I am trying to make authentication based on API in laravel. Here is my process flow. First of all, I get data from API. If it is valid then I keep true value in the session. Through middleware, I check every route if it is authenticated or not. Am I on right track?
Session::put('authenticated', true);
session::get('authenticated');
Should I add anything to make it more efficient? Here the problem is I can not handle /login route. After successful login, it can be the visit the login page. Also I can't get session value in LoginController function __construct() . Thanks in advance. I am using laravel 5.5
Related
I am using PHP Laravel 7, I'm working on a project for which i have to use authentication from outer source, API's are provided for signup and login. I just want to know is it possible that i can use the authentication of Laravel and use my custom login and signup and can i use authentication guard for stopping the URL routes.
I had already created pages for login and register so far but haven't added authentication yet.
if (Auth::check()) {
// The user is logged in...
}
I want something like this for custom login in.
You can receive all the data from your API and then manually create a user and login them.
A piece of example from a real application
$user = User::firstOrCreate(['vk_id' => $data['user_id']]);
auth()->login($user, true); //true is to remember them
After that you can add any data to any field you want:
$user->position = 'ceo';
$user->save();
Or any other logic you want.
You can add this logic to your auth register or login controller, or create a separate one.
Virtually, built-in Auth controllers are the same controller with their own logic to work with a database and sessions.
But login the user manually using ->login() function.
I know Laravel provides the greate authentication system by using
php artisan make:auth
But in my situation
I am trying to authenticate the user and login him by using some API response instead of a database.
I have to submit the login form data to this URL
http://evf.dndaims.net/api/User?userName=admin&Password=adminpassword
This URL responds with the true or false and base on this I want to log in the user
Here is the success Response
{
Success: true,
Message: "Successful login",
ErrorCode: 0,
iUserId: 1,
iUserRole: 1
}
Using the role I want to send him a specific view. Like role 1 is for admin role 2 is for the user. I know the middleware technique but how to use it with this situation?
I tried to do it in many ways but no success. I tried to use JWT but still no success.
Can anyone suggest me the best way to implement that in laravel?
You can use laravel jwt package from this url :
Here and follow all steps to install it , and you can use jwt auth middleware .
I think this article will help you Here
I am attempting to create a 2FA Middleware with CakePHP 3. I have created the middleware basics just fine, however, I do not know how to get the user id of the current user in the middleware, typically I get the id like so...
$this->Auth->user('id');
Is there anyway to load the AuthComponent in the Middleware?
If not, how can I go about getting the current user id?
I think You can use request session handler to grab current user id
$this->request->session()->read( 'Auth.User.id' )
Use the official authentication plugin which replaces the AuthComponents authentication part: https://github.com/cakephp/authentication This will oficially replace the component approach in the next release.
It features also a middleware, just make sure it's in the pipe before yours and you can use $request->getParam('identity').
In laravel, now I hope to know this problem.
I try to reset password in logout status and the problem is it's redirect automatically to dashboard page if I logged in already.
So I hope to know how to logout and goes to special url such as reset password url from my received mail.
Please help me!
Use Laravel Auth vendor. https://laravel.com/docs/5.1/authentication. After this in route file put all routes under authentication where you want user to be logged in.
For laravel 5+ :
create a middleware for your route and check your access condition in this middleware, if your route passes the condition then it will show your desired page.
I am developing a web application in Laravel. Now I'm in the process of creating an android app. I need to create a web service (back end) in Laravel, but I don't know how to manage the sessions (auth) in the request.
My idea is to create a unique token for every session, and store it in a database. So, every request need the token be included, and my backend will check if the token is valid or not.
How can I modify the login functionality that comes with Laravel 5.0 to create an return the token?
I read the documentation and some articles in the internet, but it is still not clear to me.
You can create a token during registration of the app which should correspond with the user id. This token will be used together with the user id anytime you call any of your api's to authenticate the user.
You can create a filter named custom_authentication and check for the token validity inside that filter. Now just apply this filter before every routes, which you want to be authenticated.
Using only simple authentication token is not very secure, you need to go with HTTPS always.
If you want to make the API secure with HTTP, you might have to implement OAuth with the help of packages like this.