Hello I dont know why and where problem, but when i try to register or login or someting its redirect me Admin Panel, what i can do for leave this? can you help me with this problem? what file i need to change?
admin controller
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Auth;
use Session;
class AdminController extends Controller
{
public function login(Request $request)
{
if($request->isMethod('post')){
$data = $request->input();
if (Auth::attempt(['email'=>$data['email'],'password'=>$data['password'],'admin'=>'1'])) {
Session::put('adminSession',$data['email']);
return redirect('/admin/dashboard');
}else{
return redirect('/admin')->with('flash_message_error', 'Invalid Username or Password');
}
}
return view('admin.admin_login');
}
public function dashboard()
{
if(Session::has('adminSession'))
{
}else{
return redirect('/admin')->with('flash_message_error', 'Please login to access');
}
return view('admin.dashboard');
}
public function settings()
{
return view('admin.settings');
}
public function logout()
{
Session::flush();
return redirect('/admin')->with('flash_message_success', 'Logged out Successfully');
}
}
Related
I am trying to learn laravel and I'm stuck at this problem in redirecting the normal user to the dashboard. The process that I did was the same with the admin account -- which is working -- but with the normal user it always redirects the login account but the user is already login. It also doesn't redirect with the middleware. I'm not sure where or what is wrong and the problem is like this image problem
My LoginController.php looks like this:
protected $redirectTo = RouteServiceProvider::HOME;
protected function redirectTo(){
if(Auth()->user()->roles == 'admin'){
return route('admin.dashboard');
}
if (Auth()->user()->roles == 'user') {
return route('user.dashboard');
};
}
public function login(Request $request)
{
$input = $request->all();
$this->validate($request, [
'email'=>'required|email',
'password'=>'required',
]);
if (Auth()->attempt(array('email'=>$input['email'], 'password'=>$input['password']))) {
if (Auth()->user()->roles = 'admin') {
return redirect()->route('admin.dashboard');
}
elseif (Auth()->user()->roles = 'user') {
return redirect()->route('user.dashboard');
}
}
else{
return redirect()->route('login')->with('error','Emails and password are incorrect');
}
}
My web.php:
Route::group(['prefix'=>'user','middleware'=>['isUser','auth','PreventBackHistory']], function(){
Route::get('/dashboard', [App\Http\Controllers\UserController::class, 'index'])->name('user.dashboard');
Route::get('/settings', [App\Http\Controllers\UserController::class, 'settings'])->name('user.settings');
});
My User Controller:
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
class UserController extends Controller
{
public function index()
{
return view('dashboards.cs.user.cs_index');
}
public function settings()
{
return view('dashboards.cs.user.cs_settings');
}
}
UserMiddleware.php
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
class isUserMiddleware
{
public function handle(Request $request, Closure $next)
{
if(Auth::check() && Auth::user()->roles == 'user'){
return $next($request);
}
else{
return redirect()->route('login');
}
}
}
I'm not really sure where the process is wrong. I hope someone could explain it. Thank you.
in laravel "^7.11.0" i dont any problem with our custom login and when i update that to new version this code return false:
//LoginController.php
$this->attemptLogin($request)
//trait AuthenticatesUsers.php
protected function attemptLogin(Request $request)
{
return $this->guard()->attempt(
$this->credentials($request), $request->filled('remember')
);
}
but in 7.11.0 return true, i don't know what happen on new version of laravel "^7.28.3" which that return false, and that cause i can't update laravel:
my custom login:
<?php
namespace App\Http\Controllers\Auth;
use App\Events\UserAuthenticate;
use App\Http\Controllers\Controller;
use App\User;
use Carbon\Carbon;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Session;
use Laravel\Socialite\Facades\Socialite;
class LoginController extends Controller
{
use AuthenticatesUsers;
protected $redirectTo = '/';
public function __construct()
{
$this->middleware('guest')->except('logout');
}
public function login(Request $request)
{
$this->validateLogin($request);
if ($this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request);
return $this->sendLockoutResponse($request);
}
if (auth()->validate($request->only('username','password'))) {
$user = User::whereUsername($request->username)->first();
if ($user->lock) {
$request->session()->flash('error',__('message.your_account_locked'));
return view('layouts.backend.pages.auth.account.locked_account');
}elseif (!$user->active) {
$checkActivationCode = $user->activationCode()->where('expire', '>=', Carbon::now())->latest()->first();
if ($checkActivationCode != null) {
if ($checkActivationCode->expire > Carbon::now()) {
$this->incrementLoginAttempts($request);
$request->session()->flash('error',__('message.please_active_your_account'));
return view('layouts.backend.pages.auth.account.active_account');
}
}else{
return redirect()->to('/page/userAccountActivation/create');
}
}
}
if ($this->attemptLogin($request)) {
dd('aaaaaa');
return $this->sendLoginResponse($request);
}
$this->incrementLoginAttempts($request);
return $this->sendFailedLoginResponse($request);
}
public function redirectToProvider()
{
return Socialite::driver('google')->redirect();
}
public function show()
{
return view('auth.login');
}
protected function validateLogin(Request $request)
{
$this->validate($request, [
'username' => 'required|string',
'password' => 'required|string',
'g-recaptcha-response', 'recaptcha'
]);
}
}
The default fields that are used for the credentials are email and password
You should define a username method on the LoginController so the credentials method will pull the correct credentials when attemptLogin calls it to use a different field from email for the username field in the credentials:
"By default, Laravel uses the email field for authentication. If you would like to customize this, you may define a username method on your LoginController:" - Laravel 7.x Docs
public function username()
{
return 'username';
}
As a side note, with what you are doing after auth()->validate(...) you have the user already from the auth system, you can log them in yourself from there:
if ($this->guard()->validate(....)) {
$user = $this->guard()->user();
...
