robrogers3 / laraldap-auth
ldap authentication for laravel
Requires
- php: >=5.4
- illuminate/support: >=5.4
- phpseclib/phpseclib: ^2.0
Requires (Dev)
- phpunit/phpunit: ~4.0||~5.0||~6.0|^7.0
This package is auto-updated.
Last update: 2024-11-20 13:02:53 UTC
README
Drop in replacement for Laravel authentication against your ldap service.
Supporting OpenLDAP.
Install
Via Composer
$ composer require robrogers3/laraldap-auth
Usage
Add this to app.php in the services providers list
robrogers3\laradauth\LdapAuthServiceProvider::class,
Update config/auth.php
'providers' => [ 'users' => [ 'driver' => 'ldap', 'model' => App\User::class, 'host' => 'host.example..com', 'domain' => 'example.com', 'base_dn' => 'cn=users,dc=cs-ds1-1,dc=home,dc=example,dc=com', 'user_dn' => 'uid' ], ],
Create your database, and specify database connection options in .env and/or config/database.php
Use Artisan to make auth and migrate
Run:
php artisan make:auth
If you are using Bootstrap 3 then you can publish the views to prevent user registration.
php artisan migrate
php artisan vendor:publish --force #force cause we override those in make auth.
You may be done. Go ahead and login.
Using AES to encrypt passwords
The LDAP passwords are saved in the User table. Normally they are encrypted wih BCrypt.
There is now AES support so you can safely exchange information from other applications that require an ldap login for authentication.
With AES and a shared key, you can encrypt and decrypt passwords on either side if you share the same AES key.
Here's the changes you need to make:
- Add the packages HashServiceProvider to config/app.php
/* * Package Service Providers... */ robrogers3\laradauth\LdapAuthServiceProvider::class, robrogers3\laradauth\HashServiceProvider::class,
Update the config/hashing.php file like so.
'driver' => 'aes', //more config here 'aes' => [ 'key' => 'shared-secret-key' ]
Update your user database migration and add this column:
$table->string('user_name');
Then update your services.php config file, like so:
'ldap' => [ 'create-user-name' => true ]
Now you should be good to go.
Change log
Please see CHANGELOG for more information on what has changed recently.
Testing
$ composer test me not
Contributing
Please see CONTRIBUTING and CONDUCT for details.
Security
If you discover any security related issues, please email robrogers@me.com instead of using the issue tracker.
Credits
License
The MIT License (MIT). Please see License File for more information.