Multiple org and orgs Dam assets Architecture and Design

Wizbrand is multitent DAM application using we an create multiple org and orgs, Dam assets, Now We want to add feature of Image manager in DAM and opted for Piwigo which is open source and single tenant. Now I am trying to develope a solution where each org when they click on "Image Manager" Piwigo installer should trigger and install 1 instance of Piwigo for each org, If Org is already having Piwigo instance, it should avoid installing new one and installed Piwigo should be accessible instead.

WIzbrand is developed in Laravel and PHP and Piwigo too in in PHP>

So overall requirement is, Then moment org admin click on "Image Manager", one Piwigo instance should be installed or existing installed Piwigo should be accessible.>>

Now What is the approach? Suggest me Design and Workflow of this project and how o should start coding for the same?

Design and Workflow for Integrating Piwigo as Multi-Tenant Image Manager in Wizbrand

Your requirement involves dynamically provisioning Piwigo instances per organization in Wizbrand, which is a multi-tenant Digital Asset Management (DAM) system built in Laravel and PHP. Since Piwigo is single-tenant, each organization should have a separate Piwigo instance.

Proposed Approach

1. Database Integration: Maintain a table in Laravel to track which organization has a Piwigo instance.
2. Automated Installation & Setup: If an organization clicks on Image Manager, the system checks if an instance is installed.
   • If not installed, trigger automatic Piwigo installation.
   • If already installed, redirect the org admin to their instance.
3. Multi-Tenant Architecture via Subdomains/Path-based Access: Each Piwigo instance can be accessed using:
   • Subdomain: org1.wizbrand.com/piwigo/
   • Path-based: wizbrand.com/org1/piwigo/
4. Authentication via SSO: Auto-login the Wizbrand admin to Piwigo using Laravel Authentication (Single Sign-On).
5. Storage & Isolation: Store Piwigo instances in isolated directories for security and performance.
6. Automated Cleanup: When an org is deleted, remove its corresponding Piwigo instance.

Step-by-Step Design and Workflow

Step 1: Database Design (Tracking Instances)

Create a piwigo_instances table in Laravel:

Schema::create('piwigo_instances', function (Blueprint $table) {
    $table->id();
    $table->unsignedBigInteger('org_id');
    $table->string('piwigo_url');  // Store URL where Piwigo is installed
    $table->string('install_path'); // Path where Piwigo is installed
    $table->timestamps();

    $table->foreign('org_id')->references('id')->on('organizations')->onDelete('cascade');
});

Step 2: Installation Check and Trigger

When an organization admin clicks "Image Manager", check if a Piwigo instance exists.

public function handleImageManager($org_id)
{
    $piwigo = PiwigoInstance::where('org_id', $org_id)->first();

    if ($piwigo) {
        return redirect($piwigo->piwigo_url); // Redirect if already installed
    }

    return $this->installPiwigo($org_id);
}

Step 3: Install Piwigo Dynamically

If the organization does not have Piwigo installed, trigger automated Piwigo installation.

public function installPiwigo($org_id)
{
    $org = Organization::find($org_id);
    $install_path = "/var/www/html/wizbrand/piwigo_" . $org->slug;
    $piwigo_url = "https://wizbrand.com/" . $org->slug . "/piwigo/";

    if (!file_exists($install_path)) {
        exec("cp -r /var/www/html/piwigo-template $install_path"); // Copy base template
        exec("chmod -R 777 $install_path"); // Adjust permissions

        // Create database for this Piwigo instance
        $db_name = "piwigo_" . $org->slug;
        DB::statement("CREATE DATABASE $db_name");

        // Set up Piwigo config file
        file_put_contents("$install_path/local/config/database.inc.php", "
        <?php
        \$conf['db_host'] = 'localhost';
        \$conf['db_user'] = 'piwigo_user';
        \$conf['db_password'] = 'piwigo_password';
        \$conf['db_name'] = '$db_name';
        ?>");

