I am trying to set up a double authentication page under laravel, for that I add a checkTotp method that verifies that the user has activate double authentication and redirect this user to the page in question.
The problem is that I am not redirected and the code continues to execute.
public function login(Request $request)
{
$this->validateLogin($request);
...
$this->checkTotp($request);
dd('after');
...
}
protected function checkTotp(Request $request)
{
$user = User::where('email', $request->get('email'))->first();
if (!is_null($user->totp_key)) {
$request->session()->put('user_id', $user->id);
return redirect('login/totp');
}
}
What happens is that I enter the checkTotp method but the redirect does not work. My output is the dd('after'). I don't understand why I am not redirected. Can someone help me?
Quentin
The checkTotp function returns a redirect, but you want the login function to return that redirect, such that it is passed to the browser. You might want to move the redirect to the main function and let checkTOTP just return true/false.
public function login(Request $request)
{
$this->validateLogin($request);
...
if ($this->checkTotp($request)) return redirect('login/totp');
dd('after');
...
}
protected function checkTotp(Request $request)
{
$user = User::where('email', $request->get('email'))->first();
if (!is_null($user->totp_key)) {
$request->session()->put('user_id', $user->id);
return true;
}
return false;
}
Related
I'm trying to authenticate user login with username and password in Laravel 8 (manual auth). I can't go to next page after logged in and it kept stuck on login page. This is the auth function:
public function authenticate(Request $request) {
$credentials = $request->validate([
'username' => 'required',
'password' => 'required'
]);
if(Auth::attempt($credentials)) {
$request->session()->regenerate();
return redirect()->intended('/')->with('loginSuccess', 'Welcome back!');
};
return back()->with('loginError', 'Login failed.');
}
My table is users, with the PK is UserId, and then it has Username and Password columns. I have tried to override username() function in my LoginController.php:
public function username() {
return 'Username';
}
and also changing getAuth...() functions in User.php model:
public function getAuthIdentifier()
{
return $this->attributes['UserId'];
}
public function getAuthIdentifierName()
{
return 'Username';
}
public function getAuthPassword()
{
return $this->attributes['Password'];
// return 'Password';
}
What prevents my app to auth the user? Big thanks!!
p.s. there seems to be a new link appeared after i named my route for logout() in LoginController.php:
public function logout(Request $request) {
Auth::logout();
$request->session()->invalidate();
$request->session()->regenerateToken();
return view('/login');
}
protected function redirectTo($request)
{
if (! $request->expectsJson()) {
return route('login');
}
}
No error flash message after login process in Laravel manual auth and a new link on the left side after naming a route
edit: i found that the auth trying to find a user using query SELECT * FROM usersWHEREUsername = 'UserId' LIMIT 1
dd($request) result and clockwork screenshot
I found that my getAuthIndentifier() method that was later modified to:
public function getAuthIdentifier()
{
return 'UserId';
}
causing the trouble that the query changed to SELECT * FROM `users` WHERE `Username` = 'UserId' LIMIT 1. So i had to turn the method to comment and my username input can be read to the query again. Thank you!!
successful auth with the right query for the logged in user
Actually I wanted that my application will go to admin_panel.blade.php only if the user login. I don't want to go there directly. So I implemented middleware and session but it's not working because if I directly goes to 'admin_panel' then it does not restrict me. Without or with using login information it grants me to go to admin_panel.
Kindly solve my issue.
Web.php
Route::get('/admin_log', function () {
return view('Admin.admin_login');
});
Route::group(['middleware'=>'session_auth'],function(){
Route::get('/admin_panel','LoginController#admin_panel');
LoginController
public function admin_panel(){
return view('Admin.admin_panel');
}
public function admin_login(Request $req){
$login=AdminLogin::first();
if ($login->Admin_Name==$req->admin_name && $login->Admin_Password==$req->admin_password ){
$req->session()->put('session_name',$req->admin_name);
return redirect('admin_panel');
}
else{
return redirect('admin_log')->with('error','Invalid UserName or Password!');
}
}
Middleware
public function handle($request, Closure $next)
{
if(is_null($request->session()->get('session_name'))){
return redirect('/admin_log');
}
return $next($request);
}
I have two login forms with two different tables.One is default with /login route and the other has route /myportal. I have extra logincontroller
protected $redirectTo = '/student-home';
public function showLoginForm()
{
return view('my_portal');
}
public function logout(Request $request)
{
$this->guard()->logout();
$request->session()->flush();
$request->session()->regenerate();
return redirect('/my_portal');
}
protected function guard()
{
return Auth::guard('web_student');
}
public function username ()
{
return 'username';
}
This login is working fine. But, I am having problem with RedirectIfAuthenticated
public function handle($request, Closure $next, $guard = null)
{
if (Auth::guard($guard)->check()) {
return redirect('/home');
}
else if(Auth::guard('web_student')->check())
{
return redirect('student-home');
}
return $next($request);
}
Now, if the user is already logged in, it is redirected to /student-home only if the route is /login and not /my-portal. i.e only if i click on regular form not this extra form I created. How can I redirect to student-home if user clicked on /my-portal?
You can connect a controller to the my-portal route with :
Route::get('test', 'exampleController#example') ;
Then in the controller function, you can check if the user is already logged in by
public function example() {
if(Auth::check()) {
//This condition will run if the user is logged in !
return redirect('student-home');
}
//Do whatever you want if user is not logged in!
}
Hopefully, this answers your question!
Please change your RedirectIfAuthenticated middleware like this
public function handle($request, Closure $next, $guard = null)
{
if (Auth::guard($guard)->check()) {
if(guard == 'web_student') {
return redirect('student-home');
}else return redirect('/home');
}
return $next($request);
}
The problem with your code is that the following segment will always true if a user is logged in. You have to check for whether or not a specific guard is set, inside this if statement if you want to redirect them accordingly.
if (Auth::guard($guard)->check()) {
return redirect('/home');
}
I need authenticate a user from my controller.
public function index()
{
$user = User::find(1);
Auth::login($user, true);
dd(Auth::check()); // returns true
}
public function dev()
{
dd(Auth::check()); // returns false
}
When I run index() that's ok. Script returns true. But next when I go to dev() - scripts returns false.
I tried with diferrent session drivers (file, cookie, database).
CORRECT CODE:
public function index()
{
$user = User::where('email', 'dekadent111#gmail.com')->first();
Auth::login($user, true);
return view('main');
}
public function dev()
{
var_dump(Auth::user());
}
dd() in the index action is breaks Auth
I'm working with laravel 5.2, and I have a problem with customized authentication. It doesn't log the user on .
Here you can find my code for the function:
public function login(Request $request)
{
$this->validateLogin($request);
$email = $request->get('email');
$user = User::where('email', $email)->first();
if(! is_null($user))
{
if (Auth::login($user))
{
return redirect('/profile');
}
}
else
{
$this->register($request);
}
}
In the place of Auth::login, I tried also the function attempt and check, but nothing was working ...
It logs the user, but it showed a blank page, without redirecting to the url.
You are seeing a blank page instead of being redirect to '/profile' because your second if condition is never true as
Auth::login($user)
never returns a null even if user is logged in
so basically
if (Auth::login($user))
{
return redirect('/profile');
}
this is if condition is never satisfied in your case.
You can try this
public function login(Request $request)
{
$this->validateLogin($request);
$email = $request->get('email');
$user = User::where('email', $email)->first();
if(! is_null($user))
{
Auth::login($user);
if (Auth::check())
{
return redirect('/profile');
}
}
else
{
$this->register($request);
}
}
Auth::check();
will return true if the user is logged in and will be redirected to '/profile'.