Connect a laravel application with the Bifrost
First, install spatie/laravel-permission, follow their installation guide
You can then install the package via composer:
composer require etsvthor/laravel-bifrost-bridge
You can publish the config file of bifrost and the underlying spatie permissions config+migrations with:
php artisan vendor:publish --provider="EtsvThor\\BifrostBridge\\BifrostBridgeServiceProvider" --tag="bifrost-config"
- Ensure the
users
has aoauth_user_id
andemail_verified_at
column. - In the
User
model, castemail_verified_at
todatetime
and add theHasRoles
trait. - Please add
'webhooks/bifrost'
to the CSRF exceptions inApp\Http\Middleware\VerifyCsrfToken
class
Add the following to your .env
file and fill them in:
# Required configuration
BIFROST_ENABLED=true
BIFROST_CLIENT_ID=
BIFROST_CLIENT_SECRET=
BIFROST_AUTH_PUSH_KEY=
# Optional configuration with its defaults
BIFROST_REDIRECT_URL="/login/callback"
BIFROST_HOST="https://bifrost.thor.edu"
BIFROST_ROUTE_PREFIX=
In the configuration file, one can specify some thing about the user model, but have some sensible defaults
See config/bifrost.php for all options.
Make sure to seed all required roles, otherwise they will not sync
The User
and Role
model can be resolved using a custom resolver
use Spatie\Permission\Models\Role;
use Illuminate\Database\Eloquent\Model as EloquentModel;
// Default behaviour
BifrostBridge::resolveUserClassUsing(function(/* auto injection works here */): EloquentModel {
return app(config('bifrost.user.model', 'App\\Models\\User'));
});
// Default behaviour
BifrostBridge::resolveRoleClassUsing(function(/* auto injection works here */): Role {
return app(PermissionRegistrar::class)->getRoleClass();
});
// Disabled role sync
BifrostBridge::resolveRoleClassUsing(fn() => null);
// Override the way a user is resolved
BifrostBridge::resolveAndUpdateUserUsing(function(/* auto injection works here */, BifrostUserData $data): ?EloquentModel {
// Model should implement \Illuminate\Contracts\Auth\Authenticatable
return null; // when null is returned, the user is not logged in
})
Don't forget to add 'webhooks/bifrost'
to the $except
array in App\Http\Middleware\VerifyCsrfToken.php
.