I am using Sentry on laravel 4.2 in one application with muti-subdomain (every domain have different users) : i want to login from one subdomain(domain-a.maindomain.com) to another subdomain(domain-b.maindomain.com) without persisting session across subdomain.
Any one have idea how can i achieve this with laravel
i think Since the Laravel authentication system uses cookies to manage the session, you actually need to login the user on each subdomain you're going to use. To avoid that, you can use another session driver like database. and what #SUB-HDR give you in his comment is a good way too do it.
I'm not familiar with Laravel before version 5.1 but there is part of the documentation which relates to authentication:
https://laravel.com/docs/4.2/security
$user = User::find(1);
Auth::login($user);
With this you may be able to authenticate a user from one of your domains to the other. You would need to pass something from the first domain to the second domain which is a unique common attribute between the two user models and then authenticate the matching user.
in (php / mysql) we can made a row called IslogedIn(or something else you prefer) in All your Databases so they''ll look like :
//---------------------------------------------
// (main database) --> site1.com
// ------------------------------------------
// | id | username | password | IslogedIn |
// |-----|-----------|----------|-------------|
// | 1 | jhony | pass | 0 |
// |-----|-----------|----------|-------------|
//---------------------------------------------
// (2nd database) --> site2.com
// ------------------------------------------
// | id | username | password | IslogedIn |
// |-----|-----------|----------|-------------|
// | 1 | jhony | pass | 1 |
// |-----|-----------|----------|-------------|
here for example we see the user is logged in 2nd database
so the value will be : IslogedIn = 1
and we gonna use that in all our domains and from "login.php" (in Laravel it can be somthing else) , from "login.php" we mark IslogedIn = 1 if the user logged in by using some mysql orders .
after that we connect all databases using a scrip page and name it something like : 'checkout.php' in both domains folders and write in it :
1 - for old php versions :
$Db_Main_con = mysql_connect($hostname, $username, $password );
$Db_2nd_con = mysql_connect($hostname, $username, $password , true);
//-------------------------------------------------------------
$Db_Main_Select = mysql_select_db("Database_name1", $Db_Main_con);
$Db_2nd_Select = mysql_select_db("Database_name2", $Db_2nd_con );
//-------------------------------------------------------------
$Db_main = mysql_query("select * from users where id = :id", $Db_Main_Select);
$Db_2nd = mysql_query("select * from users where id = :id", $Db_2nd_Select);
2 - for new version is Generally similar only some changes in the past code , such as mysql to mysqli . read this article : mysqli_connect
and I'm not familiar with Laravel so ofc you change the "$host_main_name" and "$username" and ( table name )..... etc to feet your script
and from every db call the row : (IslogedIn) in a $string.
then we go to check if the user is Logedin in all Db we have :
if ( $Db_Main->IslogedIn || $Db_2nd->IslogedIn )
{
// ----->> your login code or relogin code here
// + sessions and cookies and reloud link and all other stuff
}
then we close the script with $Db_Main->close(); $Db_2nd->close(); .... etc when the checkout is end .
Related
I'm using three different databases with my Laravel backend, basically, one is for the backend itself, a second one is for a foo.com Nuxt website and the third one is a bar.com Angular website. Each of these three databases have a users table looking like this:
Schema::create('users', function (Blueprint $table) {
$table->id();
$table->string('name');
$table->string('email')->unique();
$table->timestamp('email_verified_at')->nullable();
$table->string('password');
$table->rememberToken();
$table->timestamps();
});
Currently, each website is using Laravel Passport for authentification on the backend database. But now, I need the two websites foo.com and bar.com to use their own database users table for the authentification.
My Laravel Passport oauth_clients configuration looks like this:
+----+---------+------+---------------------------+----------+-----+
| id | user_id | name | secret | redirect | provider | ... |
+----+---------+------+---------------------------+----------+-----+
| 1 | null | Foo | ****** | foo.com/callback | foo | ... |
| 2 | null | Bar | ****** | bar.com/callback | bar | ... |
+----+---------+------+---------------------------+----------+-----+
So, currently, users coming from foo.com sign in with their login/password through foo client and users coming from bar.com sign in with their login/password through bar client, but both on the backend users table.
How to force Laravel to use foo.users table for foo.com users and bar.users table for bar.com users ? Also, how to restrict foo users to use a foo middleware and bar users to use a bar middleware ?
I believe you can achieve this by detecting the request hostname with $_SERVER['HTTP_HOST'].
