I have a project on "somepage.com" and when I join to my page, always I see again the login form, I want to check when I go back to "somepage.com" if previously I logged on the page I want to go to /admin or /sales and If I not logged go to /
Laravel 5.8
if you want to check manually, you can use Auth::check() this will return if the session is active.
In your controller before rendering the view code will look somewhat like this:
if (Auth::check()) {
// return redirect as you wish.
}
// return redirect to login page.
don't forget to use Illuminate\Support\Facades\Auth;
Related
I've got a working login page for my Laravel program. Now, if the user logs in successfully he/she must be redirected to a different page (instead of the "home" page as they normally would have been). This will be the 2FA page.
My question is:
I know how to redirect the user after validating their credentials, but how can I set it so that once the user is redirected to the 2FA page that they cannot instantly access any other part of the website as they would after logging in normally? (Also, they should only be able to access the 2FA page if they've been authenticated successfully) And then only allow them access to the full content of the website only after they've passed the 2FA page?
My login function in my AuthController looks something like this:
if (Auth::attempt(['username' => $request->username, 'password' => $request->password])) {
return redirect()->route('home');
} else {
session()->flash('errormessage','Invalid password.');
return redirect()->back();
}
As far as I know, "Auth::attempt" immediately logs the user in when True is returned. One way I was thinking of doing it is I instantly log the user out as soon as they're logged in, save their UserID to their session, then redirect them to the 2FA page, the 2FA page checks their UserID in their session and loads, otherwise redirects them back to the login page. And once they've passed the 2FA page just log them in again using their UserID which is saved in their session.
Any better suggestions would be welcome.
Add this function to your login controller which overrides the redirectTo property
public function redirectPath()
{
if(some condition)
{
$this->redirectPath=route("some where");
}else{
$this->redirectPath=route("some other where");
}
return $this->redirectPath;
}
I have to create ,,log in to comment" button. On click this button should redirect user to login page and after successfull loging in, he should be redirected to page, where he have clicked that button. I tried to make fake url with auth middleware around it like this:
Route::group(['middleware' => 'auth'], function() {
Route::get('/log-in-to-comment', 'UserController#getLogInToComment');
});
I have defined my getLogInToComment function like this:
public function getLogInToComment() {
return redirect()->back();
}
But it redirects me to /log-in-to-comment which is already in filter so I get too many redirects. Also I have tried return Redirect::to(URL::previous()); but it also doesn't work. As far as I know, post method should not be used on redirects, so how do I deal with this simple task? Thanks in advance!
Since Laravel always redirects back to the page you came from (which is in your case /log-in-to-comment), you have to overwrite this URL.
A possible way to do so is to fetch the URL of the last site and an save it to the browsers session. To do so, make sure the getLogInToComment-route is not using auth or guest middleware, since it should be processed as a guest as well as a signed in user. Then, store the previous site if the user is not logged in, and redirect back to it if he is.
public function getLogInToComment() {
if (!Auth::user()) {
// User is not logged in. Save previous URL and redirect to login
Session::put('prev', URL::previous());
return Redirect::route('login');
} else {
// User is now logged in and returned to this route again. Redirect to site
return Redirect::to(Session::get('prev'));
}
}
By having ['middleware' => 'auth'], you are forcing the user to already be logged in to see the log-in-to-comment page.
I will also note that you don't need the leading / in the route path.
Try:
Route::group(['middleware' => 'guest'], function() {
Route::get('log-in-to-comment', 'UserController#getLogInToComment');
});
I have tried many different things to get this to work and this is what I currently have:
// save the redirect_back data from referral url (where user first was prior to login)
$this->session->set_userdata('redirect_back', $this->agent->referrer() );
// user is authenticated, lets see if there is a redirect:
if( $this->session->userdata('redirect_back') )
{
$redirect_url = $this->session->userdata('redirect_back'); // grab value and put into a temp variable so we unset the session value
$this->session->unset_userdata('redirect_back');
redirect($redirect_url, 'refresh');
}
else
{
redirect('/', 'refresh');
}
The problem with this is sometimes there is no referral url. For example I allow video/image uploads. If the user is on the home page page and they click on the upload videos button and they're not logged in it redirects them to the log in page and refreshes and there is no longer a referral url. I want the user to be redirected back to the upload videos page because they tried to access this page but could not because they were not logged in.
Does any know why this is happening?
