Attivazione autenticazione LDAP con registrazione utenti in DB
This commit is contained in:
parent
9c65d864c9
commit
9bfb9a1903
@ -5,6 +5,7 @@ namespace App\Http\Controllers\Auth;
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Providers\RouteServiceProvider;
|
||||
use Illuminate\Foundation\Auth\AuthenticatesUsers;
|
||||
use Illuminate\Http\Request;
|
||||
|
||||
class LoginController extends Controller
|
||||
{
|
||||
@ -37,4 +38,12 @@ class LoginController extends Controller
|
||||
{
|
||||
$this->middleware('guest')->except('logout');
|
||||
}
|
||||
|
||||
protected function credentials(Request $request)
|
||||
{
|
||||
return [
|
||||
'mail' => $request->email,
|
||||
'password'=>$request->password,
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
@ -54,6 +54,6 @@ class CategorieController extends Controller
|
||||
public function apiList()
|
||||
{
|
||||
$categorie=DB::table('categories')->orderBy('cat_name')->get();
|
||||
return json_encode($categorie);
|
||||
return response()->json($categorie);
|
||||
}
|
||||
}
|
||||
|
||||
21
app/Ldap/Rules/OnlyInGroupUsers.php
Normal file
21
app/Ldap/Rules/OnlyInGroupUsers.php
Normal file
@ -0,0 +1,21 @@
|
||||
<?php
|
||||
|
||||
namespace App\Ldap\Rules;
|
||||
|
||||
use LdapRecord\Laravel\Auth\Rule;
|
||||
|
||||
class OnlyInGroupUsers extends Rule
|
||||
{
|
||||
/**
|
||||
* Check if the rule passes validation.
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
public function isValid()
|
||||
{
|
||||
//
|
||||
return $this->user->groups()->exists(
|
||||
env('LDAP_GROUP_ACCESS')
|
||||
);
|
||||
}
|
||||
}
|
||||
15
app/Ldap/User.php
Normal file
15
app/Ldap/User.php
Normal file
@ -0,0 +1,15 @@
|
||||
<?php
|
||||
|
||||
namespace App\Ldap;
|
||||
|
||||
use LdapRecord\Models\Model;
|
||||
|
||||
class User extends Model
|
||||
{
|
||||
/**
|
||||
* The object classes of the LDAP model.
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
public static $objectClasses = [];
|
||||
}
|
||||
@ -4,13 +4,16 @@ namespace App\Models;
|
||||
|
||||
use Illuminate\Contracts\Auth\MustVerifyEmail;
|
||||
use Illuminate\Database\Eloquent\Factories\HasFactory;
|
||||
use Illuminate\Foundation\Auth\User as Authenticatable;
|
||||
use Illuminate\Foundation\Auth\User as Authenticatable;
|
||||
use Illuminate\Notifications\Notifiable;
|
||||
use Laravel\Sanctum\HasApiTokens;
|
||||
//use LdapRecord\Laravel\Auth\Authenticatable;
|
||||
use LdapRecord\Laravel\Auth\AuthenticatesWithLdap;
|
||||
|
||||
|
||||
class User extends Authenticatable
|
||||
{
|
||||
use HasApiTokens, HasFactory, Notifiable;
|
||||
use HasApiTokens, HasFactory, Notifiable, AuthenticateswithLdap;
|
||||
|
||||
/**
|
||||
* The attributes that are mass assignable.
