laravel-auth maintained by codebar-ag
This package was developed to give you a quick start to authenticate in laravel. It is opinionated and uses the following packages:
💡 What is Laravel Auth?
Laravel Auth is an internal Laravel Nova Authentication replacement to gain more control over authorizing into Laravel Nova.
🛠 Requirements
> = v1.0
- PHP:
^8.2 - Laravel:
^10.* - Microsoft SSO
⚙️ Installation
You can install the package via composer:
composer require codebar-ag/laravel-auth
Add the following script to your composer.json file:
"scripts": {
"post-update-cmd": [
"@php artisan vendor:publish --tag=auth-assets --ansi --force"
],
}
Add configuration to your config/services.php file:
'microsoft' => [
'client_id' => env('MICROSOFT_CLIENT_ID'),
'client_secret' => env('MICROSOFT_CLIENT_SECRET'),
'redirect' => env('MICROSOFT_REDIRECT_URI'),
'tenant' => env('MICROSOFT_TENANT_ID'),
'include_tenant_info' => true,
],
Add the following environment variables to your .env file:
MICROSOFT_CLIENT_ID=your-client-id
MICROSOFT_CLIENT_SECRET=your-client-secret
MICROSOFT_REDIRECT_URI="${APP_URL}/auth/service/microsoft/redirect"
MICROSOFT_TENANT_ID=your-tenant-id
⚠️ You need to provide a publicly accessible URL for the MICROSOFT_REDIRECT_URI environment variable. You can use expose or ngrok for local development.
APP_URL=https://your-expose-or-ngrok-url.com
# ✅ This is recommended for production as well:
MICROSOFT_REDIRECT_URI="${APP_URL}/auth/service/microsoft/redirect"
Add the following trait to your User model:
use CodebarAg\LaravelAuth\Traits\HasAuthProviders;
Update your App\Http\Middleware\Authenticate middleware:
...
protected function redirectTo(Request $request): ?string
{
- return $request->expectsJson() ? null : route('login');
+ return $request->expectsJson() ? null : route('auth.login');
}
Finally, run the following command:
php artisan auth:install
💉 Tests
If you wish to add pest tests, run the following command:
php artisan auth:install-tests
Next add the following to your phpunit.xml file:
<testsuite name="Auth">
<directory>tests/Auth</directory>
</testsuite>
You will also need to add Auth to your Pest.php file:
uses(Tests\TestCase::class)->in('Feature', 'Auth');
🚏 Routes
Below are the following routes provided by this package:
| Method | URI | Name | Middleware |
|---|---|---|---|
| GET | HEAD | /auth/login | auth.login | web |
| POST | /auth/login/store | auth.login.store | web |
| ANY | /auth/logout | auth.logout | web |
| GET | HEAD | /auth/password | auth.request-password | web |
| POST | /auth/password/store | auth.request-password.store | web |
| POST | /auth/password/reset | auth.reset-password | web |
| GET | HEAD | /auth/password/token/{token} | auth.reset-password.store | web |
| GET | HEAD | /auth/service/{service} | auth.provider | web |
| GET | HEAD | /auth/service/{service}/redirect | auth.provider.redirect | web |
| GET | HEAD | /auth/email/verify | auth.verification.notice | web |
| GET | HEAD | /auth/email/verify/{id}/{hash} | auth.verification.verify | web |
| POST | /auth/email/verification-notification | auth.verification.send | web |
🪐 Nova Adjustments
Add the user menu for logout to your NovaServiceProvider boot method:
use Illuminate\Http\Request;
use Laravel\Nova\Menu\Menu;
use Laravel\Nova\Menu\MenuItem;
class NovaServiceProvider extends NovaApplicationServiceProvider
{
/**
* Bootstrap any application services.
*
* @return void
*/
public function boot()
{
parent::boot();
Nova::userMenu(function (Request $request, Menu $menu) {
return $menu
->append(MenuItem::externalLink('Logout', route('auth.logout')));
});
Next in your nova.php config add the following:
/*
|--------------------------------------------------------------------------
| Nova Routes
|--------------------------------------------------------------------------
|
| These are the routes that are used by Nova to authenticate users.
|
*/
'routes' => [
'login' => 'auth/login',
],
Next in your NovaServiceProvider replace the routes method with the following:
Note: you can not register routes for ->withAuthenticationRoutes() or ->withPasswordResetRoutes() as this will override the changes we made in the nova.php config to routes.
/**
* Register the Nova routes.
