false,
'encrypt' => false,
'files' => storage_path('framework/sessions'),
'connection' => env('SESSION_CONNECTION', null),
'table' => 'sessions',
'store' => env('SESSION_STORE', null),
'lottery' => [2, 100],
'cookie' => env(
'SESSION_COOKIE',
Str::slug(env('APP_NAME', 'laravel'), '_').'_session'
),
'path' => '/',
'domain' => env('SESSION_DOMAIN', null),
'secure' => env('SESSION_SECURE_COOKIE', false),
'http_only' => true,
'same_site' => null,
];
I did a dd($request->session();)
in the LoginController->attemptLogin();
function, see the result bellow. The result is the same for both users except for the id
and _token
. (i cleaned the cookies before the login attempt in both cases)
Illuminate\Session\Store {#490 ▼
#id: "7WI7JUWPnS4pg3EHvaxk5TOKaM9l9UXJi1zJNKuG"
#name: "festipay_session"
#attributes: array:1 [▼
"_token" => "mtMWanYGMUxFHivOqAaEmVQnHDE0hvwKkHMgCswg"
]
#handler: Illuminate\Session\FileSessionHandler {#489 ▼
#files: Illuminate\Filesystem\Filesystem {#198}
#path: "/var/www/domain.com/storage/framework/sessions"
#minutes: "120"
}
#started: true
}
Maybe this is also interesting infomation. Left are the responses for the admin (after i clicked the login
button) and right the working tenant login.
Solution
I finally found the issue. It was very easy to solve. I did not specify the auth guard
for the Route::group
.
It was like this:
Route::group(['middleware' => 'auth'], function () {
Route::get('/', function () { return redirect('/dashboard'); });
Route::get('/dashboard', function () { return view('dashboard'); })->name('dashboard');
Route::get('/logout', 'Auth\LoginController@logout')->name
I changed it to this to make it work:
Route::group(['middleware' => 'auth:system_user_web,web'], function () {
Route::get('/', function () { return redirect('/dashboard'); });
Route::get('/dashboard', function () { return view('dashboard'); })->name('dashboard');
Route::get('/logout', 'Auth\LoginController@logout')->name
Answered By - CodeNinja Answer Checked By - Robin (PHPFixing Admin)
0 Comments:
Post a Comment
Note: Only a member of this blog may post a comment.