Hey guys i am new to laravel and i am trying to make a login system for lecturerand admin where the admin can register and edit the users details. I am aware that Laravel has an in-built auth system but it does not have the the function to edit the user details. There are two options that i thought that might work
Use the existing auth system for register/login while adding a new controller and view to edit the users details.
create a new register/login system from scratch with a new migration table and implement the edit functions. But my concern is if i create from scratch how to i use the Auth() class to handle the access control?
Anyone able to clarify for me which option works??
i suggest you to use laravel Auth Class and then use some ACL package like laravel-permission
https://github.com/spatie/laravel-permission
to handle you user as admin,guest and so more
you can create multi level users with different permissions and roles
Definitely option one
It's always good to use Laravels built-in user scaffolding
Most of the authentication and authorization for your application will already be handled
Why reinvent the wheel? Option 1 it is.
Related
I want to create a new Laravel 5.8 based application using the database of an old PHP based application.
The problem is: My previous project uses five tables to store user-related information and all of those tables are used during login (to set session data).
Those tables are user_account, user_role, user_partner_portal, user_access_control, and user_control_access_right.
The relationship between those tables are in the below images:
By default, laravel uses users table to handle authentication and I don't know how to customize Laravel login system so that I can use all of those five tables during login to authenticate a user and also store the user-related information into the session.
I am primarily using CodeIgniter for all of my projects and it is very easy to do that authentication using CodeIgniter. But I am new in Laravel, so I can't figure it out.
So my question is: Is it possible using laravel to design such an authentication system? If yes then how?
TIA
So laravel uses LoginController class for the login. Inside there you are going to find the function authenticate.
Laravel put's the predefined logic there but if you want to make it really custom like update all your tables etc etc you are free to do it.
You can even create your own class and change the login route to point to your own controller. Basically you can do anything you like.
I am really struggling with Laravel auth. I read the manual many times, went to the code, but I still don't understand how the level of intrication of the Auth module.
As far as I understood, the app files that take part of the Auth are:
Manager: Auth (Illuminate\Auth\AuthManager)
Service Provider: AuthServiceProvider (Illuinate\Foundation\Support\ProvidersAuthServiceProvider)
Middleware: Authenticate
Gate
Model: User
Controller: LoginController
It seems these controllers LoginController, RegisterController, ... are called by magic, hardcoded deep down in Illuminate\Routing\Router. But, I do not want to use or register any ResetPasswordController, neither ForgotPasswordController simply because I do not hold any passwords on my application.
So in my case I do no store any email or password in my database. My authentication is done with OAuth2, the only think I do, is collecting an access token that I store on my database.
The question is:
How can I use the builtin Laravel Auth system that I am forced to use anyway because some providers require an access to app('auth')?
What then is the best solution in my case?
Rewrite the whole Auth Manager and override the Router to remove the burred links to the unneeded controllers
Tweak the existing Auth system to fulfill my needs
I am quite lost...
i want to ask a question regarding the login to Laravel using Prestashop customers data.
Recently, I'm doing a new project whereby in Laravel user login, I want to use Prestashop users (customers) data. That is we will not using Laravel own local user data, but we will use prestashop customers data.
How do I integrate Laravel with Prestashop in user login? Create custome authentication?
And how do I modified the AuthenticateUser in Laravel? I have been searching online in this matter, but I can't find any related.
You may find some libraries that may or may not facilitate this, however, when I needed a similar feature, I simply developed it myself. In brief:
1) In Laravel create a service to authenticate the user through the PrestaShop API.
2) Depending on the response from PrestaShop, you can create a USER in Laravel and instead of a password, save an access token. Same as you would do with say FB login but obviously cannot use Socialite direct - albeit you can extend it or copy its code.
3) You can if wish copy the PrestaShop credentials and allow the user to login directly through Laravel in the future.
There are other methods you can use instead of my suggestion, such as continuously update the Laravel's users' tables from PrestaShop but this is not very consistent and secure.
Laravel 4 with Sentry 2 for ACL
Note: I am using laravel functions for login, but need sentry only for ACL purpose, to check permissions
Want to achieve this:
if ( Sentry::getUser()->hasAnyAccess(['system']) )
{
echo 'has access to system';
}
but i keep getting the following error:
Sentry::getUser()->hasAnyAccess(['system']); //this hits error: Call to a member function hasAnyAccess() on a non-object
The way Sentry2 does authentication is not compatible with Laravel's built in authentication system. As far as I understand Laravel's built in authentication system and Sentry2 set different session keys to store the details of the logged in user. So it is not possible to use Sentry2 to pull up the details about laravel authenticated user. But, given that you use the same database table for both User model and the model used with Sentry2 this should work.
Sentry::findById(Auth::user()->id)->hasAnyAccess(['system'])
If you want to use Sentry in built in auth compatible way you may want to check this package.
https://bitbucket.org/hampel/sentry-auth-driver-for-laravel
If you interested there is a laravel package that integrates sentry with an admin panel: https://github.com/intrip/laravel-authentication-acl
The problem here is that Laravel Auth and Sentry do not use the same variables to store user information, so when you authenticate with Laravel's Auth::attempt(), Sentry::getUser() will still return null.
The opposite is also true - if you authenticate with Sentry::authenticate(), Auth::user() does not return an object.
The simplest solution is to do an all-or-nothing approach to authentication; either swap out the Laravel portions for Sentry, or vice verse.
One way I've implemented role based ACL in native Laravel is by adding a roles table to the database which has a name column on it + a pivot table, then adding this access checking code to my User driver. That code allows me to check ACLs via syntax like Auth::user()->is(["admin", "publisher"]), etc.
I'm having a hard time understanding how the CakePHP admin system works.
Should all controllers who has an action which requires login include AuthComponent or just the one who handles the login/logout?
Let's say I want to protect the add action of a controller. First I create admin_add() in the controller and then in the beforeFilter() method I check if $this->Session->check('Auth.User') is set a redirect based on this? Turns out it was better to just controll this with $this->Auth->allow()
What is the easiest way to return to the URL the user was trying to access? Is there a better way than setting a session variable? Turns out it does this automagically :)
If someone has a good tutorial for this I would happily read it :)
I've already read this tutorial but I found it to be a little to basic and the CakePHP-docs are not that great on this topic either.
There is no Cake admin system as such. There is Authentication component and there is Access Control List component. You can use only Authentication component if you wish or you can use both of them. If you want to create your admin system from scratch follow this tutorial. Or you can try already created admin panel - PoundCake Control Panel.
we have created an admin system for cakePHP, works similar to the scaffolding but it's configurable and ready to deploy, check it at http://browniephp.org
You can learn a lot from others codes, specially something like CakePHP Admin plugin at: https://github.com/Maldicore/Admin