I am trying to submit one form and login one user and it seems to work fine in localhost, but when I upload this code onto a live server then the Token is not working.
I have checked that the CSRF token and session token value is not same.
Also the post request is not working so I have added the route in except VerifyCsrfToken now the post request is working but after login the user session is not working
if (Session::token() != $request->get('_token'))
{
echo 'Not Match';exit;
}
Above the result shows me no match .
I have regenerated the key on the server, also I had provided the permission to storage folder.
Cache data has been cleared but the authectioncation is not working it doesn't work.
<form class="login-form js-login-frm" role="form" method="POST" action="{{ route('admin.login-post') }}">
{{ csrf_field() }}
<div class="form-body">
<div class="row">
<div class="col-xs-12">
<div class="form-group">
<div class="input-group" title="{{__('username_or_email_address')}}">
<span class="input-group-addon"><i class="fa fa-envelope-o"></i></span>
<input class="form-control" autofocus type="text" id="email_address" placeholder="{{ __('username_or_email_address') }}" name="login"/>
</div>
</div>
</div>
<div class="col-xs-12">
<div class="form-group">
<div class="input-group" title="{{__('enter_password')}}">
<span class="input-group-addon"><i class="fa fa-lock"></i></span>
<input class="form-control" id="password" type="password" placeholder="{{ __('enter_password') }}" name="password"/>
</div>
</div>
</div>
</div>
</div>
<div class="form-actions">
<button class="btn-del btn-5 btn-5a fa fa-lock login-btn" type="submit" id="login_btn">
<span>{{ __('login') }}</span>
</button>
</div>
</form>
In My controller
$remember = $request->remember ? true : false;
$auth = Auth::guard('web')->attempt([
'email' => $request->login,
'password' => $request->password,
'is_active' => 1
], $remember);
This code is working fine but the user doesn't get redirected to the dashboard page it redirect to login page again.
Can anyone help with the login the user in the system, and redirect to proper route.
In a test environment the CSRF token is not checked in the middleware. Replace {{ csrf_field() }} with #csrf and you should be fine. Have a look at the source code of the generated login page.
Related
I'm trying to redirect the user back to the previous page if the token entered is invalid but i'm getting the error:
The GET method is not supported for this route. Supported methods: POST.
Everything works well when the token is valid. Here is my code:
ForgotPasswordController
public function showPasswordResetForm(Request $request)
{
$inputToken = $request->token;
$tokenData = DB::table('password_resets')
->where('token', $inputToken)
->first();
if ( ! $tokenData) {
return redirect()
->back()
//redirect back if the token does not exist
->withErrors(['token' => 'Token doesnt exist']);
}
$token = $tokenData->token;
return view('auth.passwords.reset')->with('token', $token);
}
Route
Route::get('reset-password/{token}', 'Auth\ForgotPasswordController#showPasswordResetForm')
->name('check.token');
Blade
<form method="POST" action="{{ route('check.token',$token) }}">
#csrf
<div class="form-group row">
<label for="token" class="col-md-4 col-form-label text-md-right">
{{ __('Reset code') }}
</label>
<div class="col-md-6">
<input
id='token'
type="text"
class="form-control #error('token') is-invalid #enderror"
name="token"
required
autocomplete="token"
autofocus
>
#error('token')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
#enderror
</div>
</div>
<div class="form-group row mb-0">
<div class="col-md-6 offset-md-4">
<button type="submit" class="btn btn-primary">
{{ __('Continue') }}
</button>
</div>
</div>
</form>
First of all, if you are sending data through a form, you should avoid using GET (as the one defined in your route). You are making a post request, so this must be consistent with your defined endpoint. Chage it to this:
/** view */
<form method="POST" action="{{ route('check.token', $token) }}">
// ^^^^^
</form>
/** route */
Route::post('reset-password/{token}', '/** ... */')->name('check.token');
// ^^^^
Now, the error is originated when doing the redirect back, this doesn't have to do with this endpoint but the previous one, the one that shows that form. It looks like this previous endpoint is defined as POST instead of GET, this is the one that you should modify to fix the issue.
We can't see how this route is defined so I'll use an example. Try changing it from:
Route::post('show-form', 'MyController#myMethod');
To this:
Route::get('show-form', 'MyController#myMethod');
Laravel redirect me back to the login page after each attempt to login. How do i fix this issue?
