I currently have to build a new SaaS. Well, not completeley new – there is a 12 year old single page application with a huge database in the back. So I have to adopt this database – especially with the existing „user“ table.
Since I want to use Laravel + Jetstream + Inertia, I have to customize the authentication process, because in the old SaaS it was implemented manually.
Now there are serveral problems to solve, which are not Laravel standard:
- The users table ist called „user“.
- There is no email field in the user table
- A user is identified by a certain number (comparable to a tenant id; the „skz“), a username („sid“) and a password („pass2“).
- The password is calculated this way: hash(’sha512′, md5($passwd.$static_token.$erfdat).$user_token)
- where passwd being the user password
- static_token is a SaaS wide constand string token
- erf_dat is the users creation date, but
- there is no upd_erf etc., and
- user_token is a user specific token.
So then, let’s get started:
- First I imported the backup of the given database to my local development database
- Then I installed Laravel and Jetstream with the Inertia-Stack
- In the .env file I configured the database connection with the credentials of the imported local database
- In the config/fortify.php file I changed the option „username“ => „email“ to „username“ => „sid“. Otherwise I get an „email field is required“ validation error message at the login page even after customizing the login-logic.
- After that I told the user model in app/Models/User to look up the right table, renaming the created_at column to the existing „erfdat“ and omitting the updated_at column by setting it to null:
- Then I changed the Inertia-Login Page from the existing email/password login form to one with „skz“, „sid“ and „password“.
- Then I changed the rate limiter in the app/Http/Providers/FortifiyServiceProvider.php file from the email being used to a combination of $skz.$id
- And last and definitely not least I added the Fortify::authenticateUsing callback method to authenticate users the way they have been authenticated in the old SaaS. In case of successfull login return the user (line 57), else return false.
- I decided not to delete the users migration as well as the create_password_resets and add_two_factor_columns. Just disabled all the cool features in config/fortify.php. And who knows, what comes next? And as long there is no conflict… Then I published the migration for the jobs table (php artisan queue:table) and ran the migrations.
- Now, the SaaS is ready to log in the existing users!
What to say – Laravel Jetstream is really, really powerful!