stancl/tenancy-docs
1
0
Fork 0
mirror of https://github.com/stancl/tenancy-docs.git synced 2025-12-12 10:14:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
tenancy-docs/source/docs/v3/integrations/passport.blade.md
Samuel Štancl 0da737e60e
Remove blade
2021-07-08 14:36:54 +02:00

112 lines
4.2 KiB
Markdown
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
title: Laravel Passport integration
extends: _layouts.documentation
section: content
---
# Laravel Passport {#laravel-passport}
> If you just want to write an SPA, but don't need an API for some other use (e.g. mobile app), you can avoid a lot of the complexity of writing SPAs by using [Inertia.js](https://inertiajs.com/).
> Note: This guide may be out of date (it's from the v2 era). If you have Passport and Tenancy v3 working, please consider contributing back by submitting a pull request updating this page. You may use the **Edit this page** button at the bottom of this page.
To use Passport inside the tenant part of your application, you may do the following.
- Add this to the `register` method in your `AppServiceProvider`:
```php
Passport::ignoreMigrations();
Passport::routes(null, ['middleware' => [
// You can make this simpler by creating a tenancy route group
InitializeTenancyByDomain::class,
PreventAccessFromCentralDomains::class,
]]);
```
- Add this to `boot` method in your `AppServiceProvider`:
```php
Passport::loadKeysFrom(base_path(config('passport.key_path')));
```
- `php artisan vendor:publish --tag=passport-migrations` & move to `database/migrations/tenant/` directory
- Create `passport.php` file in your config directory and add database connection and key path config. This makes passport use the default connection.
```php
<?php
return [
'storage' => [
'database' => [
'connection' => null,
],
],
'key_path' => env('OAUTH_KEY_PATH', 'storage')
];
```
You may set the OAUTH_KEY_PATH in your .env, but by default `passport:keys` puts them in `storage/` directory
## **Shared keys**
If you want to use the same keypair for all tenants, do the following.
- Don't use `passport:install`, use just `passport:keys`. The install command creates keys & two clients. Instead of creating clients centrally, create `Client`s manually in your [tenant database seeder]({{ $page->link('configuration#seeder-params') }}), like this:
```php
public function run()
{
$client = new ClientRepository();
$client->createPasswordGrantClient(null, 'Default password grant client', 'http://your.redirect.path');
$client->createPersonalAccessClient(null, 'Default personal access client', 'http://your.redirect.path');
}
```
## **Tenant-specific keys** {#tenant-specific-keys}
If you want to use a unique keypair for each tenant, do the following. (Note: The security benefit of doing this isn't probably that big, since you're likely already using the same `APP_KEY` for all tenants.)
There are multiple ways you can store & load tenant keys, but the most straightforward way is to store the keys in the on the tenant model and load them into the `passport` configuration using the **[Tenant Config]({{ $page->link('features/tenant-config') }})** feature:
- Uncomment the `TenantConfig` line in your `tenancy.features` config
- Configure the mapping as follows:
```php
[
'passport_public_key' => 'passport.public_key',
'passport_private_key' => 'passport.private_key',
],
```
And again, you need to create clients in your tenant database seeding process.
## Using Passport in both the central & tenant app {#using-passport-in-both-the-central-and-tenant-app}
To use Passport on central and tenant application, you may apply the following changes.
- Remove this from the `register` method in your `AppServiceProvider` if you added it previously:
```php
Passport::ignoreMigrations();
```
- Configure `Passport routes` on the `register` method in your `AppServiceProvider` as follows:
```php
Passport::routes(null, ['middleware' => [
'universal',
InitializeTenancyByDomain::class
]]);
```
- Make a copy of `Passport migrations` to `database/migrations/tenant/` directory
And make sure you enable the *Universal Routes* feature.
Also change the value of `storage.database.connection` to `null` in the file `config/passport.php` to force Passport to use the default database connection. That way, Passport will work in both central and tenant parts of the application.
Reference in a new issue View git blame Copy permalink