Laravel Passport
If you just want to write an SPA, but don't need an API for some other use (e.g. mobile app), you can avoid a lot of the complexity of writing SPAs by using Inertia.js.
To use Passport inside the tenant part of your application, you may do the following.
Add this to the
registermethod in yourAppServiceProvider:Passport::ignoreMigrations(); Passport::routes(null, ['middleware' => [ // You can make this simpler by creating a tenancy route group InitializeTenancyByDomain::class, PreventAccessFromCentralDomains::class, ]]);php artisan vendor:publish --tag=passport-migrations& move todatabase/migrations/tenant/directory
Shared keys
If you want to use the same keypair for all tenants, do the following.
- Don't use
passport:install, use justpassport:keys. The install command creates keys & two clients. Instead of creating clients centrally, createClients manually in your tenant database seeder.
Tenant-specific keys
If you want to use a unique keypair for each tenant, do the following. (Note: The security benefit of doing this isn't probably that big, since you're likely already using the same APP_KEY for all tenants.)
There are multiple ways you can store & load tenant keys, but the most straightforward way is to store the keys in the on the tenant model and load them into the passport configuration using the Tenant Config feature:
- Uncomment the
TenantConfigline in yourtenancy.featuresconfig Configure the mapping as follows:
[ 'passport_public_key' => 'passport.public_key', 'passport_private_key' => 'passport.private_key', ],
And again, you need to create clients in your tenant database seeding process.
Using Passport in both the central & tenant app
And make sure you enable the Universal Routes feature.