ADLDAP openLDAP 身份验证 - 未存储会话 - 返回登录页面

ADLDAP openLDAP authentication - Session not stored - returning to login page

我的环境是 laravel 5.8,带有 adldap2 版本 6.0.8 网络应用程序和一个 openLDAP 目录。

几小时后,我终于可以根据 openLDAP 目录对我的用户进行身份验证,并且数据库导入到用户 table 工作:

Id name username password remember_token created_at updated_at
King king y$YF9q7cYqjYnkl.We4Evwv.u/a2sddrfBA3pohgpS2vR... j4AOUHSlkHE3IQW7bsgF7pOIY8EAss6iukfnKhwi2lqXR0eTjE... NULL NULL

当我检查函数中的变量 user 时:attemptLogin -> $this->guard()->login($user, true);它来自数据库,似乎没问题。但是还是登录后,我也收到消息"Redirecting to http://localhost/home.",它returns到登录页面,仍然没有登录。

对于 LDAP 身份验证,我主要遵循以下示例:https://jotaelesalinas.github.io/laravel-simple-ldap-auth/ 即使它有点过时。

我的 attemptLogin 函数如下所示:

protected function attemptLogin(Request $request)
{
    $username = Adldap::search()->users()->select('mail','uid','displayName')->findBy('cn', request()->get('username'));
    $result = 1;
    if($username){
        if(Adldap::auth()->attempt($username->getdistinguishedName(), request()->get('password'))){
            echo("success");
            // Check group
            $group = Adldap::search()->groups()->findOrFail('cio');
            foreach ($group->getMemberNames() as $name) {
                if($name === $username->getAccountName()){
                    echo("The user is a member of the group.");
                    $result = 0;
                }
            } 
            if ($result != 0){
                $result = 2;
            }
        } else {
            echo("Password wrong");
            $result = 1;
        }
    } else {
        echo(request()->get('username') . " not found");
        $result = 1;
    }

    if($result == 0) {
        // the user exists in the LDAP server, with the provided password
        echo("Everything ok");
        $user = \App\User::where($this->username(), $username->getAccountName())->first();
        if (!$user) {
            // the user doesn't exist in the local database, so we have to create one

            $user = new \App\User();
            $user->username = $username;
            $user->password = '';

            // you can skip this if there are no extra attributes to read from the LDAP server
            // or you can move it below this if(!$user) block if you want to keep the user always
            // in sync with the LDAP server 
            //dd($username->getDisplayName());
            $sync_attrs = $this->retrieveSyncAttributes($username->getAccountName());
            //dd($sync_attrs);
            foreach ($sync_attrs as $field => $value) {
                $user->$field = $value !== null ? $value : '';
            }
        }

        $this->guard()->login($user, true);
        return 0;
    }

    // the user doesn't exist in the LDAP server or the password is wrong
    // log error
    return $result;
}

Web.php

Route::get('login', 'Auth\LoginController@showLoginForm')->name('login');
Route::post('login', 'Auth\LoginController@login');
Route::post('logout', 'Auth\LoginController@logout')->name('logout');

Route::get('/home', 'HomeController@index')->name('home');

有人知道我错过了什么吗?或者,如果您需要更多信息,请告诉我。会话似乎没有存储。

提前致谢

斯蒂芬


玩了几个小时后的一个小更新。好像登录成功后Auth是null。所以尝试了我可以在互联网上找到的不同方法,比如更改 web.php 路由或将受保护的 $user 变量添加到 LoginController.php 但当然没有任何成功。


我发现当我将中间件从 auth 更改为 web 时,我会得到一个会话,但 Auth::User() 仍然是空的

 Route::group(['middleware' => 'auth'], function () {
    Route::get('/home', 'HomeController@index')->name('home');
}); 

花了越来越多的时间,我终于在这个帖子中找到了解决方案:Laravel Auth:attempt() will not persist login

我的问题是我使用的是 "echo's"。

它可能让我失去了生命中的几天