Initial commit
This commit is contained in:
Ronald Huynen
109
app/Providers/AuthServiceProvider.php
Normal file
109
app/Providers/AuthServiceProvider.php
Normal file
@@ -0,0 +1,109 @@
|
||||
<?php
|
||||
|
||||
namespace App\Providers;
|
||||
|
||||
use App\Auth\DockerSessionGuard;
|
||||
use App\Models\Bank;
|
||||
use App\Policies\BankPolicy;
|
||||
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use Illuminate\Support\Facades\Gate;
|
||||
|
||||
class AuthServiceProvider extends ServiceProvider
|
||||
{
|
||||
/**
|
||||
* Register any authentication / authorization services.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function boot()
|
||||
{
|
||||
$this->registerPolicies();
|
||||
|
||||
// Set remember me duration from platform configuration
|
||||
$rememberMeDays = timebank_config('auth.remember_me_days', 90);
|
||||
$rememberMeMinutes = $rememberMeDays * 24 * 60; // Convert days to minutes
|
||||
|
||||
// Use custom guard in Docker that doesn't migrate sessions
|
||||
if (env('IS_DOCKER', false)) {
|
||||
Auth::extend('session', function ($app, $name, array $config) use ($rememberMeMinutes) {
|
||||
$provider = Auth::createUserProvider($config['provider']);
|
||||
$guard = new DockerSessionGuard($name, $provider, $app['session.store']);
|
||||
|
||||
// Set the cookie jar on the guard
|
||||
$guard->setCookieJar($app['cookie']);
|
||||
|
||||
// If a request is available, set it on the guard
|
||||
if (method_exists($guard, 'setRequest')) {
|
||||
$guard->setRequest($app->refresh('request', $guard, 'setRequest'));
|
||||
}
|
||||
|
||||
// Set remember me duration
|
||||
$guard->setRememberDuration($rememberMeMinutes);
|
||||
|
||||
return $guard;
|
||||
});
|
||||
}
|
||||
|
||||
// Set remember me duration for all standard guards
|
||||
foreach (['web', 'organization', 'bank', 'admin'] as $guardName) {
|
||||
$guard = Auth::guard($guardName);
|
||||
if (method_exists($guard, 'setRememberDuration')) {
|
||||
$guard->setRememberDuration($rememberMeMinutes);
|
||||
}
|
||||
}
|
||||
|
||||
// Spatie Laravel-Permissions:
|
||||
// Implicitly grant "Super-Admin" role all permission checks using can()
|
||||
Gate::before(function ($user, $ability) {
|
||||
if ($user->hasRole('Super-Admin')) {
|
||||
return true;
|
||||
}
|
||||
});
|
||||
|
||||
// Add these explicit gate definitions:
|
||||
// These gates check permissions directly via Spatie's permission system
|
||||
Gate::define('manage banks', function ($user) {
|
||||
try {
|
||||
// Always check on web guard since that's where permissions are stored
|
||||
if ($user instanceof \App\Models\User) {
|
||||
return $user->hasPermissionTo('manage banks', 'web');
|
||||
}
|
||||
return false;
|
||||
} catch (\Spatie\Permission\Exceptions\PermissionDoesNotExist $e) {
|
||||
return false;
|
||||
} catch (\Exception $e) {
|
||||
return false;
|
||||
}
|
||||
});
|
||||
|
||||
Gate::define('manage organizations', function ($user) {
|
||||
try {
|
||||
// Always check on web guard since that's where permissions are stored
|
||||
if ($user instanceof \App\Models\User) {
|
||||
return $user->hasPermissionTo('manage organizations', 'web');
|
||||
}
|
||||
return false;
|
||||
} catch (\Spatie\Permission\Exceptions\PermissionDoesNotExist $e) {
|
||||
return false;
|
||||
} catch (\Exception $e) {
|
||||
return false;
|
||||
}
|
||||
});
|
||||
|
||||
Gate::define('manage admins', function ($user) {
|
||||
try {
|
||||
// Always check on web guard since that's where permissions are stored
|
||||
if ($user instanceof \App\Models\User) {
|
||||
return $user->hasPermissionTo('manage admins', 'web');
|
||||
}
|
||||
return false;
|
||||
} catch (\Spatie\Permission\Exceptions\PermissionDoesNotExist $e) {
|
||||
return false;
|
||||
} catch (\Exception $e) {
|
||||
return false;
|
||||
}
|
||||
});
|
||||
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user