I'm using laravel 8 and laravel breeze for authentication and now want to use guard for authenticating different users like "admin users" and others using different tables (users, admins, so on) or even in a same table and model.
how can I do that?
some information:
I changed LoginRequest:
if (! Auth::guard('admin')->attempt($this->only('email', 'password'), $this->boolean('remember'))) {
RateLimiter::hit($this->throttleKey());
throw ValidationException::withMessages([
'email' => trans('auth.failed'),
]);
}
I created Admin model and it's table.
I changed auth.php for adding provider and guard
when I try to login, it redirects to login page without any error.
Related
I got a project where I will have two login interfaces, one for Employees and the other one for external people.
The login for employees works like a charm since they are stored in the standard users table provided by laravel.
Right now I am trying to get to work that external accounts get logged in, the registration works and all their user data is stored inside the "portal_users" database, but the login doesn't work. It seems like that it tries to use the standard users database for verification.
Is there a way to make it check a specific database?
public function store(Request $request) {
$this->validate($request, [
'email' => 'required|email',
'password' => 'required',
]);
if(!auth()->attempt($request->only('email', 'password'), $request->remember)) {
return back()->with('status', 'Falsche Login Daten');
}
return redirect()->route('home');
}
This is my function for the users table login process.
And is it possible to give the default user table different roles within or should I create a new auth for each role?
I currently have a very basic laravel app set up. I have simply started a laravel project with the auth extensions enables. I want to restrict users the ability to be able to register, as I only want admins to be able to register users.
Does anyone have an example of this, where only an admin can register a new user? I already of roles set up.
Thanks!
If you want to restrict register you can do the following method on route :
Change :
Auth::routes();
To,
Auth::routes(['register' => false]);
I am using PHP Laravel 7, I'm working on a project for which i have to use authentication from outer source, API's are provided for signup and login. I just want to know is it possible that i can use the authentication of Laravel and use my custom login and signup and can i use authentication guard for stopping the URL routes.
I had already created pages for login and register so far but haven't added authentication yet.
if (Auth::check()) {
// The user is logged in...
}
I want something like this for custom login in.
You can receive all the data from your API and then manually create a user and login them.
A piece of example from a real application
$user = User::firstOrCreate(['vk_id' => $data['user_id']]);
auth()->login($user, true); //true is to remember them
After that you can add any data to any field you want:
$user->position = 'ceo';
$user->save();
Or any other logic you want.
You can add this logic to your auth register or login controller, or create a separate one.
Virtually, built-in Auth controllers are the same controller with their own logic to work with a database and sessions.
But login the user manually using ->login() function.
I want to use the default auth built into laravel 5.2, however my application has no need for letting users register themselves as the users are authorized users of the administrator dashboard. Only currently existing users should be able to create users.
As such, I need to be able to accomplish a few things:
Need to disable registration for public users
Need to allow authenticated users to register new users, access registration form
Need to provide a form to allow authenticated users to edit users, allow for password resets, name changes, etc...
Where would I build the controller methods for these views? Should I build a new userscontroller altogether, or write the create and edit methods directly into the authcontroller? Overall, what's the best practice for building such a system based on Laravel's auth.
For disable registration for public users you can remove all the links in views to register routes, and you can edit the AuthController methods showRegistrationForm() and register(), the first load the view and you can redirect to 'login' route, the second is the POST to save the user.
For the new methods on User's table, i believe that is better make an UserController and put your logic away from the Laravel's auth controller, here the User will be as any resource, but you will need verify if the authenticated user that is trying to add another user has the privilegefor that.
And for this permission to add new users depends on your system, i think that you don't need to make all the "Roles and Permissions" thing if your system needs only a admin user to add new users, you can do it from another column in User's table, but if you will have more permission controled areas or actions, think in this as an ACL will be a lot better.
It sounds like you need to bring in the routes that are being pulled in through the function call into your file itself.
Doing this gives you the ability to disable to routes for registration. So instead of having the Router::auth() in your routes.php pull them in yourself and leave out ones you don't need: https://github.com/laravel/framework/blob/ea9fd03f5c5aef12018812e22e82979d914fef93/src/Illuminate/Routing/Router.php#L367
The rest of the things you will need to code yourself. A good starting point is to take the views for registration and put that into a form for a logged in user. When the user creates the *new user then you run you validation (email => required, password => required, etc) and you would have something like
// this would be in something like public function createUser(Request $request)
$rules = [
'email' => 'required|unique:users,email',
'password' => 'required|confirmed'
];
// validate the request, if it doesn't pass it will redirect back with input and errors
$this->validate($request, $rules);
// create the user now
User::create(['email' => $request->input('email'), 'password' => \Hash::make($request->input('password')]);
and the rest is up to you to code.
I am developing a Laravel 5.1 application with Oauth authentication with Google using Socialite. All relevant code went into the AuthController.php and that part went smooth. Now I want to have a set of admin role users who will log in using their username and password using a login form. The username and passwords for these users will be stored in a different table admin_users. How do I proceed with this?
I have created a model AdminUser
Should I duplicate the auth.php in config with the model set to my new AdminUser class?
Should I continue using the AuthController?
Any tips would be appreciated.