*
* @return void
*/
protected function routes()
{
- Nova::routes()
- ->withAuthenticationRoutes()
- ->withPasswordResetRoutes();
+ Nova::routes();
}
🔧 Configuration file
You can publish the config file with:
php artisan vendor:publish --tag=auth-config
This is the contents of the published config file:
<?php
// config for CodebarAg/LaravelAuth
use CodebarAg\LaravelAuth\Enums\ProviderEnum;
return [
/*
|--------------------------------------------------------------------------
| Redirect Settings
|--------------------------------------------------------------------------
| You may like to define a different route once the user is
| logged in or out. If no redirects are defined, the package will redirect to the
| intended route. (This is the normal Laravel behaviour)
|
| Use the route name as defined in your routes file.
|
| If password-reset is not defined, the package will redirect to the login redirect route.
|
*/
'redirect' => [
// 'login' => 'dashboard',
// 'logout' => '',
// 'password-reset' => '',
],
/*
|--------------------------------------------------------------------------
| Logo Settings
|--------------------------------------------------------------------------
| You may like to define a different logo for the login page.
| You can pass either a path relative to the public folder or a full url.
|
*/
'logo' => [
'path' => 'vendor/auth/images/lock.svg',
// 'path' => 'https://example.test/images/logo.png',
'width' => '25%',
],
/*
|--------------------------------------------------------------------------
| Middleware Settings
|--------------------------------------------------------------------------
| By default, the package will use the web middleware group.
| You may define them the same way you would in your routes file.
|
*/
'middleware' => [
//
],
/*
|--------------------------------------------------------------------------
| Link Settings
|--------------------------------------------------------------------------
| By default, the package will use 60 minutes as the expiration time for
| the signed links used in the email verification process.
| You may define a different value here.
|
*/
'link_expiration_in_minutes' => 60,
/*
|--------------------------------------------------------------------------
| Toast Settings
|--------------------------------------------------------------------------
| By default, the package will use 5000 milliseconds as the time to fade
| out the toast messages.
| You may define a different value here.
|
*/
'toast_fade_time_in_milliseconds' => 5000,
/*
|--------------------------------------------------------------------------
| Password Reset Settings
|--------------------------------------------------------------------------
| By default, the package will use the password_resets table.
| You may define a different table name here.
|
*/
'password_reset_table' => 'password_resets',
/*
|--------------------------------------------------------------------------
| Provider Settings
|--------------------------------------------------------------------------
| Add the providers you want to use here.
| e.g ProviderEnum::MICROSOFT_OFFICE_365,
|
*/
'providers' => [
ProviderEnum::MICROSOFT_OFFICE_365,
],
/*
|--------------------------------------------------------------------------
| Feature Settings
|--------------------------------------------------------------------------
| By default, all features are enabled.
| You may disable a provider by adding changing the value to false.
|
*/
'features' => [
'basic' => true,
'sso' => true,
'password_reset' => true,
'email_verification' => true,
],
];
🔐 Verify
If you wish to use email verification, you can add the following to your User model:
use Illuminate\Contracts\Auth\MustVerifyEmail;
class User extends Authenticatable implements MustVerifyEmail
Then you can use the following middleware to protect your routes:
Illuminate\Auth\Middleware\EnsureEmailIsVerified::redirectTo('auth.verification.notice'),
You use verification in nova, add the middleware into in your nova.php config:
/*
|--------------------------------------------------------------------------
| Nova Route Middleware
|--------------------------------------------------------------------------
|
| These middleware will be assigned to every Nova route, giving you the
| chance to add your own middleware to this stack or override any of
| the existing middleware. Or, you can just stick with this stack.
|
*/
'middleware' => [
'web',
EnsureEmailIsVerified::redirectTo('auth.verification.notice'),
HandleInertiaRequests::class,
DispatchServingNovaEvent::class,
BootTools::class,
],
🎨 Customisation
You can publish the views using:
php artisan vendor:publish --tag=auth-views
You can publish the assets using:
php artisan vendor:publish --tag=auth-assets
You can publish the config using:
php artisan vendor:publish --tag=auth-config
You can publish the migrations using:
php artisan vendor:publish --tag=auth-migrations
You can publish the translations using:
php artisan vendor:publish --tag=auth-translations
This package uses Laravel Honeypot to prevent spam.Check out the documentation to learn how to customise it.
🚧 Testing
Copy your own phpunit.xml-file.
cp phpunit.xml.dist phpunit.xml
Run the tests:
./vendor/bin/pest
📝 Changelog
Please see CHANGELOG for more information on what has changed recently.
✏️ Contributing
Please see CONTRIBUTING for details.
🧑💻 Security Vulnerabilities
Please review our security policy on how to report security vulnerabilities.
🙏 Credits
🎭 License
The MIT License (MIT). Please see License File for more information.