$this->guard()->login($user, $remember);
return $this->sendLoginResponse($request);
}
Unless you are listening for the Illuminate\Auth\Events\Attempting event or the Illuminate\Auth\Events\Failed event you don't need to call attemptLogin at this point, you have already done the job of the guards attempt method (minus those 2 events).
Laravel 7.x Docs - Authentication - Authenticating - Username Customization
I have been developing a multi-auth based application and I need to redirect to a dynamic location on logout based on the user's guard. The problem is when I try to check the current auth guard; it always returns false. I have overridden the logout function in the default LoginController.
LoginController.php
class LoginController extends Controller
{
use AuthenticatesUsers;
public function logout()
{
if (Auth::guard('manager')->check()) {
Auth::logout();
return redirect('/manager/login');
}
if (Auth::guard('employee')->check()) {
Auth::logout();
return redirect('/login');
}
Auth::logout();
return redirect('/login');
}
public function __construct()
{
$this->middleware('guest')->except('logout');
$this->middleware('guest:manager')->except('logout');
}
}
Using laravel native auth, there are no other solution but to cycle through all guards to find the one you need.
You can make it more "clean" and dynamic
public function logout()
{
$guards = ['manager', 'employee', ''];
foreach ($guards as $guard) {
if(Auth::guard($guard)->check()) {
Auth::guard($guard)->logout();
return $this->redirectLoggedOut($guard);
}
}
return redirect('/login');
}
public function redirectLoggedOut($guard)
{
switch($guard) {
case 'manager':
return redirect('/manager/login');
default:
return redirect('/login');
}
}
I have created a laravel project to login with socialite recently.
I have an deactivate account function for Admin. I have my codes to prevent my users to login if their status is 1 (which is deactivated) but these codes doesn't work with user who use socialite function to login.
My codes to prevent deactivate user to login as shown below.
protected function authenticated($request, $user){
if(Auth::attempt(['email' => $request->email, 'password' => $request->password, 'status' => 0]))
{
if($user->role == 2)
{
return redirect()->intended('/admin/users');
}else{
return redirect()->intended('/');
}
}else{
Auth::logout();
return back()->with('error', 'Your account is deactivated.');
}
}
Controller for socialite
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Http\Requests;
use App\SocialAccountService;
use Socialite;
use App\User;
class SocialAuthController extends Controller
{
public function FacebookRedirect()
{
return Socialite::driver('facebook')->redirect();
}
public function FacebookCallback(SocialAccountService $service)
{
$fbUser = $service->FacebookCreateOrGetUser(Socialite::Driver('facebook')->user());
auth()->login($fbUser);
return redirect()->to('/');
//$facebookUser = Socialite::driver('facebook')->user();
//$facebookFirstnameAccess = $facebookUser->user['first_name'];
//echo $facebookFirstnameAccess;
//dd($facebookUser);
}
public function GoogleRedirect()
{
return Socialite::driver('google')->redirect();
}
public function GoogleCallback(SocialAccountService $service)
{
$Guser = $service->GoogleCreateOrGetUser(Socialite::Driver('google')->user());
auth()->login($Guser);
//$googleUser = Socialite::driver('google')->user();
return redirect()->to('/');
//$fName = $googleUser->firstname = $googleUser->user['name']['givenName'];
//$lName = $googleUser->lastname = $googleUser->user['name']['familyName'];
//echo $lName;
//dd($googleUser);
}
}
Is there anywhere for me to prevent the user to login with socialite if I have deactivated their account?
I am attempting to use return Redirect::route('home'); in my UserController, but it doesn't appear to work (displays a blank page). I've tried naming the route, but to no avail.
<?php
class UserController extends BaseController {
public $restful = true;
public function get_new()
{
return View::make('users.new')
->with('title', 'Rentaholics - Register');
}
public function post_create() {
$validation = Users::validate(Input::all());
if($validation -> passes()){
Users::create(array(
'username'=>Input::get('username'),
'password'=>Hash::make(Input::get('password')),
'email'=>Input::get('email')
));
return Redirect::to_route('home')->with('message', 'Thanks for Registering!');
}else{
return Redirect::to('register')->with_errors($validation)->with_input();
}
}
}