Hello, I am facing the titled error when I try to update password. The problem I'm facing in laravel 8 framework. In case of update password I need to catch the old hashed password that is saved in the database. So, I tried in belows way, but facing this error.
auth.php below
<?php
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session"
|
*/
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Models\Admin::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that each reset token will be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
'throttle' => 60,
],
'admins' => [
'provider' => 'admins',
'table' => 'password_resets',
'expire' => 60,
'throttle' => 60,
],
],
/*
|--------------------------------------------------------------------------
| Password Confirmation Timeout
|--------------------------------------------------------------------------
|
| Here you may define the amount of seconds before a password confirmation
| times out and the user is prompted to re-enter their password via the
| confirmation screen. By default, the timeout lasts for three hours.
|
*/
'password_timeout' => 10800,
];
Admin Controller method
public function UpdatePassword(Request $request)
{
$request->validate([
'old_password' => 'required',
'new_password' => 'required|confirmed',
]);
if(!Hash::check($request->old_password, auth()->admin()->password)){
return back()->with("error", "Old Password Doesn't match!");
}
// $hashedPassword = Auth::Admin()->password;
// if(Hash::check($request->old_password, $hashedPassword)){
// $admin = Admin::find(Auth::id());
// $admin->password = Hash::make($request->new_password);
// $admin->save();
// Auth::Logout();
// return redirect('admin')->with('status', 'Password Changed Successfully!');
// }
// else{
// return redirect()->back()->with('error', 'Something Wrong!');
// }
// return redirect()->back()->with('status', 'Password Changed Successfully!');
}
The method admin() doesnt exist in the Auth classes. Use the guard admin and the method user()
if(!Hash::check($request->old_password, auth('admin')->user()->password)){
auth('admin')->user()
//will return an instance of the model of the "admin" guard. in this case App\Models\Admin::class
Related
When creating multiatorization in laravel, I edited the file config/auth.php as follows:
<?php
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => 'client',
'passwords' => 'clients',
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session"
|
*/
'guards' => [
'client' => [
'driver' => 'session',
'provider' => 'clients',
],
'master' => [
'driver' => 'session',
'provider' => 'masters',
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'clients' => [
'driver' => 'eloquent',
'model' => App\Models\Client::class,
],
'masters' => [
'driver' => 'eloquent',
'model' => App\Models\Master::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that each reset token will be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'passwords' => [
'clients' => [
'provider' => 'clients',
'table' => 'password_resets',
'expire' => 60,
'throttle' => 60,
],
'masters' => [
'provider' => 'masters',
'table' => 'password_resets',
'expire' => 60,
'throttle' => 60,
],
],
/*
|--------------------------------------------------------------------------
| Password Confirmation Timeout
|--------------------------------------------------------------------------
|
| Here you may define the amount of seconds before a password confirmation
| times out and the user is prompted to re-enter their password via the
| confirmation screen. By default, the timeout lasts for three hours.
|
*/
'password_timeout' => 10800,
];
client - designed for client authentication
master - designed for authentication of masters
When following the route to register the master, my Auth::login($user) method does not authenticate the him. And when calling the dd(Auth::user()) function, it returns null.
As I later found out, only the default guard (i.e. the client) is triggered for me.
How do I make it so that guard master is triggered for authentication of masters, and guard client is triggered for authentication of clients
Additionally:
my routes:
Route::middleware('guest')->group(function () {
// client:register
Route::get('/client/register', [ClientRegisterController::class, 'create'])
Route::post('/client/register', [ClientRegisterController::class, 'store'])
// master:register
Route::get('/master/register', [MasterRegisterController::class, 'create'])
Route::post('/master/register', [MasterRegisterController::class, 'store'])
});
my MasterRegisterController:
class MasterRegisterController extends Controller
{
/**
* Display the registration view.
*
* #return \Illuminate\View\View
*/
public function create()
{
return view('auth.masterRegister');
}
/**
* Handle an incoming registration request.
*
* #param \Illuminate\Http\Request $request
* #return \Illuminate\Http\RedirectResponse
*
* #throws \Illuminate\Validation\ValidationException
*/
public function store(Request $request)
{
$request->validate([
'name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'email', 'max:255', 'unique:masters'],
'password' => ['required', 'confirmed', Rules\Password::defaults()],
]);
$user = Master::create([
'name' => $request->name,
'email' => $request->email,
'password' => Hash::make($request->password),
]);
// add role to master
$user->attachRole('master');
event(new Registered($user));
Auth::login($user);
return redirect(url('/master/dashboard'));
}
}
I have module where I need to setup multiple authentication api login for user account and admin account. I used laravel as my backend and JWT for my token. after all I setting up all requirements, I have encounter error after I tried to access the login api of admin in the postman just see the attached image on the below. http://localhost:8000/admin/v1/login it says that NotFoundHttpExpception. same thing accessing the login api of user http://localhost:8000/user/v1/login
"exception": "Symfony\Component\HttpKernel\Exception\NotFoundHttpException",
Whole Image Error Postman:
Here is the setup I made:
Auth.php
<?php
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => 'api',
'passwords' => 'users',
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session", "token"
|
*/
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'user' => [
'driver' => 'jwt',
'provider' => 'users',
'hash' => false,
],
'admin' => [
'driver' => 'jwt',
'provider' => 'admins',
'hash' => false,
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Models\Admin::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that the reset token should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
'throttle' => 60,
],
'admins' => [
'provider' => 'admins',
'table' => 'password_resets',
'expire' => 60,
'throttle' => 60,
],
],
/*
|--------------------------------------------------------------------------
| Password Confirmation Timeout
|--------------------------------------------------------------------------
|
| Here you may define the amount of seconds before a password confirmation
| times out and the user is prompted to re-enter their password via the
| confirmation screen. By default, the timeout lasts for three hours.
