Single Login page for tenants

[bradsapp]

Perhaps I'm missing something, but I don't understand, or cannot figure out how to use Jetstream with a multiple-database setup. I'm sure Jetstream is not necessarily the issue, but I know there aren't Auth::routes in the web.php file.

Here's my issue/question. I want to use the multiple-database setup so all of my clients data are separated. I have a Users table in each of the tenant databases as well. in the Landlord database I have the tenants table with the subdomain, database, and an account_id field. Is it possible for everyone, regardless of what tenant they belong to, to login at https://app.test.com/login along with the account_id that is in the tenants table in the landlord database. Then, in the JetstreamServiceProvider Fortify::authenticateUsing function lookup to see what tenant they should be connected with based on the account_id? I have this setup currently, but when I login with any user I am authenticated as the user account from the main app.test.com database. I'm using app.test.com as my landlord/admin database. I just can't figure out how to switch the database during the login authentication process so that I can redirect someone from app.test.com to their customer.test.com account.

If the users start by going to their subdomain and logging in then it works because the tenant is already selected based on the subdomain. But I don't want users to have to remember their subdomain. So I want to make sure they can go to a single login page and then redirect them to their correct subdomain.

[masterix21]

Hi @bradsapp, sure, all it's possible.

Did you try using the events to intercept the request account_id? So, it should may enough to call the Tenant::makeCurrent().

https://laravel.com/api/9.x/Illuminate/Auth/Events.html

[bradsapp]

@masterix21

This is the code I have in the JetStreamServiceProvider.php. The problem is when I return $user I'm not able to also redirect them to the correct subdomain.

If a user belongs to customer1.test.com but they login at app.test.com then I want to redirect them to customer1.test.com so they can access their site, otherwise if they stay on app.test.com they won't be able to access the site.

Fortify::authenticateUsing(function (Request $request) {
    $tenant = Tenant::where('account_id', $request->account_id)->first();

    if (app('currentTenant')->domain !== $tenant->domain) {
        if (!$tenant) return null;
        $tenant->makeCurrent();
    }

    $user = User::where('email', $request->email)->first();

    if ($user && Hash::check($request->password, $user->password)) {
        return $user;
    }
});

[James4645]

Have you tried writing a custom middleware?

if the user is not authenticated redirect to the login page.

if the user is authenticated and the request is not for their subdomain redirect them to their subdomain.

[pravnkay]

I am having the same problem.
Thought I will post here instead of creating a new discussion.

My main website resides in lets say product.com which has a login button.
It takes the user to product.com/app/login which is not a tenant aware route.

Now, this login asks for the company name(that's the subdomain), and the user email and password. Same as OP.

Landlord DB has only one table - Tenants table.
Tenant DB has the users table along with roles, permissions and stuff(spatie/laravel-permission).

Unlike OP, I am not using any laravel starter packages.
Now, this is my login action,(I use laravel-actions but you get the idea I hope.)

class AuthenticateLogin
{
    public function handle(Request $request)
    {
	$tenant = Tenant::whereName($request->safe()->only(['name']))->first();

	if(! $tenant) {		
	    return back()->withErrors([
		'name' 	=> 'No record of such a business exists.',
	    ])->withInput();
	}

	$tenant->makeCurrent();

        if (Auth::guard('web')->attempt($request->safe()->only(['email', 'password']))) {
            $request->session()->regenerate();
            return redirect(route('dashboard.index'));
        }		

	return back()->withErrors([
            'email' => 'The provided credentials do not match our records.',
            'password' => ' ',
        ])->withInput();
    }
}

I check for a tenant and if its there set it as the currentTenant and then validate the user and take the user to route(dashboard.index).
But it doesn't. It throws this error. Same as #224. Thing to note is, after this action, visiting my root domain product.com, product.com/app/login (the initial login page) too gives out the same error. I have to clear the site cookies to make it work again. (The thing you do by clicking the trash icon in the cookies panel that comes when you click the SSL lock icon in chrome address bar.)

Now, this same login process when started from subdomain.product.com works fine. The actions validates the user and perfectly opens the route subdomain.product.com/app/. Perfectly logs out. I can visit product.com after logging out. Again, same as OP.

One thing I tried in the process of debugging was to mention the URL directly in the redirect after authentication like,
return redirect('https://subdomain.product.test/app');
It tries to go that link, but the RedirectIfNotAuthenticated middleware kicks it back to subdomain.product.com/app/login.
And then logging in again works. But getting redirected by the middleware without logging in, if I press back button to go back to product.com/app/login, the above mentioned error comes up.

I wouldn't say I am an expert but I Google really well. But this time, I am clueless.
Any help on this is appreciated. Thanks.