sundayenglish
/
GK-Content-Management
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Mapping database authentication to Sunday English

Browse Source
pull/2/head
sundayenglish 4 weeks ago
parent fe7a7e5970
commit 09b547e18f
8 changed files with 161 additions and 13 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 21
      .env.example
  2. 36
      app/Models/GKUser.php
  3. 37
      app/Passport/CustomUserRepository.php
  4. 21
      app/Providers/AuthServiceProvider.php
  5. 32
      app/Providers/MD5UserProvider.php
  6. 1
      bootstrap/providers.php
  7. 7
      config/auth.php
  8. 19
      config/database.php

21
.env.example
Unescape View File

@ -20,12 +20,19 @@ LOG_STACK=single
LOG_DEPRECATIONS_CHANNEL=null LOG_DEPRECATIONS_CHANNEL=null
LOG_LEVEL=debug LOG_LEVEL=debug
DB_CONNECTION=sqlite DB_CONNECTION=mysql
# DB_HOST=127.0.0.1 DB_HOST=
# DB_PORT=3306 DB_PORT=
# DB_DATABASE=laravel DB_DATABASE=
# DB_USERNAME=root DB_USERNAME=
# DB_PASSWORD= DB_PASSWORD=
DB_SUNDAY_CONNECTION=mysql
DB_SUNDAY_HOST=
DB_SUNDAY_PORT=
DB_SUNDAY_DATABASE=
DB_SUNDAY_USERNAME=
DB_SUNDAY_PASSWORD=
SESSION_DRIVER=database SESSION_DRIVER=database
SESSION_LIFETIME=120 SESSION_LIFETIME=120
@ -66,3 +73,5 @@ VITE_APP_NAME="${APP_NAME}"
PASSPORT_PASSWORD_CLIENT_ID= PASSPORT_PASSWORD_CLIENT_ID=
PASSPORT_PASSWORD_CLIENT_SECRET= PASSPORT_PASSWORD_CLIENT_SECRET=
AUTH_MODEL=App\\Models\\GkUser

36
app/Models/GKUser.php
Unescape View File

@ -0,0 +1,36 @@
<?php
namespace App\Models;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Laravel\Passport\HasApiTokens;
use Spatie\Permission\Traits\HasRoles;
class GKUser extends Authenticatable
{
use HasApiTokens, Notifiable, HasRoles;
protected $table = 'gk_user';
protected $connection = 'db_sunday';
protected $fillable = [
'name',
'email',
'password',
];
protected $hidden = [
'password',
'remember_token',
];
protected function casts(): array
{
return [
'email_verified_at' => 'datetime',
'password' => 'hashed',
];
}
}

37
app/Passport/CustomUserRepository.php
Unescape View File

@ -0,0 +1,37 @@
<?php
namespace App\Passport;
use Laravel\Passport\Bridge\User;
use Laravel\Passport\Bridge\UserRepository as PassportUserRepository;
use League\OAuth2\Server\Entities\ClientEntityInterface;
use Illuminate\Support\Facades\Hash;
use App\Models\GKUser;
class CustomUserRepository extends PassportUserRepository
{
public function getUserEntityByUserCredentials($username, $password, $grantType, ClientEntityInterface $client)
{
$user = GKUser::where('email', $username)->first();
if (! $user) {
return;
}
$hashed = $user->password;
if (!Hash::needsRehash($hashed)) {
if (!Hash::check($password, $hashed)) {
return;
}
} elseif (md5($password) !== $hashed) {
return;
} else {
// ✅ Nếu MD5 khớp → nâng cấp lên bcrypt
$user->password = Hash::make($password);
$user->save();
}
return new User($user->getAuthIdentifier());
}
}