I've tried changing the session from 'file' to 'database' and clearing all the cache(both in the browser and in laravel, yet it's still redirects back to the login page)
Here is the web route:
// Login
Route::post("/profile/dashboard","LoginController#login")->name('login');
Here is my controller:
public function login(Request $req)
{
// validate form
$req->validate([
"email" => "required|email|max:255",
"password" => "required|max:16",
]);
$user = ["email" => $req->email, "password" => $req->password];
// Attempt to login
if (!Auth::attempt($user)) {
return back();
}
// Redirects to dashboard
return redirect()->route('dashboard');
}
Sorry for the poor formatting. Here is my view:
<form action="{{ url("/profile/dashboard") }}"
method="post" class="user">
{{ csrf_field() }}
<div class="form-group">
<input type="email" name="email" id="email" class="form-control
form-control-user" aria-describedby="emailHelp" placeholder="Enter Email Address...">
<label class="error" for="email">
#include("pages.errors.email")
</label>
</div>
<div class="form-group">
<input type="password" name="password" id="password" class="form-control form-control-user" placeholder="Password">
<label class="error" for="password">
<label class="error" for="password">
#include("pages.errors.password")
</label>
</label>
</div>
<div class="form-group">
<div class="custom-control custom-checkbox small">
<input type="checkbox" class="custom-control-input" id="customCheck">
<label class="custom-control-label form-check-label" for="customCheck">Remember Me</label>
</div>
</div>
<button type="submit" class="btn btn-outline-success btn-user btn-block text-uppercase">Login</button>
<hr>
<a href="index.html" class="btn btn-danger btn-google
btn-user btn- block text-uppercase">
<i class="fab fa-google"></i> Login with Google
</a>
</form>
I dont't if this will help but here is my session set to database:
'driver' => env('SESSION_DRIVER', 'database'),
No Error was generate. It redirects back to the login page without any given error.
https://laravel.com/docs/5.8/validation#quick-displaying-the-validation-errors
So, what if the incoming request parameters do not pass the given validation rules? As mentioned previously, Laravel will automatically redirect the user back to their previous location. In addition, all of the validation errors will automatically be flashed to the session.
Since you're not displaying the $errors variable, you're not getting any useful feedback. Try showing the value of $errors->all() in your form.
I have a problem with my Laravel and probably routes but I'm not sure.
So, there is a contact form in modal window. When I click on Send button I've got page not found error.
What I have in the web.php is
Route::post('/apply_now','HomeController#apply_now')->name('apply_now');
In the HomeController.php
public function apply_now(Request $request)
{
... form fields data
return Redirect::to('/')->with('message', 'Sent');
}
And the form
{{Form::open(array('route'=>'apply_now','files' => true,'method'=>'post'))}}
...
form field
{{Form::close()}
The error
Not Found
The requested URL /apply_now was not found on this server.
I don't see anything wrong with the routes but yet can't find the problem.
UPDATE:
| | POST | apply_now | apply_now | App\Http\Controllers\HomeController#apply_now
UPDATE 2. The modal
<!-- Apply Modal -->
<div class="modal fade" id="apply" tabindex="-1" role="dialog" aria-labelledby="applyModalLable">
<div class="modal-dialog" role="document">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">×</span></button>
<h4 class="modal-title text-center" id="applyModalLable">Apply Now</h4>
</div>
<div class="modal-body">
<form method="POST" action="https://example.com/apply_now" accept-charset="UTF-8" enctype="multipart/form-data">
<input name="_token" type="hidden" value="OyEdnHIWRgbZmPo0joodNmWraDSuuACIrwqup044">
<div class="form-group ">
<input type="text" name="your_name" class="form-control" placeholder="*Your Name" value="" >
</div>
<div class="form-group ">
<label>*Country</label>
<input type="text" name="country" class="form-control" placeholder="Your Country" >
</div>
<div class="form-group ">
<input type="text" name="contact_email" class="form-control" placeholder="*Contact Email" >
</div>
<div class="form-group ">
<input type="text" name="contact_phone" class="form-control" placeholder="*Contact Phone">
</div>
<div class="form-group text-center">
<button type="submit" class="btn btn-custom btn-sm btn-block">Submit</button>
</div>
</form>
</div>
</div>
</div>
</div>
make routes like this:
Route::match(['get', 'post'],'/apply_now', 'HomeController#apply_now');
Looks like there is no error in the code, can you clear the cache;
php artisan route:cache
enter image description here
Did you see the area in the picture?
Try Adding
{{ csrf_field() }}
This will add the CRSF Token field to your form
eg. <input type="hidden" name="_token" value="SomeRandomString">
which is required by laravel ,CSRF is enabled by default on all Routes to check if the post request is secure , you can also disable it from VerifyCsrfToken.php which is middleware located at
app\Http\Middleware
To Disable the CRSF for your route
update
protected $except = [
//
'apply_now'
];
Disabling this is not a good practice, If you want your application secure
Add
{{ csrf_field() }}
In your form for.eg.