|
||||
@ -41,4 +44,14 @@ class User extends Authenticatable
|
||||
protected $casts = [
|
||||
'email_verified_at' => 'datetime',
|
||||
];
|
||||
|
||||
public function getLdapDomainColumn()
|
||||
{
|
||||
return 'domain';
|
||||
}
|
||||
|
||||
public function getLdapGuidColumn()
|
||||
{
|
||||
return 'guid';
|
||||
}
|
||||
}
|
||||
|
||||
@ -12,6 +12,7 @@
|
||||
"barryvdh/laravel-dompdf": "^1.0",
|
||||
"consoletvs/charts": "7.*",
|
||||
"directorytree/ldaprecord": "^2.9",
|
||||
"directorytree/ldaprecord-laravel": "^2.5",
|
||||
"fruitcake/laravel-cors": "^2.0",
|
||||
"guzzlehttp/guzzle": "^7.0.1",
|
||||
"laravel-notification-channels/telegram": "^2.0",
|
||||
|
||||
66
composer.lock
generated
66
composer.lock
generated
@ -4,7 +4,7 @@
|
||||
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
|
||||
"This file is @generated automatically"
|
||||
],
|
||||
"content-hash": "a4647119c1cdf9d566876ae0272f6a00",
|
||||
"content-hash": "857d84837771f902ec95cd06212b55f5",
|
||||
"packages": [
|
||||
{
|
||||
"name": "barryvdh/laravel-dompdf",
|
||||
@ -466,6 +466,70 @@
|
||||
],
|
||||
"time": "2022-02-17T18:35:49+00:00"
|
||||
},
|
||||
{
|
||||
"name": "directorytree/ldaprecord-laravel",
|
||||
"version": "v2.5.6",
|
||||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://github.com/DirectoryTree/LdapRecord-Laravel.git",
|
||||
"reference": "75ba6b5a981fa1e9f1ad6c2233ea4f73078f8d66"
|
||||
},
|
||||
"dist": {
|
||||
"type": "zip",
|
||||
"url": "https://api.github.com/repos/DirectoryTree/LdapRecord-Laravel/zipball/75ba6b5a981fa1e9f1ad6c2233ea4f73078f8d66",
|
||||
"reference": "75ba6b5a981fa1e9f1ad6c2233ea4f73078f8d66",
|
||||
"shasum": ""
|
||||
},
|
||||
"require": {
|
||||
"directorytree/ldaprecord": "^2.4.4",
|
||||
"ext-ldap": "*",
|
||||
"illuminate/support": "^5.6|^6.0|^7.0|^8.0|^9.0",
|
||||
"php": ">=7.3",
|
||||
"ramsey/uuid": "*"
|
||||
},
|
||||
"require-dev": {
|
||||
"mockery/mockery": "^1.0",
|
||||
"orchestra/testbench": "^3.7|^4.0|^5.0|^6.0|^7.0",
|
||||
"phpunit/phpunit": "^7.0|^8.0|^9.0",
|
||||
"spatie/ray": "^1.28"
|
||||
},
|
||||
"type": "project",
|
||||
"extra": {
|
||||
"laravel": {
|
||||
"providers": [
|
||||
"LdapRecord\\Laravel\\LdapServiceProvider",
|
||||
"LdapRecord\\Laravel\\LdapAuthServiceProvider"
|
||||
]
|
||||
}
|
||||
},
|
||||
"autoload": {
|
||||
"psr-4": {
|
||||
"LdapRecord\\Laravel\\": "src/"
|
||||
}
|
||||
},
|
||||
"notification-url": "https://packagist.org/downloads/",
|
||||
"license": [
|
||||
"MIT"
|
||||
],
|
||||
"description": "LDAP Authentication & Management for Laravel.",
|
||||
"keywords": [
|
||||
"adldap2",
|
||||
"laravel",
|
||||
"ldap",
|
||||
"ldaprecord"
|
||||
],
|
||||
"support": {
|
||||
"issues": "https://github.com/DirectoryTree/LdapRecord-Laravel/issues",
|
||||
"source": "https://github.com/DirectoryTree/LdapRecord-Laravel/tree/v2.5.6"
|
||||
},
|
||||
"funding": [
|
||||
{
|
||||
"url": "https://github.com/stevebauman",
|
||||
"type": "github"
|
||||
}
|
||||
],
|
||||
"time": "2022-05-11T13:35:40+00:00"
|
||||
},
|
||||
{
|
||||
"name": "doctrine/inflector",
|
||||
"version": "2.0.4",
|
||||
|
||||
@ -38,7 +38,7 @@ return [
|
||||
'guards' => [
|
||||
'web' => [
|
||||
'driver' => 'session',
|
||||
'provider' => 'users',
|
||||
'provider' => 'ldap', //'users',
|
||||
],
|
||||
],
|
||||
|
||||
@ -60,9 +60,20 @@ return [
|
||||
*/
|
||||
|
||||
'providers' => [
|
||||
'users' => [
|
||||
'driver' => 'eloquent',
|
||||
'model' => App\Models\User::class,
