New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[v1.0] Extensibility of Actions using Authentication User Providers #17
Comments
Fortify 1.1.0 has been released with Fortify::loginThrough(function ($request) {
return [
//
];
}); |
Awesome thanks @taylorotwell! Let me verify this right now on my install and see if I can now use my own auth guard 👍 |
This is sort of the "bazooka" approach and gives the most flexibility. I think there is probably still room for some more granular customization hooks that don't require customizing the pipeline. |
OK I have tagged v1.2.0 with a more granular approach that I believe will solve your original use case a little easier. The There is a new This custom callback will be utilized by both Fortify::authenticateUsing(function ($request) {
$user = User::where('email', $request->email)->first();
if (! $user || ! Hash::check($request->password, $user->password)) {
return;
}
return $user;
}); |
@stevebauman when you have time, i would be curious to know if the new |
Perfect, the // app/Providers/AppServiceProvider.php
public function boot()
{
Fortify::authenticateUsing(function ($request) {
Auth::attempt([
// "mail" is an LDAP attribute
'mail' => $request->email,
'password' => $request->password
]);
return Auth::user();
});
} This is the only change I need to make. I didn't need to configure anything at all in Jetstream. I did a complete new Jetstream installation, installed LdapRecord-Laravel, configured it, then added this callback. Excellent! 👍 🎉 |
@stevebauman cool. my only suggestion is not to use Reason being is that when |
@taylorotwell Ah okay understood - thanks! Here's what I've updated it to: // app/Providers/AppServiceProvider.php
public function boot()
{
Fortify::authenticateUsing(function ($request) {
$validated = Auth::validate($credentials = [
'mail' => $request->email,
'password' => $request->password
]);
return $validated ? Auth::getProvider()->retrieveByCredentials($credentials) : null;
});
} In my case, I need to all |
Yeah, that looks good! |
Hi Taylor, is there a way to utilize "remember" using Auth::validate with authenticateUsing, maybe it should return an array, instead of just the User model since it's going to call Auth::login ? [User, $remember] |
Hi @mikeburton220, The filled status of the login requests fortify/src/Actions/AttemptToAuthenticate.php Lines 69 to 80 in 394c707
Simply send the |
@stevebauman @mikeburton220 This is my JS login request code
|
I know this is extremely early since this just got released -- but I'm wondering if there's any plans on adding the ability to override the included actions, or for the actions to utilize other authentication providers besides
eloquent
?The current
RedirectIfTwoFactorAuthenticatable
action uses agetModel()
method that is not currently inside theStateful
guard contract:fortify/src/Actions/RedirectIfTwoFactorAuthenticatable.php
Line 51 in f29ed3f
This action (
RedirectIfTwoFactorAuthenticatable
) is also responsible for validating the users credentials -- but isn't the authenticationUserProvider
responsible for this?https://github.com/laravel/framework/blob/c87794fc354941729d1f0c4607693c0b8d2cfda2/src/Illuminate/Contracts/Auth/UserProvider.php#L48
The other concern is that the
AttemptToAuthenticate
action only allows customization of the username passed into the$guard->attempt()
method, while Laravel UI allows you to customize the whole array of credentials passed in:AttemptToAuthenticate Action in Fortify:
fortify/src/Actions/AttemptToAuthenticate.php
Lines 46 to 53 in 4be9953
AuthenticatesUsers Trait in Laravel UI:
https://github.com/laravel/ui/blob/6ed3b97576fc99049ba576de4cfab5cef4771ab3/auth-backend/AuthenticatesUsers.php#L93-L96
Please don't take these questions in any sort of negative manor -- I'm immensely grateful for the insane amount of free work that was put into this! ❤️
If there is interest in this possibility, I can work on a PR to add this extensibility and you can look at it to see if it's something you like / don't like. If it's denied, no hard feelings 👍
Related: #16, DirectoryTree/LdapRecord-Laravel#196
The text was updated successfully, but these errors were encountered: