how to configure ldaprecord with sanctum using multiple domains #770
Description
I am using laravel 12 with SPA Sanctum Authentication and LdapRecord.
Until now I had only one domain alpha, and now I want to configure the app to use multiple domains.
The confusion for me is in the guards auth.php, because sanctum is using the web quard by default, so I ma not sure if I configured properly.
According to the documentation https://ldaprecord.com/docs/laravel/v3/auth/multi-domain you have to use two guards and two models.
I have remove the web guard and add those two new guards auth.php
'guards' => [
'alpha' => [
'driver' => 'session',
'provider' => 'alpha'
],
'beta' => [
'driver' => 'session',
'provider' => 'beta'
]
],
and the two providers:
providers: [
'alpha' => [
'driver' => 'ldap',
'model' => App\Ldap\Alpha\User::class,
'rules' => [],
'scopes' => [],
'database' => [
'model' => App\Models\User::class,
'sync_passwords' => false,
'sync_attributes' => [
'name' => 'cn',
'username' => 'samaccountname',
'email' => 'mail'
]
],
],
'beta' => [
'driver' => 'ldap',
'model' => App\Ldap\Beta\User::class,
'rules' => [],
'scopes' => [],
'database' => [
'model' => App\Models\User::class,
'sync_passwords' => false,
'sync_attributes' => [
'name' => 'cn',
'username' => 'samaccountname',
'email' => 'mail'
]
],
]
]
I have created those two connections ldap.php
'default' => env('LDAP_CONNECTION', 'alpha'),
'connections' => [
'alpha' => [
'username' => env('AD_ALPHA_USERNAME', null),
'password' => env('AD_ALPHA_PASSWORD', null),
'hosts' => ['alpha.server.intra'],
'port' => 389,
'base_dn' => 'dc=alpha,dc=server,dc=intra',
'timeout' => 5,
'use_ssl' => true,
'use_tls' => false
],
'beta' => [
'username' => env('AD_BETA_USERNAME', null),
'password' => env('AD_BETA_PASSWORD', null),
'hosts' => ['beta.server.intra'],
'port' => 389,
'base_dn' => 'dc=beta,dc=server,dc=intra',
'timeout' => 5,
'use_ssl' => true,
'use_tls' => false
],
]
Testing the LDAP connection is successfull php artisan ldap:test
The models for each connection:
<?php
namespace App\Ldap\Alpha;
use LdapRecord\Models\Model;
class User extends Model
{
public static array $objectClasses = [];
protected ?string $connection = 'alpha';
}
<?php
namespace App\Ldap\Beta;
use LdapRecord\Models\Model;
class User extends Model
{
public static array $objectClasses = [];
protected ?string $connection = 'beta';
}
In api.php instead of the middleware auth:sanctum i changed to auth:alpha,beta
Route::middleware('auth:alpha,beta')->group(function() {
Router::get('/home', [HomeController::class, 'index']);
});
Is working, at least that's what it seems like, ... but how sanctum is working properly if the guard web is no more there?
That's the confusion for me.... Is my configuration ok in order to work with sanctum with multiple domains?