I'm building a multi-tenant application where the idea is the admins access through the main domain (http://myapp.app) to the dashboard and the regular users access to another dashboard on their respective subdomains (http://tenant-a.myapp.app).
To achieve this I created a custom guard(admin) that uses the session driver and the admins provider which is a custom provider that uses the eloquent driver and my table admins.
// config/auth.php
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'jwt',
'provider' => 'users',
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
]
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => Monica\Models\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => Monica\Models\Admin::class,
],
],
After reading a lot of documentation about how the authentication works I got the admins dashboard working event with the reset password system but the part of the subdomains still present some issues.
The login for the regular users on the tenant subdomain seems to be working since I got my user logged and if I check the remember option this is reflected on the database getting a token.
The most important issue that have is when I try to retrieve the user using the authentication functions (facade or injected) I can't get the user, the method always return me null.
I've tried to specify the guard to the auth object but still not work.
When I use the guard object it has a member user that it suppose to contain the logged user but it is always null and if you are about to ask me why I need the user it's because I need to check the permissions of the user.
My theories are that my session only works with the main domain and not with the subdomians or I need to specify another cookie but honestly I'm just guessing.
I don't even know what part of my code will be useful to post but if you are related with this problem, every light that you can give me is welcome, let me know if you need more information or an specific piece of my code.
Thanks in advance
UPDATE
This is an extract of the UserController.php
use Illuminate\Auth\AuthManager as Auth;
use Illuminate\Contracts\Auth\Access\Gate;
use Monica\Http\Controllers\Controller;
class UsersController extends Controller
{
protected $auth;
protected $gate;
public function __construct(Auth $auth, Gate $gate)
{
$this->middleware('web');
$this->auth = $auth;
$this->gate = $gate;
$this->auth->guard('web');
$this->auth->shouldUse('web');
$u = $this->auth->guard();
dd($u);
}
}
And this is the guard object dumped:
SessionGuard {#311 ▼
#name: "admin"
#lastAttempted: null
#viaRemember: false
#session: Store {#294 ▼
#id: "XIWy7hEJRuX1cL2bBN7pf7DqT54PpbTyYBXPv6He"
#name: "no_named_app_session"
#attributes: array:5 [▼
"_token" => "RrTXOZwj56Nk9OqxkdkLdDztfZb6TeW2knVf5xc7"
"_previous" => array:1 [▼
"url" => "http://monica.app/admin/admins"
]
"_flash" => array:2 [▼
"old" => []
"new" => []
]
"url" => []
"login_admin_59ba36addc2b2f9401580f014c7f58ea4e30989d" => "66f4aab0-6566-11e8-b51d-673dcbafed23"
]
#handler: FileSessionHandler {#295 ▼
#files: Filesystem {#115}
#path: "/home/vagrant/Code/PHP/monica/storage/framework/sessions"
#minutes: "120"
}
#started: true
}
#cookie: CookieJar {#292 ▼
#path: "/"
#domain: null
#secure: false
#sameSite: null
#queued: []
}
#request: Request {#42 ▶}
#events: Dispatcher {#26 ▶}
#loggedOut: false
#recallAttempted: false
#user: Admin {#328 ▶}
#provider: EloquentUserProvider {#308 ▼
#hasher: BcryptHasher {#310 ▶}
#model: "Monica\Models\Admin"
}
}