Closed dbiljak closed 4 years ago
Hi @dbiljak,
You're very close -- when you pass in the users credentials into the Auth::attempt()
method, you must set the key that you would like to locate users by for the username:
https://ldaprecord.com/docs/laravel/auth/quickstart/#database-controller-setup
public function login()
{
$credentials = [
'samaccountname' => request('username'),
'password' => request('password'),
];
if (Auth::attempt($credentials)) {
$user = Auth::user();
$success['token'] = $user->createToken('MyApp')->accessToken;
return response()->json(['success' => $success], $this->successStatus);
} else {
return response()->json(['error'=>'Unauthorised'], 401);
}
}
Closing this, as this should resolve your issue, but let me know if you encounter anything else 👍
Auth::attempt($credentials) returns
"SQLSTATE[42S22]: Column not found: 1054 Unknown column 'samaccountname' in 'where clause' (SQL: select * from users
where samaccountname
= XXX limit 1)"
It searches my local DB, and I use username instead of samaccountname. But if I change it I get Unauthorised again
Hi @dbiljak,
It looks like you haven't set your ldap
authentication guard as your default. Do you still have an eloquent
guard configured?
If you had your default authentication guard
set to a provider
using the ldap
authentication driver, then this exception would not occur. Let me know!
Everything is as in documentation:
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'ldap'
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'ldap' => [
'driver' => 'ldap',
'model' => LdapRecord\Models\ActiveDirectory\User::class,
'rules' => [],
'database' => [
'model' => App\User::class,
'sync_passwords' => true,
'sync_attributes' => [
'username' => 'samaccountname',
'name' => 'cn',
You haven’t changed your web
guards provider to ldap
.
The passport
driver is not compatible with the ldap
provider.
What is the best way for api login then?
You would have to build it yourself unfortunately.
Problem is — there is no way to store / save API keys in LDAP entries, so you cannot retrieve users by them.
y I guessed that
I am implementing this now: https://ldaprecord.com/docs/authentication/#other-attributes
There is an error: $user['distinguishedname'] returns array not a string.
Thnx for ur help
Every attribute is returned as an array in LDAP, so you must access it via the first array key:
$user['distinguishedname'][0]
Hi, after switching from adldap2-laravel to ldaprecord-laravel on the working project we can't log in anymore. We are importing users from AD;
'ldap' => [ 'driver' => 'ldap', 'model' => LdapRecord\Models\ActiveDirectory\User::class, 'rules' => [], 'database' => [ 'model' => App\User::class, 'sync_passwords' => true, 'sync_attributes' => [ 'username' => 'samaccountname', 'name' => 'cn', 'email' => 'mail', 'telephone' => 'telephonenumber', 'position' => 'physicaldeliveryofficename', 'thumbnailphoto' => 'thumbnailphoto' ], 'sync_existing' => [ 'email' => 'mail', ], 'password_column' => 'password', ], ]
Everything is synced and OK after synchronization but we can't log in.
Controller:
public function login() { if (Auth::attempt(['username' => request('username'), 'password' => request('password')])) { $user = Auth::user(); $success['token'] = $user->createToken('MyApp')->accessToken; return response()->json(['success' => $success], $this->successStatus); } else { return response()->json(['error'=>'Unauthorised'], 401); } }
The method returns else value
on dd request('username') and request('password') returns values from post but Auth::attempt(['username' => request('username'), 'password' => request('password')]) returns false
Please help