I am in a need to have single sign-on (SSO) on my applications.
Basically, I have three applications in different directories. I have a WordPress(ecommerce) site running in the main folder of my domain and a Laravel application in a directory and a moodle(lms) application in a directory.
The idea is if I log into my WordPress site, I don't need to sign in on the other two applications and able to access the Laravel and moodle applications.
I will give access to moodle pages from laravel app. What is the best approach to achieve this?
Moodle has OAuth2, I'm guessing Wordpress has it too?
https://docs.moodle.org/311/en/OAuth_2_authentication
So maybe use an oauth2 server, eg Okta or OneLogin
Related
Let's say we have a site called example.com
Here, for example, I want to use some static content such as blog etc. and some pages in Wordpress. Wordpress build is using session-based authentication, with username and password strategy, also with third-party. (OAuth and OpenID).
I will design a custom and dynamic website section in Java Spring. And I want to use the same authentication mechanism with Wordpress.
For example, there is this path named examle.com/test. It is running from different server, which is based on Java Spring. But the session is shared with Wordpress. If there is a login from Wordpress (from example.com), it works on this server as well. Vice versa is also correct.
Login/logout should be possible from both Wordpress's pages and Java Spring's pages. Session must be shared. Wordpress already exists and the authentication mechanism is working. How can I use this in Java Spring? Or how can I do achieve this in some another way?
If
your Spring and WordPress apps are on the same top-level domain (for example https://spring.example.com and https://wordpress.example.com), and
your Spring app can read rows from the wp_users table in your WordPress MySQL database, and
your Spring app has access to the Authentication Unique Keys and Salts section of your wp-config.php file in your WordPress installation, and
your users always log in to WordPress before they use your Spring app ...
Then you can use the wordpress_logged_in_... cookie to authenticate your WordPress users to your Spring app. You'll have to rewrite the wp_validate_auth_cookie() in Java to do that. Explaining how to do that is far beyond the scope of a StackOverflow answer.
If any of those conditions aren't met you probably should explore some sort of federated login scheme. WordPress has several SAML plugins. Spring also supports SAML login. Again, it's too big a topic for StackOverflow.
I am planning a small project and have a question about authentication. I would like to implement the site with Laravel 8. However, as soon as the user has successfully logged in, he should be directed to the user dashboard. The User Dashboard should be a pure VueJS Single Page Application.
Now my question. Which auth should I use here? Session or token for the whole site or is both possible and useful?
If I use the token auth variant, for example, then I can protect the Vue app very well but I cannot access the user information outside the Vue app. For example, the current profile picture of the user should appear in the navbar and not only in the vue app but also on the landing page, contact page etc.
How can I do this and what will be the best practice and thanks for your help!
Use token based Authentication
(Laravel Passport)
Use Token-based authentication system.
In this way, you'll be able to manage the entire application UI and role checking in the frontend only. I would rather prefer to go with JWT [https://jwt-auth.readthedocs.io/en/develop/laravel-installation/]. It's easy to use and the documentation is pretty good. It's even supported by Lumen also. If you wish to integrate any micro-service in your application future, then it's available in Lumen micro-service also.
I am looking for an example to allow users to upload to my company's one drive folder directly from our website which is using laravel and php, I'd like to make it to where each client has their own folder in which only the client and us can collaborate on within our website. We would like it to where they wouldnt have to have a Microsoft account to do this. Is this possible? and where can I find some examples?
You can write your own specific Laravel Middleware in which you will checked user for presence Microsoft accaunt.
Little more info about Laravel Middleware with good example Understanding Laravel Middleware
I am building a native app in android / ios and using laravel 5.3 for server side API's development. This app is related to E-commerce where user and seller will come buy an sell their product. To browse all the users, products and other statistics and action I want to develop an admin / dashboard panel. What is the best way to do this.
There are number of ways to do it. You can use tokenized api from laravel for authentication and you can use jwt sort of libraries. Which will allow you to authenticate and with tokenized api you can securely make http request with your laravel back end. You just have to specify api guard specifically for your admin panel. There is one default api guard as well. You can use that one or create new. Completly upto you.
You can check this: https://asgardcms.com/. It's a modular multilingual CMS built with Laravel 5, with an MIT license.
I have a website already running made with CakePHP, which has its own login system using the Auth component.
Now I'm going to create another website using moodle, hosted in the same server. Is there any way to share the user session between those 2 websites?
For example, if a user logs into the moodle website and clicks a link to a page of the other website, he is not asked to log in again, since the system recognises that he is already logged in.
I guess that one thing to do would be to tell moodle (somehow) to use same table of users in the database that the CakePHP website is already using. And then tell the CakePHP website to accept the sessions created in that other website. Something like this right?
But I don't know how to do those things or if they even possible, any advice on how to approach this would be very helpful.
Single sign-on (SSO) is not currently a trivial thing to do in Moodle.
Some other approaches you may consider are:
Use external authentication in Moodle and configure it to use Cake's database. Does not provide SSO but tells Moodle to use Cake's user accounts.
Configure both Moodle and Cake to use a common authentication system like LDAP, POP3 or CAS. Depending of your choice it is possible that you may achieve SSO.
More information about Moodle authentication plug-ins in this page:
http://docs.moodle.org/dev/Authentication_plugins