Laravel Nova 4 + Auth0

nova4-auth0.md

Nova 4 + Auth0 = ❤️

Hi folks! After a day of *#!$", DispatchCode and I have realized a working installation of Nova4 with Auth0 support. Here's our conclusions, if you want to try it :)

1. Install Auth0 as usual

2. Create the Custom Auth

Create a file in \app\Auth\CustomUserRepository.php and add the following code:

<?php
namespace App\Auth;
//...
class CustomUserRepository implements \Auth0\Laravel\Contract\Auth\User\Repository
{
    public function fromSession(array $user): ?\Illuminate\Contracts\Auth\Authenticatable
    {
         $user = cache()->remember('user_logged_' . $user['email'], 60, function () use ($user) {
            return \App\Models\User::firstOrCreate([
                'email' => $user['email'],
            ], [
                'name' => $user['name'],
                //'password' => bcrypt('secret'), // if you want a fallback
                'is_admin' => false,
            ]);
        });
        return $user;
    }

    public function fromAccessToken(
        array $user
    ): ?\Illuminate\Contracts\Auth\Authenticatable {
        // Simliar to above. Used for stateless application types.
        return null;
    }
}

3. Remove Nova routes login

This is useful if you don't want to see the standard login page after login (maybe there's a better option?).

In routes/web.php:

Route::get('/cms/login', function () {
    return redirect('/');
});

(optional, see 4) Also add an endpoint if you want to protect whole website:

Route::get('/', [HomeController::class, 'index'])->name('home');

4. HomeController

Skip if you don't want to protect whole website

Create HomeController

$ php artisan make:controller HomeController

then add:

<?php

namespace App\Http\Controllers;

class HomeController extends Controller
{
    public function index(): \Illuminate\Http\RedirectResponse
    {
        if (auth()->check()) {
            return redirect('/cms');
        }
        return redirect(route('login'));
    }
}

5. Adapt Model/User

In app\Models\User.php add the following:

<?php

use Auth0\Laravel\Contract\Model\Stateful\User as StatefulUser;

class User extends Authenticatable implements StatefulUser

...

public function canImpersonate()
{
    //return Gate::forUser($this)->check('viewNova');
    return false; // <- Impersonate (cannot?) works with Auth0
}

6. Assign Auth Custom Repository

In config/auth.php assign the repository at auth0 provider:

'providers' => [
    'users' => [
        'driver' => 'eloquent',
        'model' => App\Models\User::class,
    ],
    'auth0' => [
       'driver' => 'auth0',
       'repository' => App\Auth\CustomUserRepository::class // <- Here!
       'model' => App\Models\User::class, // <- Also here!
   ],
],

7. Seed error?

We got an error with the Util::class. Maybe is an isolated case, but if you got an error there's a temp workaround was to change the standard migration (you will need to publish the nova migrations):

In: database/migrations/2018_01_01_000000_create_action_events_table.php

Schema::create('action_events', function (Blueprint $table) {
$table->id();
$table->char('batch_id', 36);
$table->foreignIdFor(\App\Models\User::class)->index(); // <- Change this!
$table->string('name');
$table->morphs('actionable');
$table->morphs('target');
$table->string('model_type');

You Guyz are over engineering it
Just use middleware and based on email/username sync user and on login page authenticate with it and if auth0 says true then sync user and use laravel facade like auth::loginwithid and just login that's it.....