This package was developed to give you a quick start to authenticate in laravel. It is opinionated and uses the following packages:
Laravel Auth is an internal Laravel Nova Authentication replacement to gain more control over authorizing into Laravel Nova.
- PHP:
^8.2 - Laravel:
^10.* - Microsoft SSO
You can install the package via composer:
composer require codebar-ag/laravel-authAdd the following script to your composer.json file:
"scripts": {
"post-update-cmd": [
"@php artisan vendor:publish --tag=auth-assets --ansi --force"
],
}Add configuration to your config/services.php file:
'microsoft' => [
'client_id' => env('MICROSOFT_CLIENT_ID'),
'client_secret' => env('MICROSOFT_CLIENT_SECRET'),
'redirect' => env('MICROSOFT_REDIRECT_URI'),
'tenant' => env('MICROSOFT_TENANT_ID'),
'include_tenant_info' => true,
],Add the following environment variables to your .env file:
MICROSOFT_CLIENT_ID=your-client-id
MICROSOFT_CLIENT_SECRET=your-client-secret
MICROSOFT_REDIRECT_URI="${APP_URL}/auth/service/microsoft/redirect"
MICROSOFT_TENANT_ID=your-tenant-idMICROSOFT_REDIRECT_URI environment variable. You can use expose or ngrok for local development.
APP_URL=https://your-expose-or-ngrok-url.com
# β
This is recommended for production as well:
MICROSOFT_REDIRECT_URI="${APP_URL}/auth/service/microsoft/redirect"Add the following trait to your User model:
use CodebarAg\LaravelAuth\Traits\HasAuthProviders;Update your App\Http\Middleware\Authenticate middleware:
...
protected function redirectTo(Request $request): ?string
{
- return $request->expectsJson() ? null : route('login');
+ return $request->expectsJson() ? null : route('auth.login');
}
Finally, run the following command:
php artisan auth:installIf you wish to add pest tests, run the following command:
php artisan auth:install-testsNext add the following to your phpunit.xml file:
<testsuite name="Auth">
<directory>tests/Auth</directory>
</testsuite>You will also need to add Auth to your Pest.php file:
uses(Tests\TestCase::class)->in('Feature', 'Auth');Below are the following routes provided by this package:
| Method | URI | Name | Middleware |
|---|---|---|---|
| GET | HEAD | /auth/login | auth.login | web |
| POST | /auth/login/store | auth.login.store | web |
| ANY | /auth/logout | auth.logout | web |
| GET | HEAD | /auth/password | auth.request-password | web |
| POST | /auth/password/store | auth.request-password.store | web |
| POST | /auth/password/reset | auth.reset-password | web |
| GET | HEAD | /auth/password/token/{token} | auth.reset-password.store | web |
| GET | HEAD | /auth/service/{service} | auth.provider | web |
| GET | HEAD | /auth/service/{service}/redirect | auth.provider.redirect | web |
| GET | HEAD | /auth/email/verify | auth.verification.notice | web |
| GET | HEAD | /auth/email/verify/{id}/{hash} | auth.verification.verify | web |
| POST | /auth/email/verification-notification | auth.verification.send | web |
Add the user menu for logout to your NovaServiceProvider boot method:
use Illuminate\Http\Request;
use Laravel\Nova\Menu\Menu;
use Laravel\Nova\Menu\MenuItem;
class NovaServiceProvider extends NovaApplicationServiceProvider
{
/**
* Bootstrap any application services.
*
* @return void
*/
public function boot()
{
parent::boot();
Nova::userMenu(function (Request $request, Menu $menu) {
return $menu
->append(MenuItem::externalLink('Logout', route('auth.logout')));
});Next in your nova.php config add the following:
/*
|--------------------------------------------------------------------------
| Nova Routes
|--------------------------------------------------------------------------
|
| These are the routes that are used by Nova to authenticate users.
|
*/
'routes' => [
'login' => 'auth/login',
],Next in your NovaServiceProvider replace the routes method with the following:
Note: you can not register routes for ->withAuthenticationRoutes() or ->withPasswordResetRoutes() as this will override the changes we made in the nova.php config to routes.
/**
* Register the Nova routes.
