Fix LDAP authentication failures

- Add missing LDAP env vars to .env.example (host, base DN, bind credentials)
- Use 'uid' instead of 'username' as the LDAP lookup attribute in Auth::attempt
- Override getLdapGuidColumn/getLdapDomainColumn in User model to match
  migration column names (ldap_guid/ldap_domain vs default guid/domain)

.env.example

@@ -63,3 +63,10 @@ AWS_BUCKET=
 AWS_USE_PATH_STYLE_ENDPOINT=false
 
 VITE_APP_NAME="${APP_NAME}"
+
+LDAP_HOST=openldap
+LDAP_USERNAME="cn=admin,dc=travel,dc=local"
+LDAP_PASSWORD=adminpassword
+LDAP_PORT=389
+LDAP_BASE_DN="dc=travel,dc=local"
+LDAP_LOGGING=true

app/Models/User.php

@@ -64,6 +64,16 @@ class User extends Authenticatable implements FilamentUser, LdapAuthenticatable
         return $this->hasRole('administrator');
     }
 
+    public function getLdapGuidColumn(): string
+    {
+        return 'ldap_guid';
+    }
+
+    public function getLdapDomainColumn(): string
+    {
+        return 'ldap_domain';
+    }
+
     public function emergencyContacts(): HasMany
     {
         return $this->hasMany(EmergencyContact::class);

compose.yaml

@@ -26,6 +26,7 @@ services:
             - redis
             - selenium
             - mailpit
+            - openldap
     mysql:
         image: 'mysql:8.4'
         ports:
@@ -81,6 +82,50 @@ services:
             - '${FORWARD_MAILPIT_DASHBOARD_PORT:-8025}:8025'
         networks:
             - sail
+    openldap:
+        image: 'osixia/openldap:1.5.0'
+        ports:
+            - '${FORWARD_LDAP_PORT:-389}:389'
+            - '${FORWARD_LDAPS_PORT:-636}:636'
+        environment:
+            LDAP_ORGANISATION: '${LDAP_ORGANISATION:-Travel App}'
+            LDAP_DOMAIN: '${LDAP_DOMAIN:-travel.local}'
+            LDAP_ADMIN_PASSWORD: '${LDAP_ADMIN_PASSWORD:-adminpassword}'
+            LDAP_CONFIG_PASSWORD: '${LDAP_CONFIG_PASSWORD:-configpassword}'
+            LDAP_READONLY_USER: 'true'
+            LDAP_READONLY_USER_USERNAME: '${LDAP_READONLY_USERNAME:-readonly}'
+            LDAP_READONLY_USER_PASSWORD: '${LDAP_READONLY_PASSWORD:-readonly}'
+        volumes:
+            - 'sail-ldap-data:/var/lib/ldap'
+            - 'sail-ldap-config:/etc/ldap/slapd.d'
+        networks:
+            - sail
+        healthcheck:
+            test:
+                - CMD
+                - ldapsearch
+                - '-x'
+                - '-H'
+                - 'ldap://localhost'
+                - '-b'
+                - 'dc=travel,dc=local'
+                - '-D'
+                - 'cn=admin,dc=travel,dc=local'
+                - '-w'
+                - '${LDAP_ADMIN_PASSWORD:-adminpassword}'
+            retries: 3
+            timeout: 5s
+    phpldapadmin:
+        image: 'osixia/phpldapadmin:latest'
+        ports:
+            - '${FORWARD_PHPLDAPADMIN_PORT:-8085}:80'
+        environment:
+            PHPLDAPADMIN_LDAP_HOSTS: openldap
+            PHPLDAPADMIN_HTTPS: 'false'
+        networks:
+            - sail
+        depends_on:
+            - openldap
 networks:
     sail:
         driver: bridge
@@ -89,3 +134,7 @@ volumes:
         driver: local
     sail-redis:
         driver: local
+    sail-ldap-data:
+        driver: local
+    sail-ldap-config:
+        driver: local

