Authentication issue in laravel 5.6 using Multi tenancy and Multiple Modular structure

Question

Development in laravel 5.6 I have installed this packages for implementing Multi-tenancy and Multiple-Modular system in laravel 5.6 : 1. "artem-schander/l5-modular": "^1.4", 2. "hyn/multi-tenant": "5.2.*",

The modular structure is like this:

laravel-project/`
 app/
 └── Modules/
     └── Organization/
         ├── Controllers/
         │   └── OrganizationController.php
         ├── Models/
         │   └── Organization.php
         ├── Views/
         │   └── index.blade.php
         ├── routes
         │   ├── api.php
         │   └── web.php
         └── helper.php

Now I have faced a issue to fetch Auth User details into the Controllers under Organization Module.

Using route under Organization module and Default laravel route (route/web.php) it is default web.php in laravel.

    Route::group(['middleware' => 'auth'], function () {
    Route::get('dashboard', 'DashboardController@index'); //Return All Users
    //Route::get('dashboard', 'DashboardController@generalDashboard'); //Return All Users
    Route::get('dashboard/{period}', 'DashboardController@renderDashboard'); //Return All Users

    /* Route for Organization*/
    Route::get('organization','\App\Modules\Organization\Controllers\OrganizationController@index'); 

});

and route under Organization Module is like :

    Route::group(['module' => 'Organization', 'middleware' => ['web','auth'], 'namespace' => 'App\Modules\Organization\Controllers'], function() {
    Route::resource('organization', 'OrganizationController');

});

and OrganizationController under Organization Module

    namespace App\Modules\Organization\Controllers;

use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
//use Illuminate\Support\Facades\Auth;
use Auth;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Crypt;
use Illuminate\Support\Facades\Mail;

use App\Repositories\Organization\OrganizationRepositoryInterface;

use App\Models\Country;
use App\Models\State;
use App\Models\City;

use Validator;
use Redirect;
use Session;
use App\Http\Requests\OrganizationStoreRequest ;
use App\Traits\Custom\CustomResponseTrait ;

class OrganizationController extends Controller
{
    use CustomResponseTrait ;

    private $organizationRepo ;

    public function __construct(OrganizationRepositoryInterface $organizationRepository){
        $this->organizationRepo = $organizationRepository ;
        //$this->middleware('auth');
    }

    /**
     * Display a listing of the resource.
     *
     * @return \Illuminate\Http\Response
     */

    public function index()
    {
        dd(Auth::user()) ;
        $organizations = $this->organizationRepo->all();
        return view('Organization::test.index')->with('organizations', $organizations);
    }

dd(Auth::user()) ; it will return null , but dashboardControiller in running well under default Controller directory in Laravel structure.

namespace App\Http\Controllers;

use Illuminate\Http\Request;

use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\DB;

use App\Modules\Psession\Models\Psession;
use App\Modules\Product\Models\Product;
use App\Modules\Comment\Models\Comment;
use App\Modules\ProductState\Models\ProductState;
use App\Modules\Image\Models\Image;
use App\Modules\Copywriting\Models\ProductCopywritingsession;
use App\Modules\Ounass\Models\Channel;

use Cache;

class DashboardController extends Controller
{
  /**
  * Create a new controller instance.
  *
  * @return void
  */
  public function __construct(Product $product)
  {
    $this->middleware('auth');
    $this->product = $product;
  }

What should I do?

Answer 1

i'm facing similar projet with multi-tenancy, modules and tow different package to manage permissions. I think that's not "modularity" approach causing problem, but maybe your Auth::user() returns null because in the default guard user doesn't exists.

To prevent any sharing models between tenant, system, guards, modules and all you'll use in your project i found a solution (hope this helps).

First of all i crate two different model to manage authentication: the User model using tenancy connection and God model using system connection (administration side). Once you created migration and setup for your new model i split logics into config\auth.php

/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/

'defaults' => [
    'guard' => 'web',
    'passwords' => 'users',
],

/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session", "token"
|
*/

'guards' => [

    'web' => [
        'driver' => 'session',
        'provider' => 'users',
    ],

    'god' => [
        'driver' => 'session',
        'provider' => 'gods',
    ],

    'api' => [
        'driver' => 'token',
        'provider' => 'users',
    ]

],

/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/

'providers' => [
    'users' => [
        'driver' => 'eloquent',
        'model' => App\Models\User::class
    ],

    'gods' => [
         'driver' => 'eloquent',
         'model' => App\Models\God::class
    ],
],

/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that the reset token should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/

'passwords' => [
    'users' => [
        'provider' => 'users',
        'table' => 'password_resets',
        'expire' => 60,
    ],
    'gods' => [
        'provider' => 'gods',
        'table' => 'password_resets',
        'expire' => 60,
    ],
],

So, split all Auth controllers and views in two different sub-folders and update your routes to switch between which type of user you want to authenticate...

So in our old User authentication controllers override only methods to show the correct views:

ForgotPasswordController.php

public function showLinkRequestForm()
{
    return view('agency.auth.passwords.email');
}

LoginController

public function showLoginForm()
{
    return view('agency.auth.login');
}

RegisterController

public function showRegistrationForm()
{
    return view('agency.auth.register');
}

ResetPasswordController

public function __construct()
{
    $this->middleware('guest');
}

Repeat the same thing for all the "God" or new model created Auth Controllers but also add this in every controller

// adding guard declared into config/auth.php
protected function guard()
{
    return Auth::guard('god');
}

Now if you use Auth::user() or Auth::guard('god')->user() you'll probably fix your issue because is probably inherited from Tenancy and not Modularity.

Hope this helps! ...and sorry for my bad english :)

Answer 2

In web middleware sessions start so you need to also add 'web' middleware

Replace below line

Route::group(['middleware' => 'auth'], function () {

With

Route::group(['middleware' => ['web','auth']], function () {