I'm building an web application using Laravel 5.4 but having trouble implementing a rather unusual pseudo multi authentication process. It involves two steps: first with CAS, second with a local database specific to the app.
First, 'real' authentication against CAS server: I must use CAS only as single sign on, so a user is redirected to CAS' own login page. Once the user is successfully authenticated, the user returns to the application with user-related data, including a username.
The second step of authentication, against the app's database, is done within the app. I take the username returned from CAS and check if it has a match in the app's database. It is not really authentication in a sense that it does not require a password (thus, authentication/authorization in the title); it simply checks if the username exists in the database. If it does, authentication is completed, and now the user has full access to the app. If it doesn't exist, instead of failing authentication, a new user account is created in the database, using the data returned from CAS. Then automatically signed in.
What I have built so far works; I'm using Subfission/CAS implemented as middleware (http://ift.tt/2dG6d0e), in combination with session. However, when it comes to 'guarding' some routes, I'm not sure if using session is good enough. I'd like to take advantage of Laravel features, like User Eloquent model, Auth facade and guard.
I've been studying and trying on my own, but nothing has come to me as a clear solution. It doesn't help that this is my first PHP project. If someone can suggest a solution, or point me to the right direction, it'd be greatly appreciated.
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire