If you just want to write an SPA, but don't need an API for some other use (e.g. mobile app), you can avoid a lot of the complexity of writing SPAs by using Inertia.js.
To use Passport inside the tenant part of your application, you may do the following.
- Add this to the
registermethod in your
Passport::ignoreMigrations(); Passport::routes(null, ['middleware' => 'tenancy']);
php artisan vendor:publish --tag=passport-migrations& move to
If you want to use the same keypair for all tenants, do the following.
- Don't use
passport:install, use just
passport:keys. The install command creates keys & two clients. Instead of creating clients centrally, create
Clients manually in your tenant database seeder.
If you want to use a unique keypair for each tenant, do the following. (Note: The security benefit of doing this isn't probably that big, since you're likely already using the same
APP_KEY for all tenants.)
There are multiple ways you can store & load tenant keys, but the most straightforward way is to store the keys in the Tenant Storage and load them into the
passport configuration using the Tenant Config feature:
- Uncomment the
TenantConfigline in your
- Add these keys to your
'storage_to_config_map' => [ 'passport_public_key' => 'passport.public_key', 'passport_private_key' => 'passport.private_key', ],
And again, you need to create clients in your tenant database seeding process.