*
* @return void
*/
protected function routes()
{
- Nova::routes()
- ->withAuthenticationRoutes()
- ->withPasswordResetRoutes();
+ Nova::routes();
}You can publish the config file with:
php artisan vendor:publish --tag=auth-configThis is the contents of the published config file:
<?php
// config for CodebarAg/LaravelAuth
use CodebarAg\LaravelAuth\Enums\ProviderEnum;
return [
/*
|--------------------------------------------------------------------------
| Redirect Settings
|--------------------------------------------------------------------------
| You may like to define a different route once the user is
| logged in or out. If no redirects are defined, the package will redirect to the
| intended route. (This is the normal Laravel behaviour)
|
| Use the route name as defined in your routes file.
|
| If password-reset is not defined, the package will redirect to the login redirect route.
|
*/
'redirect' => [
// 'login' => 'dashboard',
// 'logout' => '',
// 'password-reset' => '',
],
/*
|--------------------------------------------------------------------------
| Logo Settings
|--------------------------------------------------------------------------
| You may like to define a different logo for the login page.
| You can pass either a path relative to the public folder or a full url.
|
*/
'logo' => [
'path' => 'vendor/auth/images/lock.svg',
// 'path' => 'https://example.test/images/logo.png',
'width' => '25%',
],
/*
|--------------------------------------------------------------------------
| Middleware Settings
|--------------------------------------------------------------------------
| By default, the package will use the web middleware group.
| You may define them the same way you would in your routes file.
|
*/
'middleware' => [
//
],
/*
|--------------------------------------------------------------------------
| Link Settings
|--------------------------------------------------------------------------
| By default, the package will use 60 minutes as the expiration time for
| the signed links used in the email verification process.
| You may define a different value here.
|
*/
'link_expiration_in_minutes' => 60,
/*
|--------------------------------------------------------------------------
| Toast Settings
|--------------------------------------------------------------------------
| By default, the package will use 5000 milliseconds as the time to fade
| out the toast messages.
| You may define a different value here.
|
*/
'toast_fade_time_in_milliseconds' => 5000,
/*
|--------------------------------------------------------------------------
| Password Reset Settings
|--------------------------------------------------------------------------
| By default, the package will use the password_resets table.
| You may define a different table name here.
|
*/
'password_reset_table' => 'password_resets',
/*
|--------------------------------------------------------------------------
| Provider Settings
|--------------------------------------------------------------------------
| Add the providers you want to use here.
| e.g ProviderEnum::MICROSOFT_OFFICE_365,
|
*/
'providers' => [
ProviderEnum::MICROSOFT_OFFICE_365,
],
/*
|--------------------------------------------------------------------------
| Feature Settings
|--------------------------------------------------------------------------
| By default, all features are enabled.
| You may disable a provider by adding changing the value to false.
|
*/
'features' => [
'basic' => true,
'sso' => true,
'password_reset' => true,
'email_verification' => true,
],
];If you wish to use email verification, you can add the following to your User model:
use Illuminate\Contracts\Auth\MustVerifyEmail;
class User extends Authenticatable implements MustVerifyEmailThen you can use the following middleware to protect your routes:
Illuminate\Auth\Middleware\EnsureEmailIsVerified::redirectTo('auth.verification.notice'),You use verification in nova, add the middleware into in your nova.php config:
/*
|--------------------------------------------------------------------------
| Nova Route Middleware
|--------------------------------------------------------------------------
|
| These middleware will be assigned to every Nova route, giving you the
| chance to add your own middleware to this stack or override any of
| the existing middleware. Or, you can just stick with this stack.
|
*/
'middleware' => [
'web',
EnsureEmailIsVerified::redirectTo('auth.verification.notice'),
HandleInertiaRequests::class,
DispatchServingNovaEvent::class,
BootTools::class,
],You can publish the views using:
php artisan vendor:publish --tag=auth-viewsYou can publish the assets using:
php artisan vendor:publish --tag=auth-assetsYou can publish the config using:
php artisan vendor:publish --tag=auth-configYou can publish the migrations using:
php artisan vendor:publish --tag=auth-migrationsYou can publish the translations using:
php artisan vendor:publish --tag=auth-translationsThis package uses Laravel Honeypot to prevent spam.Check out the documentation to learn how to customise it.
Copy your own phpunit.xml-file.
cp phpunit.xml.dist phpunit.xmlRun the tests:
./vendor/bin/pestPlease see CHANGELOG for more information on what has changed recently.
Please see CONTRIBUTING for details.
Please review our security policy on how to report security vulnerabilities.
The MIT License (MIT). Please see License File for more information.