I have a certain requirement where i will have a central laravel application, and it has all the users in there. Then there are 2-3 sub laravel applications. The users are individually given access to these sub applications.
Now the requirement is that these sub applications shouldn't have any users in there. They should query the central laravel application (through api).
So if someone signs in the central laravel application, it should automatically sign-in to the other applications that they are given access to.
I am aware that providing code wont be possible, so just an overall overview of how it might work and some packages that might be helpful would be really great. Thanks in advance.
I have pretty much done this. I really struggled to find examples/advice so just started building it.
I have several applications, all for internal use.
I have one application/db for storing users/roles/permissions.
In my other applications, the user model just points to the usermanager db.
When user log in, I grab all their permissions for this application and store them in the session.
Seems to be working so far.
Mick
Related
The company I work for has 3 applications, every app has its own database and login panel.
So what I want to do is, from the main app be able to log in to other apps.
These applications are totally different and have different databases. So what I'm thinking is using OAuth2 but I'm not quite sure if is the correct path to solve this.
Since we currently maintain 6 applications that were developed with Laravel, the wish has now arisen that there is a unified login system.
Currently we are working with a database purely for authentication where all applications access it. So the user only has to be created once for all 6 applications.
Now I would like the user to have only one login page and be able to use all applications after authentication.
I would solve the problem with a RSYNC task which synchronizes the cache of the applications. However, I think that there is a better way, so I ask you
What you are looking for is called a Single sign-on, which has been answered here before some times, but for people who don't know how to call it, it would be pretty hard to find! So here are some links:
Good single sign-on solution for Laravel by lesssuger
single sign on (sso) laravel by Moauya Meghari
tl;dr: trying to use one app's user credentials on different other apps. Tried a solution, but I have hit a roadblock and looking for better ideas.
--
Say I have 3 different laravel 5.4 installation, and let's call them "App1", "App2", and "App3". Those 3 apps have completely different functions, and they could be used by the same users.
At the moment, the users are using App1, and their login credentials and information is resting in App1's database.
App2 is located on the same private network as app one, so when I wanted to give the users of App1 the ability to login App2 with their existing credentials, I went this way:
Created a database connection in App2 that points to App1's database, using the private IP address of App1;
Used this new connection on the User model of App2 and bam, it worked.
But now I want to offer the same possibility with App3, but it's not located within the same network and I'm starting to see the shortcomings of my actual solution.
I could of course open the database connection of App1 to App3 specific IP address and keep the current setup, but I feel it's getting messy, and I guess it could be a security risk (I'm not knowledgable enough in this area to really know).
Then I'm thinking : API? Maybe Passport? Is this actually a road I should (and could) consider? If so, what would be an easy way to achieve it?
You might wanna look into a SAML solution that would allow you to share credentials across multiple apps and domains.
You can either use this Laravel package or use vanilla php-saml
I have just developped a Human Ressource WebApp in Laravel.
So in this app, I have my user database.
Now, I have 2 old apps, that I'm about to rewrite / Migrate to Laravel.
The first one is to manage employee payments.
The second app is for monitoring my salesforce in field.
So, Basically, I will basically rewrite them.
My Question is about architecture. I will develop those 2 apps separating APIs in Lumen / Laravel for each app, individually, and then writing clients in Angular2.
I will use OAuth2.0 to set authorization and scopes between apps.
Now, My indecision resides on Database part.
Should I keep database separated, include database in the same schema, or how should I deal with my databases.
Today, I have 1 DB per app, but also, I have redundancy in users: Each App works with the same users, and so duplicate this info.
Right now, When User is created in App1, it calls APIs to create it in app2 and app3. This is not so nice, IMHO.
So, I think I would like to have a single User Database, but I don't really have experience of that:
should I extract User's info in a central database for all users, should
should I keep User's info duplicated between my DB?
if I keep it in 3 differents DB, how should I make JOINs, transactions, Foreign Keys, etc.
I know there is not 1 answer, it depends of what I want, but this is also my problem, I don't know which question should I be asking to make my decision???
It is important to mention that I don't have so much traffic, max 1000 users, and they all belongs to my enterprise, it will not increase to much. So, really, make a scallable app should not be my priority right now.
Any Advice will be appreciated!!!
Since you have shared databases between your apps, the common practice is to have it in the same Laravel/Lumen app.
The way you can achieve this is separating the apps inside route groups, namespacing the controllers hierarchies of each app and declaring inside each model the connection you will be using for this model.
This way you can use the same DB connections for all of your apps, and share the same data without the need of duplicating it.
Say that I have two or more completely separate web applications. The might even be running on a different server and use different language & framework.
What I need to do is to share state, or at least authentication. For example if the user logs in on one of the websites and goes to another one, he will be able to authenticate using his credentials from the first website.
For example, if I have one website running e-commerce and another one is a blog, I want all the e-commerce users be able to comment on the blog with the information from their profile.
What is the best way to do this? Is it even a good idea?
The only solution that comes to my mind is abstracting away the profiles and authentication and create some kind of global profile and then use that on both of those websites. But that seems like a really complex solution considering what I need to achieve.
OpenID seems like a good way.