docker-compose.yml

@@ -1,125 +0,0 @@
-services:
-    laravel.test:
-        build:
-            context: ./vendor/laravel/sail/runtimes/8.4
-            dockerfile: Dockerfile
-            args:
-                WWWGROUP: '${WWWGROUP}'
-        image: sail-8.4/app
-        extra_hosts:
-            - 'host.docker.internal:host-gateway'
-        ports:
-            - '${APP_PORT:-80}:80'
-            - '${VITE_PORT:-5173}:${VITE_PORT:-5173}'
-        environment:
-            WWWUSER: '${WWWUSER}'
-            LARAVEL_SAIL: 1
-            XDEBUG_MODE: '${SAIL_XDEBUG_MODE:-off}'
-            XDEBUG_CONFIG: '${SAIL_XDEBUG_CONFIG:-client_host=host.docker.internal}'
-            IGNITION_LOCAL_SITES_PATH: '${PWD}'
-        volumes:
-            - '.:/var/www/html'
-        networks:
-            - sail
-        depends_on:
-            - mysql
-            - redis
-            - mailpit
-            - openldap
-
-    mysql:
-        image: 'mysql/mysql-server:8.0'
-        ports:
-            - '${FORWARD_DB_PORT:-3306}:3306'
-        environment:
-            MYSQL_ROOT_PASSWORD: '${DB_PASSWORD}'
-            MYSQL_ROOT_HOST: '%'
-            MYSQL_DATABASE: '${DB_DATABASE}'
-            MYSQL_USER: '${DB_USERNAME}'
-            MYSQL_PASSWORD: '${DB_PASSWORD}'
-            MYSQL_ALLOW_EMPTY_PASSWORD: 1
-        volumes:
-            - 'sail-mysql:/var/lib/mysql'
-            - './vendor/laravel/sail/database/mysql/create-testing-database.sh:/docker-entrypoint-initdb.d/10-create-testing-database.sh'
-        networks:
-            - sail
-        healthcheck:
-            test:
-                - CMD
-                - mysqladmin
-                - ping
-                - '-p${DB_PASSWORD}'
-            retries: 3
-            timeout: 5s
-
-    redis:
-        image: 'redis:alpine'
-        ports:
-            - '${FORWARD_REDIS_PORT:-6379}:6379'
-        volumes:
-            - 'sail-redis:/data'
-        networks:
-            - sail
-        healthcheck:
-            test:
-                - CMD
-                - redis-cli
-                - ping
-            retries: 3
-            timeout: 5s
-
-    mailpit:
-        image: 'axllent/mailpit:latest'
-        ports:
-            - '${FORWARD_MAILPIT_PORT:-1025}:1025'
-            - '${FORWARD_MAILPIT_DASHBOARD_PORT:-8025}:8025'
-        networks:
-            - sail
-
-    openldap:
-        image: 'osixia/openldap:1.5.0'
-        ports:
-            - '${FORWARD_LDAP_PORT:-389}:389'
-            - '${FORWARD_LDAPS_PORT:-636}:636'
-        environment:
-            LDAP_ORGANISATION: '${LDAP_ORGANISATION:-Travel App}'
-            LDAP_DOMAIN: '${LDAP_DOMAIN:-travel.local}'
-            LDAP_ADMIN_PASSWORD: '${LDAP_ADMIN_PASSWORD:-adminpassword}'
-            LDAP_CONFIG_PASSWORD: '${LDAP_CONFIG_PASSWORD:-configpassword}'
-            LDAP_READONLY_USER: 'true'
-            LDAP_READONLY_USER_USERNAME: '${LDAP_READONLY_USERNAME:-readonly}'
-            LDAP_READONLY_USER_PASSWORD: '${LDAP_READONLY_PASSWORD:-readonly}'
-        volumes:
-            - 'sail-ldap-data:/var/lib/ldap'
-            - 'sail-ldap-config:/etc/ldap/slapd.d'
-        networks:
-            - sail
-        healthcheck:
-            test:
-                - CMD
-                - ldapsearch
-                - '-x'
-                - '-H'
-                - 'ldap://localhost'
-                - '-b'
-                - 'dc=travel,dc=local'
-                - '-D'
-                - 'cn=admin,dc=travel,dc=local'
-                - '-w'
-                - '${LDAP_ADMIN_PASSWORD:-adminpassword}'
-            retries: 3
-            timeout: 5s
-
-networks:
-    sail:
-        driver: bridge
-
-volumes:
-    sail-mysql:
-        driver: local
-    sail-redis:
-        driver: local
-    sail-ldap-data:
-        driver: local
-    sail-ldap-config:
-        driver: local

resources/views/livewire/auth/login.blade.php

@@ -18,7 +18,7 @@ new #[Layout('components.layouts.guest')] class extends Component {
     {
         $this->validate();
 
-        if (Auth::attempt(['username' => $this->username, 'password' => $this->password], $this->rememberMe)) {
+        if (Auth::attempt(['uid' => $this->username, 'password' => $this->password], $this->rememberMe)) {
             session()->regenerate();
             $this->redirectIntended(route('dashboard'), navigate: true);
             return;