|
*/
'password_timeout' => 10800,
];
Api.php
<?php
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;
Route::group([
'prefix' => 'v1'
], function () {
Route::post('login','App\Http\Controllers\AdminAuthController#login');
Route::post('logout', 'App\Http\Controllers\AdminAuthController#logout');
Route::post('refresh', 'App\Http\Controllers\AdminAuthController#refresh');
Route::post('me', 'App\Http\Controllers\AdminAuthController#me');
});
Route::group([
'prefix' => 'v1'
], function () {
Route::post('login','App\Http\Controllers\AuthController#login');
Route::post('logout', 'App\Http\Controllers\AuthController#logout');
Route::post('refresh', 'App\Http\Controllers\AuthController#refresh');
Route::post('me', 'App\Http\Controllers\AuthController#me');
});
In project I have two auth guards, web (users, by default), and my custom (teachers). I have noticed, that teachers can't authorize in broadcast. After adding middleware in Broadcast::routes(['middleware' => ['web', 'auth:teacher']]), the teachers are authorizing successfully, but the users are redirecting to login page.
So I have following problem:
Having Broadcast::routes(); code, the broadcast working fine only
for users guard, for teachers it returns 403 forbidden error.
Having Broadcast::routes(['middleware' => ['web', 'auth:teacher']]); code, the broadcast working only for teachers
guard, for users is redirecting to auth, login, then user page.
config/auth.php
<?php
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session", "token"
|
*/
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'teacher' => [
'driver' => 'session',
'provider' => 'teacher',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'teacher' => [
'driver' => 'eloquent',
'model' => App\Teacher::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that the reset token should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
'throttle' => 60,
],
],
/*
|--------------------------------------------------------------------------
| Password Confirmation Timeout
|--------------------------------------------------------------------------
|
| Here you may define the amount of seconds before a password confirmation
| times out and the user is prompted to re-enter their password via the
| confirmation screen. By default, the timeout lasts for three hours.
|
*/
'password_timeout' => 10800,
];
app\Providers\BroadcastServiceProvider.php
<?php
namespace App\Providers;
use Illuminate\Support\Facades\Broadcast;
use Illuminate\Support\ServiceProvider;
class BroadcastServiceProvider extends ServiceProvider
{
/**
* Bootstrap any application services.
*
* #return void
*/
public function boot()
{
Broadcast::routes(['middleware' => ['web', 'auth:teacher']]);
require base_path('routes/channels.php');
}
}
This is coming late, However, You should try this if you have not Broadcast::routes(['middleware' => ['auth:web', 'auth:teacher']]);
Broadcast::routes() works for student because the default 'auth:web' guard of the authentication middleware was used and when you added for the teacher you specified wrong 'web', instead of 'auth:web'.
Trying using
Broadcast::routes(['middleware' => ['auth:web', 'auth:teacher']]); or
Broadcast::routes(['middleware' => ['auth:web,teacher']]);
Am have table of students where i need them to access the forms sent by admin and apply them,, am trying to use pivot table to access, but it seems that i need to have different tables to access forms from admin to students then retreive them back(by admin), but it tells me
"Method Illuminate\Auth\SessionGuard::admin does not exist"
I tried to set multiple authentication and set the guards for admin, but it seems to require a session so that i can use auth()->admin()->name the same as auth()->user()->name I am totally frustrated now, if there is any possibility of setting these two sessions (user, and admin) please how does it done, thanks.
Below are my guards
<?php
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
// 'admins' => [
// 'driver' => 'eloquent',
// 'model' => App\Admin::class,
// ],
// 'defaults' => [
// 'driver' => 'session',
// 'provider' => 'admins',
// ],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session", "token"
|
*/
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
'admin-api' => [
'driver' => 'token',
'provider' => 'admins',
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Admin::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that the reset token should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
],
'admins' => [
'provider' => 'admins',
'table' => 'password_resets',
'expire' => 60,
],
],
];
I expect to log in as admin and using the same as we use in user model
but i encoutered this error
"ErrorException (E_ERROR) Method Illuminate\Auth\SessionGuard::admin
does not exist. (View:
C:\xampp\htdocs\ftss\resources\views\inherit\admin.blade.php) (View:
C:\xampp\htdocs\ftss\resources\views\inherit\admin.blade.php)"
I have solved the problem by writing simple codes in blade
i check if is guest then if not i proceeded
'
#guest
#else
{{auth()->user()->name}}
#endguest
'
i have a second auth for companies which is working. But the only thing i have a problem with is sending the password token email for companies. It always sends the email from users.
That´s my app/config/auth.php
If i change on defaults the passwords value to companies it works, but only for companies then and not for users.
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session", "token"
|
*/
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'company' => [
'driver' => 'session',
'provider' => 'companies',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'companies' => [
'driver' => 'eloquent',
'model' => App\Company::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| Here you may set the options for resetting passwords including the view
| that is your password reset e-mail. You may also set the name of the
| table that maintains all of the reset tokens for your application.
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that the reset token should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'passwords' => [
'users' => [
'provider' => 'users',
'email' => 'auth.emails.password',
'table' => 'password_resets',
'expire' => 60,
],
'companies' => [
'provider' => 'companies',
'email' => 'business.auth.emails.password',
'table' => 'company_password_resets',
'expire' => 60,
],
],
];
Maybe that´s a simple error.. I hope somebody can help me. Thanks.
On your PasswordResetLinkController, replace
Password::sendResetLink( ...
with
Password::broker('companies')->sendResetLink( ...
On the NewPasswordController, replace
Password::reset( ...
with
Password::broker('companies')->reset( ...