|
1 | 1 | # Introduction |
2 | 2 |
|
3 | | -The Adldap2 Laravel auth driver allows you to seamlessly authenticate LDAP users, |
4 | | -as well as have a local database record of the user. |
| 3 | +The Adldap2 Laravel auth driver allows you to seamlessly authenticate LDAP users into your Laravel application. |
5 | 4 |
|
6 | | -This allows you to easily attach information to the users account |
7 | | -as you would a regular laravel application. |
| 5 | +There are two primary ways of authenticating LDAP users: |
| 6 | + |
| 7 | +- Authenticate and synchronize LDAP users into your local applications database: |
| 8 | + |
| 9 | + This allows you to attach data to users as you would in a traditional application. |
| 10 | + |
| 11 | + Calling `Auth::user()` returns your configured Eloquent model (ex. `App\User`) of the LDAP user. |
| 12 | + |
| 13 | +- Authenticate without keeping a database record for users |
| 14 | + |
| 15 | + This allows you to have temporary users. |
| 16 | + |
| 17 | + Calling `Auth::user()` returns the actual LDAP users model (ex. `Adldap\Models\User`). |
| 18 | + |
| 19 | +We'll get into each of these methods and how to implement them, but first, lets go through the [installation guide](installation.md). |
| 20 | + |
| 21 | +## Quick Start - From Scratch |
| 22 | + |
| 23 | +Here is a step by step guide for configuring Adldap2-Laravel (and its auth driver) with a fresh new laravel project. This guide assumes you have knowledge working with: |
| 24 | + |
| 25 | +- Laravel |
| 26 | +- The LDAP Protocol |
| 27 | +- Your LDAP distro (ActiveDirectory, OpenLDAP, FreeIPA) |
| 28 | +- Command line tools (such as Composer and Laravel's Artisan). |
| 29 | + |
| 30 | +This guide was created with the help of [@st-claude](https://github.com/st-claude) and other awesome contributors. |
| 31 | + |
| 32 | +1. Create a new laravel project by running the command: |
| 33 | + - `laravel new my-ldap-app` |
| 34 | + |
| 35 | + Or (if you don't have the [Laravel Installer](https://laravel.com/docs/5.7#installation)) |
| 36 | + |
| 37 | + - `composer create-project --prefer-dist laravel/laravel my-app`. |
| 38 | + |
| 39 | +2. Run the following command to install Adldap2-Laravel: |
| 40 | + |
| 41 | + - `composer require adldap2/adldap2-laravel` |
| 42 | + |
| 43 | +3. Create a new database in your desired database interface (such as PhpMyAdmin, MySQL Workbench, command line etc.) |
| 44 | + |
| 45 | +4. Enter your database details and credentials inside the `.env` file located in your project root directory (if there is not one there, rename the `.env.example` to `.env`). |
| 46 | + |
| 47 | +5. If you're using username's to login users **instead** of their emails, you will need to change |
| 48 | + the default `email` column in `database/migrations/2014_10_12_000000_create_users_table.php`. |
| 49 | + |
| 50 | + ```php |
| 51 | + // database/migrations/2014_10_12_000000_create_users_table.php |
| 52 | + |
| 53 | + Schema::create('users', function (Blueprint $table) { |
| 54 | + $table->increments('id'); |
| 55 | + $table->string('name'); |
| 56 | + |
| 57 | + // From: |
| 58 | + $table->string('email')->unique(); |
| 59 | + |
| 60 | + // To: |
| 61 | + $table->string('username')->unique(); |
| 62 | + |
| 63 | + $table->string('password'); |
| 64 | + $table->rememberToken(); |
| 65 | + $table->timestamps(); |
| 66 | + }); |
| 67 | + ``` |
| 68 | + |
| 69 | +6. Now run `php artisan migrate`. |
| 70 | + |
| 71 | +7. Insert the following service providers in your `config/app.php` file (in the `providers` array): |
| 72 | + |
| 73 | + > **Note**: This step is only required for Laravel 5.0 - 5.4. |