{{ Form::open(array('route'=>'apply_now','files' => true,'method'=>'post')) }}
...
form field
{{ csrf_field() }}
{{ Form::close() }}
Now once you submit the form laravel will check if crsf token is sent with the form and let your request proceed further
Try with this,
Route::get('/', 'HomeController#index')->name('home');
In your controller
return redirect()->route('home')->with('message', 'Sent');
Hope this helps :)
Run this command and try again
php artisan optimize:clear
or
remove all files from the
/bootstrap/cache
/storage/framework/cache/data
/storage/framework/sessions
/storage/framework/views
and make sure you have defined both urls into web.php file something like this:
Route::post('/','HomeController#index');
Route::post('apply_now','HomeController#apply_now')->name('apply_now');
and make sure your server has turned on mod rewrite. So Laravel can handle .htaccess rules.
I have the following HTML inside of my view. It's using a boostrap modal. It works fine for logging-in and redirecting, but upon a failed login attempt it's not redirecting the user back to te actual login page. action="{{ route('login') }}"> shouldn't this be taking the user back to the login page?
<form class="form-horizontal" method="POST" action="{{ route('login') }}">
{{ csrf_field() }}
<div class="form-group{{ $errors->has('email') ? ' has-error' : '' }}">
<div class="col-md-12">
<input id="email" type="email" placeholder = "Email address.." class="form-control" name="email" value="{{ old('email') }}" required autofocus>
</div>
</div>
<div class="form-group{{ $errors->has('password') ? ' has-error' : '' }}">
<div class="col-md-12">
<input id="password" type="password" placeholder = "Password" class="form-control" name="password" required>
</div>
</div>
</div>
<p class = "small" style="padding:10px;">By signing up, you are indicating that you have read and agree to the Terms of Use and Privacy Policy.</p>
<div class="modal-footer">
<button type="submit" class="btn btn-primary">Enter</button>
</div>
</form>
The actual redirecting problem might be caused by the called controller.
Please check the function/method behind the post login and check if you have sth. like
return Redirect::back()->withErrors(['msg', 'The Message']);
at the end of the validation.
Here you can find a related post about redirecting.
For further informations about redirecting have a look at the documentation. There are also pretty good examples about the redirect function with parameters
im trying to build a user login and registration form and this is my route :
Route::get('/register', function()
{
return View::make('register');
});
Route::get('/register', function()
{
$user = new User;
$user->username = Input::get('username');
$user->password = Hash::make(Input::get('password'));
$user->save();
$username = Input::get('username');
return View::make('registered')->with('username',$username);
});
and this is my html :
<div class="container">
{{ Form::open(array('url' => 'register', 'class' => 'form-horizontal')) }}
<fieldset>
<!-- Form Name -->
<legend>Form Name</legend>
<!-- Text input-->
<div class="form-group">
<label class="col-md-4 control-label" for="username"></label>
<div class="col-md-4">
<input id="username" name="username" type="text" placeholder="" class="form-control input-md" required="">
</div>
</div>
<!-- Password input-->
<div class="form-group">
<label class="col-md-4 control-label" for="password"></label>
<div class="col-md-4">
<input id="password" name="password" type="password" placeholder="" class="form-control input-md" required="">
</div>
</div>
<!-- Appended checkbox -->
<div class="form-group">
<label class="col-md-4 control-label" for="appendedcheckbox"> </label>
<div class="col-md-4">
<div class="input-group">
<input id="appendedcheckbox" name="appendedcheckbox" class="form-control" type="text" placeholder="">
<span class="input-group-addon">
<input type="checkbox">
</span>
</div>
</div>
</div>
<!-- Button -->
<div class="form-group">
<label class="col-md-4 control-label" for="submit"> </label>
<div class="col-md-4">
<button id="submit" name="submit" class="btn btn-inverse"> </button>
</div>
</div>
</fieldset>
</div>
few problems :
1.
my form does not loads and i see just
the last button for submitting the form and : ' you have registered in $username ' which i design to loads AFTER user submitted
2.my localhost:8000 loaded laravel first page one time but when i began to work on the project i just receiving blank white page and currently accessing my file like this : http://localhost/vendor/bin/crm/public/register
3.
is hashing in laravel secure enough? or should i do something else ?
4.
my way of doing this is alright or there is a better way for login and reg using laravel ?
You have two routes responding to get requests on /register. Change the second one to Route::post(...) and I would also change both to just register. There isn't a need to prepend a slash onto your routes.
Hashing in Laravel is secure and shouldn't be something you have to worry about.
There really isn't a "right" way of doing things, it really depends on how the rest of your app works, how complicated it is, and how easy it should be to maintain. If it were me though, I would have a LoginController with a method for showing the view and a method for creating the user and have those methods respond to the request rather than putting everything right in your routes.php file.
You are also missing a {{ Form::close() }} at the end of your view as well.