Then you have to set up 3 different .env files for 3 different domains (.env, .foo.env and .bar.env), each with different database connection configurations.
At your bootstrap/app.php , you can add the code below:
$env = '.env';
if ($_SERVER['HTTP_HOST'] == 'foo.com') {
$env = '.foo.env';
}
else if ($_SERVER['HTTP_HOST'] == 'bar.com') {
$env = '.bar.env';
}
$app->loadEnvironmentFrom($env);
I believe this is not the best option or best way to do it. But I believe you can achieve what you want with it.
How can I get the current Example out of a Ruby cucumber test in an After hook?
I can get the title with the code below. My Scenario has several Examples with it. Can I access the current Example being tested?
Feature file
Scenario Outline: Successful login with primary accounts
Given I start on the login page
When I log into Overview page with "<acct>"
Then I am on the Overview page
Examples:
| acct |
| account1 |
| account2 |
After hook
After do |scenario|
scenario.scenario_outline.title # will give me the title
How to I get the current Example?
Here is how I did it.
scenario_title = scenario.respond_to?(:scenario_outline) ? scenario.scenario_outline.title : ''
scenario_title_example = scenario.respond_to?(:name) ? scenario.name : ''
scenario_full_title = scenario_title + scenario_title_example
I'm using:
date("d-m-Y h:i:s")
in my controller, but the time is later than actual time.
For example, now in my country it's 01:02, date return 20-06-2015 01:06:38.
How to fix it?
1st Step :
Go to config/config.php and write
//specify your region
date_default_timezone_set('Europe/Warsaw');
2nd step: now you can use your time
date("d-m-Y h:i:s") //for 21/12/2010 20:12:00
date("h:i:s") //for 12:12:11 time only
Place timezone on the top of the config.php file above base_url
date_default_timezone_set('Europe/Warsaw');
Then refresh server
<?php
defined('BASEPATH') OR exit('No direct script access allowed');
date_default_timezone_set('Europe/Warsaw');
/*
|--------------------------------------------------------------------------
| Base Site URL
|--------------------------------------------------------------------------
|
| URL to your CodeIgniter root. Typically this will be your base URL,
| WITH a trailing slash:
|
| http://example.com/
|
| If this is not set then CodeIgniter will try guess the protocol, domain
| and path to your installation. However, you should always configure this
| explicitly and never rely on auto-guessing, especially in production
| environments.
|
*/
$config['base_url'] = 'http://localhost/project/';
If you can change the hooks settings in your config file from TRUE to FALSE that should help with your issue.
Except if you have a very important need for the hooks to be enabled you should be very fine this way.
$config['enable_hooks'] = TRUE;
change to:
$config['enable_hooks'] = FALSE;
I hope this helps you.
here is a part of my perl cgi script (which is working..):
use Net::LDAP;
use Net::LDAP::Entry;
...
$edn = "DC=xyz,DC=com";
$quser ="(&(objectClass=user)(cn=$username))";
$ad = Net::LDAP->new("ip_address...");
$ldap_msg=$ad->bind("$username\#xyz.com", password=>$password);
my $result = $ad->search( base=>$edn,
scope=>"sub",
filter=>$quser);
my $entry;
my $myname;
my $emailad;
my #entries = $result->entries;
foreach $entry (#entries) {
$myname = $entry->get_value("givenName");
$emailad = $entry->get_value("mail");
}
So basically, there is no admin/manager account for AD, users credentials are used for binding. I need to implement the same thing in grails..
+Is there a way to configure the plugin to search several ADs, I know I can add more ldap IPs in context.server but for each server I need a different search base...
