How to authenticate users in a new Laravel app with a legacy database

I initially thought there was more to this, but my team realized we could remove a bunch of unnecessary code from our spike.

Insta-quality photo by sergio souza on Unsplash

So I initially thought there was more to this, but my team realized we could remove a bunch of unnecessary code from our spike. Thankfully, it’s much simpler and hardly warrants a blog post, but I believe this is undocumented and there wasn’t enough SEO juice elsewhere to reveal the super-simple solution quickly. Speaking of SEO juice…

(Skip ahead a few paragraphs if you don’t care to read my bs rambling humor or the back story and just want the solution.)

BS rambling humor

#laravel #authentication #legacy-database #seo-juice #seo-nectar #keywords #stuffing #turkey-stuffing #i-don’t-eat-turkey #why-does-anyone-eat-turkey #i-never-thought-it-tasted-good #it’s-just-bland-bird-meat #that-murricans-eat-for-an-annual-ritual #but-not-because-it’s-good #otherwise-they-wouldn’t-lather-that-bird-corpse-in-bird-corpse-remnant-fluid-aka-gravy-aka-dressing #are-you-still-reading-this #why-are-you-still-reading-this #it’s-starting-to-look-like-an-instagram-post #shame #guilt #blessed #i’m-so-sorry #but-apparently-not-sorry-enough-to-stop-this #i-promise-there’s-no-quota-i’m-trying-to-meet-here #screw-quotas #i-mean-they’re-well-intentioned #but-problematic #how-did-i-get-here #this-is-not-my-beautiful-house #this-is-not-my-beautiful-wife

Back story

I recently started working on a project that’s been in development for well over a decade and is comprised of plain PHP scripts (mixing PHP, HTML, and JavaScript all in one!) and some more-recently-written bits in Zend 1. PHP practices changed in that time, so it’s a fun challenge to determine what to keep and what to refactor or even rewrite entirely.

The app is massive and a great candidate for a microservice architecture, but we can’t follow the pattern very strictly without rewriting everything. Not an option. Instead, we’ve identified a domain of the app that would make sense as a microservice, and we’re rebuilding that as a Laravel + Vue app. The old app will simply link to the new app and pass along the data necessary to authenticate users in the background.

One of the more interesting pieces to the puzzle is that we need to work with the existing database, which as you probably guessed, doesn’t follow standard Laravel conventions. This brings us to our first bump in the road.

Hopefully I’ll get a chance to write about future road bumps with more substance…

Some extra-light behind-the-scenes Laravel stuff

We can easily look up a user and call auth()->login($user), but the session won't last through the current request, because when Illuminate\Auth\SessionGuard's login() method tries to update the session, it ends up looking up the id column on the users table. We have a userID column on a user table.

Admittedly this seems a strange choice, but as says the shirt my former co-worker Paul wore when I first met him, "Judge not, lest ye be Judy."

Da solution

To make use of auth()->login(), we only needed to add a couple of properties to our User model:

protected $table = 'user';
protected $primaryKey = 'userID';

Now, logging users in is as simple as dropping auth()->login(User::find(request()->id)); in our middleware.

Perhaps not the most exciting ending to a much-longer-than-necessary post rife with hyphens (long-ass ryphen post?), but that just demonstrates how straightforward it is to work with Laravel. #blessed

Love the idea of writing useful technical blog posts that are dripping with sarcasm? Want to wear your obscure punny t-shirts to work? Sounds like we need someone like you on our team! See our open positions at Highland.