Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

No way to authorize private channels in laravel-echo-server #1340

Open
slavarazum opened this issue Jan 5, 2018 · 14 comments

Comments

@slavarazum
Copy link
Contributor

commented Jan 5, 2018

Info:

  • Docker version ($ docker --version): Docker version 17.09.1-ce, build 19e2cf6
  • Laradock commit ($ git rev-parse HEAD): 9e996cc8ba6fa112cc24fe8d4d2ef9a3a7f3342b
  • System info (Mac, PC, Linux): Mac

Issue:

Laravel echo server private channel authentication impossible with different domain names on nginx.
For example I have several domain names in my nginx container and I want to setup my laravel-echo-server to specific one for example: my-site.com
If I set "authHost": "http://my-site.com", echo server couldn't connect to this host and throws an error

Error: connect ECONNREFUSED 127.0.0.1:80

because it doesn't know what is it.
But if I set "authHost": "http://nginx" it will successfully connect to the nginx server but only to default project with server_name localhost;

Expected behavior:

Ability to set authHost to any domain available in web server.
As a result - have an ability to authorize private channels on each of projects under laradock.


Reproduce:

Try to connect to any private channel on laravel application registered on different domain with simple authentication like:

Broadcast::channel('echo.{id}', function ($user, $id) {
    return true;
});
@slavarazum

This comment has been minimized.

Copy link
Contributor Author

commented Feb 26, 2018

Still no solutions?

@cre8

This comment has been minimized.

Copy link

commented Feb 26, 2018

I had the same problem with caddy as a webserver. I added a rule for 0.0.0.0 and pointed it also to my laravel project:

0.0.0.0:80 {
	root /var/www/api/public

	fastcgi / php-fpm:9000 php {
    	index index.php
	}

	rewrite {
	    r .*
	    ext /
	    to /index.php?{query}
	}
	browse
	log /var/log/caddy/access.log
	errors /var/log/caddy/error.log	
}

and I set caddy as the auth host. It's a dirty solution but I think the elegant way would be to connect your host name my-site.com with the nginx container so docker compose knows where to route this.

@canhkieu

This comment has been minimized.

Copy link

commented Apr 11, 2018

Hi @ModernArtisan, I meet the same issues. Do you resolve?

@cre8

This comment has been minimized.

Copy link

commented Apr 20, 2018

@cabrerabywaters I found a solution for nginx:

nginx config for laravel application:

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name api.example.com;
    root /var/www/api/public;
    index index.php;
    
    ssl_certificate /var/certs/cert.pem;
    ssl_certificate_key /var/certs/privkey.pem;

    location / {
         try_files $uri $uri/ /index.php$is_args$args;
    }

    location ~ \.php$ {
        try_files $uri /index.php =404;
        fastcgi_pass php-upstream;
        fastcgi_index index.php;
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        #fixes timeouts
        fastcgi_read_timeout 600;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }

    location /.well-known/acme-challenge/ {
        root /var/www/letsencrypt/;
        log_not_found off;
    }
}

laravel-echo-server config:

{
	"authHost": "https://nginx",
	"authEndpoint": "/broadcasting/auth",
	"clients": [],
	"database": "redis",
	"databaseConfig": {
		"redis": {
			"port": "6379",
			"host": "redis"
		}
	},
	"devMode": true,
	"host": null,
	"port": "6001",
	"protocol": "https",
	"socketio": {},
	"sslCertPath": "/var/certs/cert.pem",
	"sslKeyPath": "/var/certs/privkey.pem"
}

I managed to call api.example.com in my laravel-echo-server by passing the domain in the docker-compose file to one container. But I deleted the file and now I have no idea how to reproduce it.

@canhkieu

This comment has been minimized.

Copy link

commented Apr 20, 2018

It's not work.

@cre8

This comment has been minimized.

Copy link

commented Apr 20, 2018

@canhkieu I can't help you without any logs. What is in the logs of the laravel-echo-server? What exactly does not work? More information is required

@canhkieu

This comment has been minimized.

Copy link

commented Apr 25, 2018

But if I set "authHost": "http://nginx" it will successfully connect to the nginx server but only to default project with server_name localhost;

I have 2 sites.

  • aaa.com
  • bbb.com

With aaa.com I set up.

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name aaa.com **nginx**;

   ...
}

And the seconds bbb.com I only settup

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name bbb.com;

   ...
}

How could you connect laravel-echo-server to aaa.com and bbb.com. In case, laravel-echo-server only accept "authHost": "https://nginx"

@cre8

This comment has been minimized.

