tl;dr: trying to use one app's user credentials on different other apps. Tried a solution, but I have hit a roadblock and looking for better ideas.
--
Say I have 3 different laravel 5.4 installation, and let's call them "App1", "App2", and "App3". Those 3 apps have completely different functions, and they could be used by the same users.
At the moment, the users are using App1, and their login credentials and information is resting in App1's database.
App2 is located on the same private network as app one, so when I wanted to give the users of App1 the ability to login App2 with their existing credentials, I went this way:
Created a database connection in App2 that points to App1's database, using the private IP address of App1;
Used this new connection on the User model of App2 and bam, it worked.
But now I want to offer the same possibility with App3, but it's not located within the same network and I'm starting to see the shortcomings of my actual solution.
I could of course open the database connection of App1 to App3 specific IP address and keep the current setup, but I feel it's getting messy, and I guess it could be a security risk (I'm not knowledgable enough in this area to really know).
Then I'm thinking : API? Maybe Passport? Is this actually a road I should (and could) consider? If so, what would be an easy way to achieve it?
You might wanna look into a SAML solution that would allow you to share credentials across multiple apps and domains.
You can either use this Laravel package or use vanilla php-saml
Related
I want to ask about authentication in Laravel.
So the case is, I have 2 apps that have correlation, among others are,
1 application is used (we call it, system A web application) for systems that process databases, such as creating blogs, editing, editing, and approving articles made by creators, and of course having login authentication to the application to process it. (https://uat-system.marsiajar.com) <- you can access it by using my username and password, email: sariayu.mahgdalena#gmail.com, and the password is h67v3km2.
1 is used again (we'll call it web application B), to preview everything generated by the system application, on this web, the system database is only used to update blogs, such as adding/editing the number of views to the blog. (https://marsiajar.com)
The correlation is, these 2 applications use 1 database that is on the server.
I want to know
1. How do we know or show, when a user logs in to system A's web application, the user's name will appear in B's web application?
I attached screenshots and an interface view of system A's web application,
https://ibb.co/nbW4d5c
and I attach my env's config to this,
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=marsiajarroot_uat-landingpage
DB_USERNAME=marsiajarroot_uat
DB_PASSWORD='*******'
this env, I used in system A's web application and in application B,
Please, does anyone, know about this?
Can we share about this?
Thank you very much for sharing ^_^
This was on previous case before. The truth is you cannot share the cookies or session. It might be but its not the best practice. One thing i do is to use Database SESSION_DRIVER and put some variable on it (forgot the name) but as long as it is still in the same domain, i believe this thing would works.
The company I work for has 3 applications, every app has its own database and login panel.
So what I want to do is, from the main app be able to log in to other apps.
These applications are totally different and have different databases. So what I'm thinking is using OAuth2 but I'm not quite sure if is the correct path to solve this.
I have just developped a Human Ressource WebApp in Laravel.
So in this app, I have my user database.
Now, I have 2 old apps, that I'm about to rewrite / Migrate to Laravel.
The first one is to manage employee payments.
The second app is for monitoring my salesforce in field.
So, Basically, I will basically rewrite them.
My Question is about architecture. I will develop those 2 apps separating APIs in Lumen / Laravel for each app, individually, and then writing clients in Angular2.
I will use OAuth2.0 to set authorization and scopes between apps.
Now, My indecision resides on Database part.
Should I keep database separated, include database in the same schema, or how should I deal with my databases.
Today, I have 1 DB per app, but also, I have redundancy in users: Each App works with the same users, and so duplicate this info.
Right now, When User is created in App1, it calls APIs to create it in app2 and app3. This is not so nice, IMHO.
So, I think I would like to have a single User Database, but I don't really have experience of that:
should I extract User's info in a central database for all users, should
should I keep User's info duplicated between my DB?
if I keep it in 3 differents DB, how should I make JOINs, transactions, Foreign Keys, etc.
I know there is not 1 answer, it depends of what I want, but this is also my problem, I don't know which question should I be asking to make my decision???
It is important to mention that I don't have so much traffic, max 1000 users, and they all belongs to my enterprise, it will not increase to much. So, really, make a scallable app should not be my priority right now.
Any Advice will be appreciated!!!
Since you have shared databases between your apps, the common practice is to have it in the same Laravel/Lumen app.
The way you can achieve this is separating the apps inside route groups, namespacing the controllers hierarchies of each app and declaring inside each model the connection you will be using for this model.
This way you can use the same DB connections for all of your apps, and share the same data without the need of duplicating it.
I have a certain requirement where i will have a central laravel application, and it has all the users in there. Then there are 2-3 sub laravel applications. The users are individually given access to these sub applications.
Now the requirement is that these sub applications shouldn't have any users in there. They should query the central laravel application (through api).
So if someone signs in the central laravel application, it should automatically sign-in to the other applications that they are given access to.
I am aware that providing code wont be possible, so just an overall overview of how it might work and some packages that might be helpful would be really great. Thanks in advance.
I have pretty much done this. I really struggled to find examples/advice so just started building it.
I have several applications, all for internal use.
I have one application/db for storing users/roles/permissions.
In my other applications, the user model just points to the usermanager db.
When user log in, I grab all their permissions for this application and store them in the session.
Seems to be working so far.
Mick
So, I have multiple grails apps, but I'd like to package them into a single mega app that manages user login, permissions, which appscan they access, etc. I can already links to the other apps depending on the logged in users role.
I'm using Spring Security with all of the apps, and they already share a database for users and roles. The problem I'm having is that I want the users to be instantly logged in on all of the apps when they log in into the "mega app", I want them all to share a login session.
Right now, I have a login for the users to access the "mega app" where they are linked to the other apps, but they have to manually log in again for each of the different grails apps they are linked to. And I don't like this, I want all apps to share a session, atleast for login. Any way to do this?
Having all the source from all the apps inside one single grails project is not a possibility here, it would be too heavy and some users don't even install all of the apps, since this is installed on their own private servers for them to use in their own local network. Also, login sessions time out after a while of not being used, making the problem even worse.
Help would be greatly appreciated, thank you in advance.
The spring-security-cas plugin is one option; it uses the open source CAS single sign-on server to let you authenticate to any server and be automatically authenticated on all of the others.