Session not persisting with using Adldap + Local Users

[johnotaalo]

• Laravel Version: 5.8
• Adldap2-Laravel Version: 6.0
• PHP Version: 7.1.3
• LDAP Type: ActiveDirectory

Description:

Hi Everyone,

I am implementing a custom multi-authentication application on Laravel with Adldap and a local user.

How it works

The user picks where they would like to log in, either to a data manager or to a client portal. The client portal uses LDAP while the data manager uses local users.
The two are separate modules in the application.

What I have done so far

1. Installed and set up Adldap (input correct configuration for both ldap and ldap_auth)
2. Added adldap as a provider
3. Added adldap as a guard
4. Overridden the attemptLogin function in LoginController.php
5. Created a UserLDAP Model to synchronize LDAP users

The problem

The local user is able to log in and Auth::user() returns the \App\User model.
From the logs, I can see LDAP authentication being successful but the session is not persisting.

My Files

storage/logs/xxxx.log

[2020-03-19 11:55:46] local.INFO: User 'Chrispine Otaalo' has been successfully found for authentication.
[2020-03-19 11:55:46] local.INFO: User 'Chrispine Otaalo' is being synchronized.
[2020-03-19 11:55:46] local.INFO: User 'Chrispine Otaalo' has been successfully synchronized.
[2020-03-19 11:55:46] local.INFO: User 'Chrispine Otaalo' is authenticating with username: 'xxxx'
[2020-03-19 11:55:46] local.INFO: User 'Chrispine Otaalo' has successfully passed LDAP authentication.
[2020-03-19 11:55:46] local.INFO: User 'Chrispine Otaalo' has been successfully logged in.

ldap_auth.php

`return [
'connection' => env('LDAP_CONNECTION', 'default'),
'provider' => Adldap\Laravel\Auth\DatabaseUserProvider::class,
'model' => App\UserLDAP::class,
'rules' => [
Adldap\Laravel\Validation\Rules\DenyTrashed::class,
],
'scopes' => [],
'identifiers' => [
'ldap' => [
'locate_users_by' => 'samaccountname',
'bind_users_by' => 'distinguishedname',
],
'database' => [
'guid_column' => 'objectguid',
'username_column' => 'username',
]
],
'sync_attributes' => [

    'email'     => 'mail',

    'name'      => 'cn',

    'index_no'  =>  'employeenumber',

    'username'  =>  'samaccountname'

],

];`

LoginController.php

`<?php

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
use Adldap\Laravel\Facades\Adldap;
use Illuminate\Support\Facades\Auth;

class LoginController extends Controller
{

use AuthenticatesUsers;

protected $redirectTo = '/';

protected $username;

public function __construct()
{
    $this->middleware('guest')->except('logout');
    $this->middleware('guest:ldap')->except('logout');

    $this->username = $this->findUsername();
}

public function findUsername()
{
    $login = request()->input('email');

    $fieldType = filter_var($login, FILTER_VALIDATE_EMAIL) ? 'email' : 'username';

    request()->merge([$fieldType => $login]);

    return $fieldType;
}

public function username()
{
    return $this->username;
}

protected function attemptLogin(Request $request){
    if (request()->input('location') == "client-portal") {
        $credentials = request()->only($this->username, 'password');
        Auth::guard('ldap')->attempt($credentials, true);
    }else{
        Auth::attempt(['email' => request($this->username), 'password' => request('password')]);
    }
}

}`

auth.php

`'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],

    'api' => [
        'driver' => 'passport',
        'provider' => 'users',
    ],

    'ldap'  =>  [
        'driver'    =>  'session',
        'provider'  =>  'ldap'
    ]
],

'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'ldap' => [
'driver' => 'ldap',
'model' => App\UserLDAP::class
]
],`

UserLDAP.php

Any Assistance with this would be highly appreciated