Copy link

commented Apr 26, 2018

To address aaa.com or bbb.com you should insert a redirect in the nginx config like:

server {
    ....
    server_name localhost;
    
    location /aaa {
        rewrite ^/(.*)$ https://aaa.com/$1 redirect;
    }

    location /bbb {
        rewrite ^/(.*)$ https://bbb.com/$1 redirect;
    }
}

So when you set authHost to https://nginx/aaa it will route to nginx, that will redirect to the request to aaa.com (I haven't tested it yet, but the logic seems to be correct)

Normally you have to set the host to aaa.com in the http-header when you call https://nginx, but this is not implemented in the laravel-echo-server package.

@aymanterra

This comment has been minimized.

Copy link

commented May 6, 2018

set
"authHost": "http://my-site.com"
as you need , and change your hosts file to map your domain to the container IP , like this :
10.0.75.1 my-site.com
it will be the IP in the laradock .env file
DOCKER_HOST_IP=10.0.75.1
this will solve the problem

@kongkx

This comment has been minimized.

Copy link

commented May 20, 2018

I solve this problem by adding an alias to nginx service in docker-compose.yml

reference: aliases in Compose file reference ;

### NGINX Server #########################################
    nginx:
      build:
        context: ./nginx
        args:
          - PHP_UPSTREAM_CONTAINER=${NGINX_PHP_UPSTREAM_CONTAINER}
          - PHP_UPSTREAM_PORT=${NGINX_PHP_UPSTREAM_PORT}
      volumes:
        - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}
        - ${NGINX_HOST_LOG_PATH}:/var/log/nginx
        - ${NGINX_SITES_PATH}:/etc/nginx/sites-available
      ports:
        - "${NGINX_HOST_HTTP_PORT}:80"
        - "${NGINX_HOST_HTTPS_PORT}:443"
      depends_on:
        - php-fpm
      networks:
        # before ----
        # - frontend
        # - backend
        # end before ----
        frontend:
        backend:
            aliases:
              - my-site.com

laravel-echo-server.json

{
  " authHost: "http://my-site.com"
  // ...
}

extra note:

  1. use docker-compose up laravel-echo-server, without -d for easier debug;
  2. rebuild larvavel-echo-server after updating the laravel-echo-server.json, docker-compose build laravel-echo-server

extra extra note:

I'm new to docker.

@CasparChou

This comment has been minimized.

Copy link

commented Jun 15, 2018

@kongkx It works! I spent 3 days on this...

@karatana

This comment has been minimized.

Copy link

commented Jul 4, 2018

I'm new to docker and laravel.

I had the same problem in localhost domain
because authHost is not http://nginx but localhost.

Is it better to change the default value of laravel-echo-server.json ?

@callect

This comment has been minimized.

Copy link

commented Aug 1, 2018

@canhkieu I have same issue, did you solved it?
@cre8 Hi,how to solve with top domain?

quanghung97 referenced this issue in quanghung97/laravel-nuxt-realtime-example Mar 2, 2019
@QuiLeVan

This comment has been minimized.

Copy link

commented Jun 7, 2019

@cabrerabywaters I found a solution for nginx:

nginx config for laravel application:

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name api.example.com;
    root /var/www/api/public;
    index index.php;
    
    ssl_certificate /var/certs/cert.pem;
    ssl_certificate_key /var/certs/privkey.pem;

    location / {
         try_files $uri $uri/ /index.php$is_args$args;
    }

    location ~ \.php$ {
        try_files $uri /index.php =404;
        fastcgi_pass php-upstream;
        fastcgi_index index.php;
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        #fixes timeouts
        fastcgi_read_timeout 600;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }

    location /.well-known/acme-challenge/ {
        root /var/www/letsencrypt/;
        log_not_found off;
    }
}

laravel-echo-server config:

{
	"authHost": "https://nginx",
	"authEndpoint": "/broadcasting/auth",
	"clients": [],
	"database": "redis",
	"databaseConfig": {
		"redis": {
			"port": "6379",
			"host": "redis"
		}
	},
	"devMode": true,
	"host": null,
	"port": "6001",
	"protocol": "https",
	"socketio": {},
	"sslCertPath": "/var/certs/cert.pem",
	"sslKeyPath": "/var/certs/privkey.pem"
}

I managed to call api.example.com in my laravel-echo-server by passing the domain in the docker-compose file to one container. But I deleted the file and now I have no idea how to reproduce it.

OK! GOOD! It worked for me! Help me save a day!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
9 participants
You can’t perform that action at this time.