I was using this middleware:
Route::get('/{id}/edit',[PostController::class,'edit'])->name('post.edit')->middleware('password.confirm');
of laravel fortify so that it asks me for the password before accessing a route, but this depends on
'password_timeout'=>10800 in auth.php, so I need it to ask me for password whenever the route calls, try to set the value to 'password_timeout'=>1, but it is no longer possible to submit the form, it no longer returns Request validations from the controller. You could guide me to solve this problem. Thanks!
Related
I'm building a system with users and roles using Jetstream(Livewire)/Fortify auth, but it's a closed system (I mean, there is no way to register yourself, you must be invited) so I disabled Fortify's registration feature, but I want the first user to be able to register himself.
In other words: Fortify's registration should be off, but while there isn't an user in database, it should be on (email validation too, but If I can figure out the registration part, the verification should be easy).
I tried making an middleware to check if there isn't a registered user and redirect to register view, but I found some errors (like the view doesn't even exist 'cause fortify registration is off).
Does someone know a way to make this work using the Jetstream stack? Thanks!
and what about this, in the FortifyServiceProvider.php boot method
Fortify::registerView(function () {
if(!User::all()->count())
return view('auth.register');
else
abort(404,'No registration allowed');
});
This is my first time using laravel sanctum. Before this, I use Laravel Passport for protecting the route.
So the problem is, there are 2 kind of route. Route that need user authentication, like API profile, my order, and inbox. And route that doesn't need user authentication to access, like API version control, splashscreen, and forgot password.
In my last project when using passport, in passport there was client token, that doesn't need user credential to get. Then I use auth_client middleware to protect route that doesn't need user authentication. First I want to ask, is this the correct way?
If that was correct way, and protecting no need login route is recommended, how i do the same thing using laravel sanctum?
I am trying to make authentication based on API in laravel. Here is my process flow. First of all, I get data from API. If it is valid then I keep true value in the session. Through middleware, I check every route if it is authenticated or not. Am I on right track?
Session::put('authenticated', true);
session::get('authenticated');
Should I add anything to make it more efficient? Here the problem is I can not handle /login route. After successful login, it can be the visit the login page. Also I can't get session value in LoginController function __construct() . Thanks in advance. I am using laravel 5.5
In laravel, now I hope to know this problem.
I try to reset password in logout status and the problem is it's redirect automatically to dashboard page if I logged in already.
So I hope to know how to logout and goes to special url such as reset password url from my received mail.
Please help me!
Use Laravel Auth vendor. https://laravel.com/docs/5.1/authentication. After this in route file put all routes under authentication where you want user to be logged in.
For laravel 5+ :
create a middleware for your route and check your access condition in this middleware, if your route passes the condition then it will show your desired page.
I have a configured Symfony2 security module, this is, it can authenticate users from a form that submits to the path specified in "check_path" option located in security.xml
I know is not best practice but id like to authenticate with an alternate url that has the following anatomy: .../alternatelogin/username/password
Inside the alternatelogin controller id like Symfony to make the same check and redirection that would do in the normal submit-login-form authentication method.
My first idea was to make the controller communicate with the "dummy" controller specified in security.xml (the one in the "check_path" option), but using forward or redirectToRoute wont make the trick.
Is there a working way to do this?
You will have to do your own username and password check in the database, but once you've done that, the following link solves the rest for you:
https://hasin.me/2013/10/27/how-to-login-a-user-programatically-in-symfony2/