| 74 | + > They are registered automatically in Laravel 5.5. |
| 75 | + |
| 76 | + ```php |
| 77 | + Adldap\Laravel\AdldapServiceProvider::class, |
| 78 | + Adldap\Laravel\AdldapAuthServiceProvider::class, |
| 79 | + ``` |
| 80 | + |
| 81 | +8. Now, insert the facade into your `config/app.php` file (in the `aliases` array): |
| 82 | + |
| 83 | + ```php |
| 84 | + 'Adldap' => Adldap\Laravel\Facades\Adldap::class, |
| 85 | + ``` |
| 86 | + |
| 87 | + > **Note**: Insertion of this alias in your `app.php` file isn't necessary unless you're planning on utilizing it. |
| 88 | +
|
| 89 | +9. Now run `php artisan vendor:publish` in your root project directory to publish Adldap2's configuration files. |
| 90 | + |
| 91 | + * Two files will be published inside your `config` folder, `ldap.php` and `ldap_auth.php`. |
| 92 | + |
| 93 | +10. Modify the `config/ldap.php` and `config/ldap_auth.php` files for your LDAP server configuration. |
| 94 | + |
| 95 | +11. Run the command `php artisan make:auth` to scaffold login controllers and routes. |
| 96 | + |
| 97 | +12. If you require logging in by another attribute, such as a username instead of email follow |
| 98 | +the process below for your Laravel version. Otherwise ignore this step. |
| 99 | + |
| 100 | + **Laravel <= 5.2** |
| 101 | + |
| 102 | + Inside the generated `app/Http/Controllers/Auth/AuthController.php`, you'll need to add the `protected $username` property if you're logging in users by username. |
| 103 | + |
| 104 | + ```php |
| 105 | + class AuthController extends Controller |
| 106 | + { |
| 107 | + protected $username = 'username'; |
| 108 | + ``` |
| 109 | + |
| 110 | + **Laravel > 5.3** |
| 111 | + |
| 112 | + Inside the generated `app/Http/Controllers/Auth/LoginController.php`, you'll need to add the public method `username()`: |
| 113 | + |
| 114 | + ```php |
| 115 | + public function username() |
| 116 | + { |
| 117 | + return 'username'; |
| 118 | + } |
| 119 | + ``` |
| 120 | + |
| 121 | +13. Now insert a new auth driver inside your `config/auth.php` file: |
| 122 | + |
| 123 | + ```php |
| 124 | + 'providers' => [ |
| 125 | + 'users' => [ |
| 126 | + 'driver' => 'ldap', // Was 'eloquent'. |
| 127 | + 'model' => App\User::class, |
| 128 | + ], |
| 129 | + ], |
| 130 | + ``` |
| 131 | + |
| 132 | +14. Inside your `resources/views/auth/login.blade.php` file, if you're requiring the user logging in by username, you'll |
| 133 | + need to modify the HTML input to `username` instead of `email`. Ignore this step otherwise. |
| 134 | + |
| 135 | + From: |
| 136 | + ```html |
| 137 | + <input type="email" class="form-control" name="email" value="{{ old('email') }}"> |
| 138 | + ``` |
| 139 | + |
| 140 | + To: |
| 141 | + |
| 142 | + ```html |
| 143 | + <input type="text" class="form-control" name="username" value="{{ old('username') }}"> |
| 144 | + ``` |
| 145 | + |
| 146 | +15. You should now be able to login to your Laravel application using LDAP authentication! |
| 147 | + |
| 148 | + If you check out your database |
| 149 | + in your `users` table, you'll see that your LDAP account was synchronized to a local user account. |
| 150 | + |
| 151 | + |
| 152 | + This means that |
| 153 | + you can attach data regularly to this user as you would with standard Laravel authentication. |
| 154 | + |
| 155 | + If you're having issues, and you're unable to authenticate LDAP users, please check your configuration settings inside the `ldap.php` and `ldap_auth.php` files as these directly impact your applications ability to authenticate. |
| 156 | + |
| 157 | +16. Congratulations, you're awesome. |
0 commit comments