You can solve this in the constructor for each controller of the logged in areas. For example:
public function __construct() {
parent::__construct();
/*
* First check to see if they are logged in
* if not redirect to login in page with
* redirect back information
*/
if (!$this->session->userdata('uid')) {
redirect(base_url() . 'login?ref=account');
} else {
/*
* if they are logged in, load helpers, models, libs
* and proceed with viewing normally
*/
$this->load->helper('form');
$this->load->library('form_validation');
//etc.
}
}
I use a query string here but you can just as easily use uri segments. The login controller then picks up the query string and upon successful login, uses it to send them back. The advantage is they always redirect back to where you want them to go, because you always know where they were based on your explicit code. The disadvantage is its a little more maintenance since you have to make sure all you "protected" areas have the appropriate redirect parameters. You can make this more flexible using current_url() as was mentioned in the comments. You also have to deal with data in the url which the user can mess with, but if you've designed everything else correctly, that shouldn't be much of an issue. I like this method because it explicitly keeps me in control of flow and I can adjust each controller to go where I want and return to where I want.
I am using the Codeigniter redirect() to redirect the page after user logouts on my website http://www.theindianclassified.com.
When user goes to the url http://www.theindianclassified.com/logout he is redirected to the home page after he is logged out of the system. But if the user login and again click logout user is not logged out but he is redirected to the home page. I think the redirect using the Codeigniter redirect() method is cached by browser.
Please help me, how the implementation happen in the above scenario. I want the browser not to cache the redirect.
Log out function is below.
function logout() {
$this->session->sess_destroy();
redirect('');
}
You should check your login function to make sure the fault isn't there. If I were to guess it'll be there. If that doesn't work try 'unsetting' the session variables one-by-one.
I am trying to redirect users to the page they were viewing before attempting to login. For example, if they were looking at baseurl/people/abraham_lincoln and then decided to log in, after they login they would be redirected to baseurl/people/abraham_lincoln. The weird thing is that it is working for some URLs and not others. For some URLs, I am getting "javascript/jsFunctions.js" appended as the URL instead of the URL they were previously on.
At the top of every controller, I set a session variable to do my redirect:
$this->session->set_userdata('Redirect', current_url());
I am printing this session variable to the top of my controller and at the top of my log in view for testing purposes. Here are a few results I am receiving when I go to my login.
An example of a URL that's working:
URL I attempt to log in from:
baseURL/people
What gets printed at the top of my controller as my Redirect session variable:
baseURL/people
What gets printed at the top of my log in view as my Redirect session variable:
baseURL/people
An example of a URL that's not working:
URL I attempt to log in from:
baseURL/people/abraham_lincoln
What gets printed at the top of my controller as my Redirect session variable:
baseURL/people/abraham_lincoln
What gets printed at the top of my log in view as my Redirect session variable:
baseURL/people/javascript/jsFunctions.js
I'm not sure if it matters, but I am also routing some of these URLs from the routes.php file:
$route['people/(:any)'] = "people/index/$1";
$route['people/(:any)/(:num)'] = "people/index/$1/$2";
I have tried to build my session variable many different ways, including:
current_url()
base_url().uri_string()
base_url().$this->uri->segment(1)....
base_url().$this->uri->rsegment(1)....
If anyone can think of why I'm getting those javascript variables instead of the URL I'm looking for I would appreciate any input.
Thanks!
P.S. I forgot to mention that if I refresh a page that isn't working, for example the abraham_lincoln page, and then go to login, I receive the correct Redirect session variable. Almost like it isn't getting set correctly the first time through, but don't know how I can solve this since I have tried setting the session variable both at the very top and right before the views are loaded.
the use case should only apply to the login process. thus putting this on the top of every controller would probably not what we want.
instead of putting current_url in session at the start, you should append it to the login link
<?php echo anchor('/home/login/' . url_encode(current_url()), 'login');?>
in the login function
<?php
public function login($redirecturl) {
$this->form_validation->set_rules('username', 'Username', 'required');
// etc.
if($this->form_validation->run()) {
$query = "select id from users where username=? and password=sha(?)";
// etc.
$this->session->set_userdata('userid', $row->id);
redirect($redirecturl);
} else {
$data['redirecturl']=$redirecturl;
$data['content']='loginview';
$this->load->view('template', $data);
}
}
?>
In the login view
<?php
echo form_open('/home/login/' . url_encode($redirecturl));
// etc.
?>