chivincent/laravel-kratos

Laravel Kratos integrates authentication features with ory/kratos

Maintainers

Details

github.com/chivincent/laravel-kratos

Source

Issues

Installs: 24

Dependents: 0

Suggesters: 0

Security: 0

Stars: 3

Watchers: 1

Forks: 1

Open Issues: 1

v1.2.0 2023-07-25 07:22 UTC

Requires

Requires (Dev)

MIT c58f80f25972895931e86b7adee2a51619c0b11b

  • Vincent Chi <song374561.woop@chivincent.net>

Authenticationauthlaravelkratosory-kratos

This package is auto-updated.

Last update: 2024-04-25 09:12:12 UTC

README

Testing

Introduction

Laravel Kratos integrates authentication features with ory/kratos.

Requirements

  • I'm building an API with Laravel.
  • I'm not using built-in authentication feature in Laravel, because Kratos has been implemented.
    • I won't use them also in the future.
  • The frontend is a separated project
    • The frontend authenticates with Kratos server, and receive a ory_kratos_session cookie.
    • The frontend makes requests to the Laravel API, with ory_kratos_session cookie.

Install

composer require chivincent/laravel-kratos

Configuration

php artisan vendor:publish --provider="Chivincent\LaravelKratos\KratosServiceProvider"

  • Check the config/kratos.php, ensure the endpoint of Kratos service.

  • Update config/auth.php

<?php

return [
    // ...
    'guards' => [
        'kratos' => [
            'driver' => 'kratos',
            'provider' => 'kratos', // or 'kratos-database'
        ],    
    ],
    // ...
];
  • Update config/cors.php
<?php

return [
    // ...
    
    'allowed_origins' => ['http://127.0.0.1:4455'], // Port 4455 is the default application of Kratos Frontend UI
    
    // ...
    
    'supports_credentials' => true,
    
    // ...
];

Database Configuration

If using kratos-database as UserProvider in auth.guards.kratos.provider, it's helpful to setup connection with default user model.

  • Update config/database.php, it is an example for Postgresql below:
<?php

return [
    // ...
    'connections' => [
        'kratos' => [ // connection name should as same as `config('kratos.user_providers.kratos-database.connection')` 
            'driver' => 'pgsql',
            'host' => env('DB_HOST', '127.0.0.1'),
            'port' => env('DB_PORT', '5432'),
            'database' => env('DB_KRATOS_DATABASE', 'kratos'),
            'username' => env('DB_USERNAME', 'forge'),
            'password' => env('DB_PASSWORD', ''),
            'charset' => 'utf8',
            'prefix' => '',
            'prefix_indexes' => true,
            'search_path' => 'public',
            'sslmode' => 'prefer',
        ],    
    ]
    // ... 
];

MustVerifyEmail

Laravel are using Illuminate\Contracts\Auth\MustVerifyEmail to check if user's email has been verified.

It can easily implements Illuminate\Contracts\Auth\MustVerifyEmail by extending models:

// app/Models/User.php

use Chivincent\LaravelKratos\Models\KratosIdentity;
use Chivincent\LaravelKratos\Models\KratosUser;
use Illuminate\Contracts\Auth\MustVerifyEmail;

// If using "kratos" user provider:
class User extends KratosIdentity implements MustVerifyEmail
{
}

// If using "kratos-database" user provider:
//class User extends KratosUser implements MustVerifyEmail
//{
//}

Usage

In routes/api.php:

Route::middleware('auth:kratos')
    ->get('user', fn (Request $request) => response()->json($request->user()));