++ I dont wanna use my DB, just AD. User logins through ldap > I get his email, and use the email for another ldap query but that will probably be another topic :)
Anyway the code so far is:
grails.plugin.springsecurity.ldap.context.managerDn = ''
grails.plugin.springsecurity.ldap.context.managerPassword = ''
grails.plugin.springsecurity.ldap.context.server = 'ldap://address:389'
grails.plugin.springsecurity.ldap.authorities.ignorePartialResultException = true
grails.plugin.springsecurity.ldap.search.base = 'DC=xyz,DC=com'
grails.plugin.springsecurity.ldap.authenticator.useBind=true
grails.plugin.springsecurity.ldap.authorities.retrieveDatabaseRoles = false
grails.plugin.springsecurity.ldap.search.filter="sAMAccountName={0}"
grails.plugin.springsecurity.ldap.search.searchSubtree = true
grails.plugin.springsecurity.ldap.auth.hideUserNotFoundExceptions = false
grails.plugin.springsecurity.ldap.search.attributesToReturn =
['mail', 'givenName']
grails.plugin.springsecurity.providerNames=
['ldapAuthProvider',anonymousAuthenticationProvider']
grails.plugin.springsecurity.ldap.useRememberMe = false
grails.plugin.springsecurity.ldap.authorities.retrieveGroupRoles = false
grails.plugin.springsecurity.ldap.authorities.groupSearchBase ='DC=xyz,DC=com'
grails.plugin.springsecurity.ldap.authorities.groupSearchFilter = 'member={0}'
And the error code is: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C0906E8, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db1
And it's the same code for any user/pass I try :/
Heeeeelp! :)
The most important thing with grails and AD is to use ActiveDirectoryLdapAuthenticationProvider rather than LdapAuthenticationProvider as it will save a world of pain. To do this, just make the following changes:
In resources.groovy:
// Domain 1
ldapAuthProvider1(ActiveDirectoryLdapAuthenticationProvider,
"mydomain.com",
"ldap://mydomain.com/"
)
// Domain 2
ldapAuthProvider2(ActiveDirectoryLdapAuthenticationProvider,
"mydomain2.com",
"ldap://mydomain2.com/"
)
In Config.groovy:
grails.plugin.springsecurity.providerNames = ['ldapAuthProvider1', 'ldapAuthProvider2']
This is all the code you need. You can pretty much remove all other grails.plugin.springsecurity.ldap.* settings in Config.groovy as they don't apply to this AD setup.
Documentation:
http://docs.spring.io/spring-security/site/docs/3.1.x/reference/springsecurity-single.html#ldap-active-directory
I'm working on a large-scale web app in Codeigniter with HMVC modular extensions and having problems with sessions whilst using the database (to store the sessions).
My sessions are being lost for a reason I can simply not understand.
A prime example is using the Codeigniter cart. I can successfully add items to my cart and click around the site with the items remaining in the session. However, when clicking around/pause navigating the website for ~ 3 minutes (not timed to the second) the cart losses all it's products and the session is empty. When reviewing the database, the old session is still stored in the database with the content but with a new session row created (as below).
I'm running the latest version of Codeigniter with no extensions to the original Session.php class.
Below are my session config variables:
/*
|--------------------------------------------------------------------------
| Session Variables
|--------------------------------------------------------------------------
|
| 'sess_cookie_name' = the name you want for the cookie
| 'sess_expiration' = the number of SECONDS you want the session to last.
| by default sessions last 7200 seconds (two hours). Set to zero for no expiration.
| 'sess_expire_on_close' = Whether to cause the session to expire automatically
| when the browser window is closed
| 'sess_encrypt_cookie' = Whether to encrypt the cookie
| 'sess_use_database' = Whether to save the session data to a database
| 'sess_table_name' = The name of the session database table
| 'sess_match_ip' = Whether to match the user's IP address when reading the session data
| 'sess_match_useragent' = Whether to match the User Agent when reading the session data
| 'sess_time_to_update' = how many seconds between CI refreshing Session Information
|
*/
$config['sess_cookie_name'] = 'myhmvc_session';
$config['sess_expiration'] = 7200;
$config['sess_expire_on_close'] = FALSE;
$config['sess_encrypt_cookie'] = FALSE;
$config['sess_use_database'] = TRUE;
$config['sess_table_name'] = 'users_sessions';
$config['sess_match_ip'] = TRUE;
$config['sess_match_useragent'] = TRUE;
$config['sess_time_to_update'] = 300;
/*
|--------------------------------------------------------------------------
| Cookie Related Variables
|--------------------------------------------------------------------------
|
| 'cookie_prefix' = Set a prefix if you need to avoid collisions
| 'cookie_domain' = Set to .your-domain.com for site-wide cookies
| 'cookie_path' = Typically will be a forward slash
| 'cookie_secure' = Cookies will only be set if a secure HTTPS connection exists.
|
*/
$config['cookie_prefix'] = "my";
$config['cookie_domain'] = "myhmvc.co.uk";
$config['cookie_path'] = "/";
$config['cookie_secure'] = FALSE;
Any help is greatly appreciated, willing to try anything at this stage.
I've still not gotten round to understanding Codeigniter's issue with sessions but from reading other posts there's quite an issue with default sessions.
I've installed the Session Driver seen here:
http://getsparks.org/packages/session-driver/versions/HEAD/show
Which has now fixed the issue.
I hope this helps others who have had similar problems.