Skip to content

tim-online/laravel-auth-pubtkt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
config
config
 
 
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 
composer.json
composer.json
 
 

Repository files navigation

Laravel mod_auth_pubtkt module

This module implements the login server for the Apache mod_auth_pubtkt module.

It works by setting an additional auth_pubtkt cookie when logging in.

Installation

This package can be installed through Composer.

composer require tim-online/laravel-auth-pubtkt

You must install this service provider.

// config/app.php
'providers' => [
    ...
    Timonline\AuthPubtkt\AuthPubtktServiceProvider::class
    ...
];

You can publish the config file of this package with this command:

php artisan vendor:publish --provider="Timonline\AuthPubtkt\AuthPubtktServiceProvider"

This module works with the default Laravel login form but it needs some customisations to make the redirect to the protected application work properly.

Allow the auth_pubtkt cookie to be unencrypted. Add the cookienaam as an exception to EncryptCookies:

/**
 * The names of the cookies that should not be encrypted.
 *
 * @var array
 */
protected $except = [
    'auth_pubtkt',
];

Add the back parameter as a hidden input to your login form:

<input type="hidden" name="back" value="{{ app('request')->input('back') }}" />

And finally, after login, redirect to the back url. Edit your Auth\LoginController:

protected function redirectTo(Request $request)
{
    return $request->input('back', '/home');
}

To make the redirect work in Spark you can edit SparkServiceProvider and add this call in the booted method:

Spark::afterLoginRedirectTo(function() {
    $request = app('request');
    return $request->input('back', '/home');
});

To secure the protected application you can use something like this:

<Location />
    AuthType mod_auth_pubtkt
    TKTAuthLoginURL https://myapp.tld/login
    TKTAuthTimeoutURL https://myapp.tld/login?timeout=1
    TKTAuthRefreshURL https://myapp.tld/login?refresh=1
    TKTAuthUnauthURL https://myapp.tld/login?unauth=1
    TKTAuthRequireSSL on
    require valid-user
</Location>

TODO

  • make ?back= work without manual customisations in view and controller
  • make the EncryptCookies middleware automatically skip the auth_pubtkt cookie
  • create a custom Laravel authentication guard for mod_auth_pubtkt
  • Add timeout, refresh & unauth notifications

About

Laravel login server for mod_auth_pubtkt

Resources

Readme

License

GPL-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

4 watching

Forks

0 forks
Report repository

Releases 1

0.0.1 Latest
May 8, 2017

Packages

No packages published

Languages