From bbcffe64b7397f2f0984969629e4238eefb46bd8 Mon Sep 17 00:00:00 2001
From: Tim Basten <tbasten@gmail.com>
Date: Fri, 6 Mar 2026 02:34:46 +0000
Subject: [PATCH] Fix LDAP authentication failures

- Add missing LDAP env vars to .env.example (host, base DN, bind credentials)
- Use 'uid' instead of 'username' as the LDAP lookup attribute in Auth::attempt
- Override getLdapGuidColumn/getLdapDomainColumn in User model to match
  migration column names (ldap_guid/ldap_domain vs default guid/domain)
---
 .env.example                                  |  7 +++++++
 app/Models/User.php                           | 10 ++++++++++
 resources/views/livewire/auth/login.blade.php |  2 +-
 3 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/.env.example b/.env.example
index c0660ea..5151ad2 100644
--- a/.env.example
+++ b/.env.example
@@ -63,3 +63,10 @@ AWS_BUCKET=
 AWS_USE_PATH_STYLE_ENDPOINT=false
 
 VITE_APP_NAME="${APP_NAME}"
+
+LDAP_HOST=openldap
+LDAP_USERNAME="cn=admin,dc=travel,dc=local"
+LDAP_PASSWORD=adminpassword
+LDAP_PORT=389
+LDAP_BASE_DN="dc=travel,dc=local"
+LDAP_LOGGING=true
diff --git a/app/Models/User.php b/app/Models/User.php
index 495b9cd..bd228d8 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -64,6 +64,16 @@ class User extends Authenticatable implements FilamentUser, LdapAuthenticatable
         return $this->hasRole('administrator');
     }
 
+    public function getLdapGuidColumn(): string
+    {
+        return 'ldap_guid';
+    }
+
+    public function getLdapDomainColumn(): string
+    {
+        return 'ldap_domain';
+    }
+
     public function emergencyContacts(): HasMany
     {
         return $this->hasMany(EmergencyContact::class);
diff --git a/resources/views/livewire/auth/login.blade.php b/resources/views/livewire/auth/login.blade.php
index 859e7bf..7c9a3de 100644
--- a/resources/views/livewire/auth/login.blade.php
+++ b/resources/views/livewire/auth/login.blade.php
@@ -18,7 +18,7 @@ new #[Layout('components.layouts.guest')] class extends Component {
     {
         $this->validate();
 
-        if (Auth::attempt(['username' => $this->username, 'password' => $this->password], $this->rememberMe)) {
+        if (Auth::attempt(['uid' => $this->username, 'password' => $this->password], $this->rememberMe)) {
             session()->regenerate();
             $this->redirectIntended(route('dashboard'), navigate: true);
             return;