stancl/tenancy-docs
1
0
Fork 0
mirror of https://github.com/stancl/tenancy-docs.git synced 2025-12-12 18:24:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
tenancy-docs/source/docs/v3/integrations/sanctum.blade.md
lukinovec ca5924646d
Add and fix heading IDs (#232)
2023-01-06 15:34:04 +01:00

40 lines
2 KiB
Markdown
Raw Blame History

---
title: Laravel Sanctum integration
extends: _layouts.documentation
section: content
---
# Laravel Sanctum {#sanctum}
> Note: The `sanctum` auth guard can't be used with [user impersonation]({{ $page->link('features/user-impersonation') }}) because user impersonation supports stateful guards only.
Laravel Sanctum works with Tenancy out of the box, with the exception of the `sanctum.csrf-cookie` route. You can make some small changes to make the route work.
### Making the csrf-cookie route work in the tenant app {#csrf-cookie-route-in-tenant-app}
To make the `sanctum.csrf-cookie` route work in the tenant app, do the following:
1. Add `'routes' => false` to the `sanctum.php` config
2. Publish the Sanctum migrations and move them to `migrations/tenant`
3. Make Sanctum not use its migrations in the central app by adding `Sanctum::ignoreMigrations()` to the `register()` method in your `AuthServiceProvider`
4. Add the following code to `routes/tenant.php` to override the original `sanctum.csrf-cookie` route:
```php
Route::group(['prefix' => config('sanctum.prefix', 'sanctum')], static function () {
Route::get('/csrf-cookie', [CsrfCookieController::class, 'show'])
->middleware([
'web',
InitializeTenancyByDomain::class // Use tenancy initialization middleware of your choice
])->name('sanctum.csrf-cookie');
});
```
### Making the csrf-cookie route work both in the central and the tenant app {#csrf-cookie-route-in-both-apps}
To use the `sanctum.csrf-cookie` route in both the central and the tenant apps:
1. Follow the steps in the previous section ("Sanctum's csrf-cookie route in the tenant app")
2. Set up [universal routes]({{ $page->link('features/universal-routes') }})
3. Remove `Sanctum::ignoreMigrations()` from your `AuthServiceProvider`'s `register()` method
4. Remove `'routes' => false` from the `sanctum.php` config
5. Add the `'universal'` middleware to the `sanctum.csrf-cookie` route in your `routes/tenant.php`
Reference in a new issue View git blame Copy permalink