21
app/Providers/AuthServiceProvider.php
Unescape View File

@ -5,8 +5,11 @@ namespace App\Providers;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider; use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Laravel\Passport\Passport; use Laravel\Passport\Passport;
use League\OAuth2\Server\AuthorizationServer; use League\OAuth2\Server\AuthorizationServer;
use Laravel\Passport\Bridge\UserRepository; use Laravel\Passport\Bridge\UserRepository as PassportUserRepository;
use Laravel\Passport\Bridge\RefreshTokenRepository; use Laravel\Passport\Bridge\RefreshTokenRepository;
use Illuminate\Support\Facades\Auth;
use App\Auth\Providers\MD5UserProvider;
use App\Passport\CustomUserRepository; // ⬅ bạn sẽ tạo file này
use DateInterval; use DateInterval;
class AuthServiceProvider extends ServiceProvider class AuthServiceProvider extends ServiceProvider
@ -15,17 +18,27 @@ class AuthServiceProvider extends ServiceProvider
public function boot(): void public function boot(): void
{ {
// ✅ Đăng ký custom provider hỗ trợ MD5 password
Auth::provider('md5provider', function ($app, array $config) {
return new MD5UserProvider($app['hash'], $config['model']);
});
// ✅ Ghi đè UserRepository để Passport hỗ trợ MD5
$this->app->bind(PassportUserRepository::class, CustomUserRepository::class);
// ✅ Thiết lập thời hạn token Passport
Passport::tokensExpireIn(now()->addHour()); Passport::tokensExpireIn(now()->addHour());
Passport::refreshTokensExpireIn(now()->addMonth()); Passport::refreshTokensExpireIn(now()->addMonth());
// ✅ Đăng ký Password Grant cho OAuth
$this->app->afterResolving(AuthorizationServer::class, function ($server) { $this->app->afterResolving(AuthorizationServer::class, function ($server) {
$grant = new \League\OAuth2\Server\Grant\PasswordGrant( $grant = new \League\OAuth2\Server\Grant\PasswordGrant(
app(UserRepository::class), app(PassportUserRepository::class),
app(RefreshTokenRepository::class) app(RefreshTokenRepository::class)
); );
$grant->setRefreshTokenTTL(new DateInterval('P1M')); // 1 tháng
$server->enableGrantType($grant, new DateInterval('PT1H')); // 1 giờ $grant->setRefreshTokenTTL(new DateInterval('P1M'));
$server->enableGrantType($grant, new DateInterval('PT1H'));
}); });
} }
} }

32
app/Providers/MD5UserProvider.php
Unescape View File

@ -0,0 +1,32 @@
<?php
namespace App\Auth\Providers;
use Illuminate\Auth\EloquentUserProvider;
use Illuminate\Contracts\Auth\Authenticatable;
use Illuminate\Support\Facades\Hash;
class MD5UserProvider extends EloquentUserProvider
{
public function validateCredentials(Authenticatable $user, array $credentials)
{
$plain = $credentials['password'];
$hashed = $user->getAuthPassword();
// Nếu là Bcrypt → dùng bình thường
if (!Hash::needsRehash($hashed)) {
return Hash::check($plain, $hashed);
}
// Nếu là MD5 → kiểm tra tay
if (md5($plain) === $hashed) {
// Tự động upgrade
$user->password = Hash::make($plain);
$user->save();
return true;
}
return false;
}
}

1
bootstrap/providers.php
Unescape View File

@ -3,5 +3,6 @@
return [ return [
App\Providers\AppServiceProvider::class, App\Providers\AppServiceProvider::class,
App\Providers\AuthServiceProvider::class, App\Providers\AuthServiceProvider::class,
App\Providers\MD5UserProvider::class,
App\Providers\MiddlewareServiceProvider::class, App\Providers\MiddlewareServiceProvider::class,
]; ];

7
config/auth.php
Unescape View File

@ -42,7 +42,7 @@ return [
], ],
'api' => [ 'api' => [
'driver' => 'passport', // ← Quan trọng: phải là 'passport' 'driver' => 'passport', //
'provider' => 'users', 'provider' => 'users',
], ],
], ],
@ -66,8 +66,9 @@ return [
'providers' => [ 'providers' => [
'users' => [ 'users' => [
'driver' => 'eloquent', // 'driver' => 'eloquent',
'model' => env('AUTH_MODEL', App\Models\User::class), 'driver' => 'md5provider',
'model' => App\Models\GKUser::class,
], ],
// 'users' => [ // 'users' => [

19
config/database.php
Unescape View File

@ -61,6 +61,25 @@ return [
PDO::MYSQL_ATTR_SSL_CA => env('MYSQL_ATTR_SSL_CA'), PDO::MYSQL_ATTR_SSL_CA => env('MYSQL_ATTR_SSL_CA'),
]) : [], ]) : [],
], ],
'db_sunday' => [
'driver' => 'mysql',
'url' => env('DB_URL'),
'host' => env('DB_SUNDAY_HOST', '127.0.0.1'),
'port' => env('DB_SUNDAY_PORT', '3306'),
'database' => env('DB_SUNDAY_DATABASE', 'laravel'),
'username' => env('DB_SUNDAY_USERNAME', 'root'),
'password' => env('DB_SUNDAY_PASSWORD', ''),
'unix_socket' => env('DB_SOCKET', ''),
'charset' => env('DB_CHARSET', 'utf8mb4'),
'collation' => env('DB_COLLATION', 'utf8mb4_unicode_ci'),
'prefix' => '',
'prefix_indexes' => true,
'strict' => true,
'engine' => null,
'options' => extension_loaded('pdo_mysql') ? array_filter([
PDO::MYSQL_ATTR_SSL_CA => env('MYSQL_ATTR_SSL_CA'),
]) : [],
],
'mariadb' => [ 'mariadb' => [
'driver' => 'mariadb', 'driver' => 'mariadb',

Write Preview
Loading…
Cancel
Save