        // Run Piwigo installation script
        exec("php $install_path/install.php --admin-user=admin --admin-password=admin123 --admin-email=admin@$org->slug.com");

        // Save the instance record
        PiwigoInstance::create([
            'org_id' => $org_id,
            'piwigo_url' => $piwigo_url,
            'install_path' => $install_path
        ]);
    }

    return redirect($piwigo_url); // Redirect to the newly installed Piwigo instance
}

Step 4: Handling Authentication (SSO)

To ensure a smooth experience, implement Single Sign-On (SSO) for automatic login from Wizbrand to Piwigo.

Laravel JWT Authentication Token

• When the org admin clicks "Image Manager," generate a JWT token and pass it to Piwigo.

public function generatePiwigoSSOToken($org_id, $user)
{
    $token = JWTAuth::fromUser($user, ['org_id' => $org_id]);
    return redirect($this->getPiwigoUrl($org_id) . "?token=$token");
}

Modify Piwigo to Accept Laravel JWT Token

• Create a PHP script in Piwigo that accepts the token, verifies it using Laravel's secret key, and logs in the user.

require 'vendor/autoload.php';
use Firebase\JWT\JWT;

$token = $_GET['token'];
$secretKey = "laravel_secret_key";

try {
    $decoded = JWT::decode($token, $secretKey, ['HS256']);
    $user_id = $decoded->user_id;
    
    // Log in the user automatically in Piwigo
    $_SESSION['auth'] = true;
    $_SESSION['user_id'] = $user_id;

    header("Location: gallery.php");
} catch (Exception $e) {
    die("Invalid token");
}

Step 5: Accessing Existing Piwigo Instances

Modify your handleImageManager() function to check if an org already has an instance.

public function handleImageManager($org_id)
{
    $piwigo = PiwigoInstance::where('org_id', $org_id)->first();

    if ($piwigo) {
        return $this->generatePiwigoSSOToken($org_id, auth()->user()); // Redirect with SSO login
    }

    return $this->installPiwigo($org_id);
}

Step 6: Cleanup and Deletion

When an organization is deleted, remove the associated Piwigo instance.

public function deletePiwigoInstance($org_id)
{
    $piwigo = PiwigoInstance::where('org_id', $org_id)->first();

    if ($piwigo) {
        exec("rm -rf " . $piwigo->install_path); // Delete files
        DB::statement("DROP DATABASE piwigo_" . $org_id); // Drop the database
        $piwigo->delete();
    }
}

Tech Stack Required

• Laravel (Wizbrand) → Backend for managing Piwigo installation.
• MySQL → Database for tracking installed instances.
• JWT Authentication → Seamless SSO for Piwigo.
• Shell Commands (exec) → Automate Piwigo installation.
• Apache/Nginx → Webserver configuration for multi-instance Piwigo.

Summary of Workflow

1. User clicks "Image Manager" in Wizbrand.
2. Check if Piwigo instance exists:
   • If yes, redirect to the instance with SSO authentication.
   • If no, trigger automated Piwigo installation.
3. Automate Installation:
   • Copy Piwigo files to org-specific folder.
   • Set up a new database for the instance.
   • Configure database connection.
   • Complete Piwigo setup via CLI.
4. Ensure seamless login via JWT SSO.
5. Handle deletion of Piwigo instances when an org is removed.

Next Steps to Start Coding

1. Setup Piwigo Base Template: Prepare a ready-to-use Piwigo folder.
2. Create Laravel Model & Migration (PiwigoInstance) to store instances.
3. Develop Installer Script to deploy Piwigo dynamically.
4. Implement SSO via JWT Authentication.
5. Write Cleanup Script to remove Piwigo when an org is deleted.
6. Test with multiple organizations and ensure seamless switching.

This approach ensures scalability, automation, and security, making it ideal for integrating Piwigo with Wizbrand.