|
||||
'ldap' => [
|
||||
'driver' => 'ldap', //'eloquent',
|
||||
'model' => LdapRecord\Models\ActiveDirectory\User::class, //App\Models\User::class,
|
||||
'rules' => [
|
||||
App\Ldap\Rules\OnlyInGroupUsers::class,
|
||||
],
|
||||
'database' => [
|
||||
'model' => App\Models\User::class,
|
||||
'sync_passwords'=> false,
|
||||
'sync_attributes' => [
|
||||
'name' => 'displayname',
|
||||
'email' => 'mail',
|
||||
],
|
||||
],
|
||||
],
|
||||
|
||||
// 'users' => [
|
||||
|
||||
73
config/ldap.php
Normal file
73
config/ldap.php
Normal file
@ -0,0 +1,73 @@
|
||||
<?php
|
||||
|
||||
return [
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Default LDAP Connection Name
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Here you may specify which of the LDAP connections below you wish
|
||||
| to use as your default connection for all LDAP operations. Of
|
||||
| course you may add as many connections you'd like below.
|
||||
|
|
||||
*/
|
||||
|
||||
'default' => env('LDAP_CONNECTION', 'default'),
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| LDAP Connections
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Below you may configure each LDAP connection your application requires
|
||||
| access to. Be sure to include a valid base DN - otherwise you may
|
||||
| not receive any results when performing LDAP search operations.
|
||||
|
|
||||
*/
|
||||
|
||||
'connections' => [
|
||||
|
||||
'default' => [
|
||||
'hosts' => [env('LDAP_HOST', '127.0.0.1')],
|
||||
'username' => env('LDAP_USERNAME', 'cn=user,dc=local,dc=com'),
|
||||
'password' => env('LDAP_PASSWORD', 'secret'),
|
||||
'port' => env('LDAP_PORT', 389),
|
||||
'base_dn' => env('LDAP_BASE_DN', 'dc=local,dc=com'),
|
||||
'timeout' => env('LDAP_TIMEOUT', 5),
|
||||
'use_ssl' => env('LDAP_SSL', false),
|
||||
'use_tls' => env('LDAP_TLS', false),
|
||||
],
|
||||
|
||||
],
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| LDAP Logging
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| When LDAP logging is enabled, all LDAP search and authentication
|
||||
| operations are logged using the default application logging
|
||||
| driver. This can assist in debugging issues and more.
|
||||
|
|
||||
*/
|
||||
|
||||
'logging' => env('LDAP_LOGGING', true),
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| LDAP Cache
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| LDAP caching enables the ability of caching search results using the
|
||||
| query builder. This is great for running expensive operations that
|
||||
| may take many seconds to complete, such as a pagination request.
|
||||
|
|
||||
*/
|
||||
|
||||
'cache' => [
|
||||
'enabled' => env('LDAP_CACHE', false),
|
||||
'driver' => env('CACHE_DRIVER', 'file'),
|
||||
],
|
||||
|
||||
];
|
||||
@ -16,6 +16,8 @@ class CreateUsersTable extends Migration
|
||||
Schema::create('users', function (Blueprint $table) {
|
||||
$table->id();
|
||||
$table->string('name');
|
||||
$table->string('guid')->unique()->nullable();
|
||||
$table->string('domain');
|
||||
$table->string('email')->unique();
|
||||
$table->timestamp('email_verified_at')->nullable();
|
||||
$table->string('password');
|
||||
|
||||
@ -50,7 +50,7 @@
|
||||
<select name="mov_fk_tags" class="form-control" id="tags">
|
||||
@foreach($tags as $tag)
|
||||
<option value="{{ $tag->id; }}">{{ $tag->tag_name }}</option>
|
||||
@endforeach
|
||||
@endforeach
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user