For the context, I send an email for the verification of the account of my user.
By clicking on a button, it triggers a /verify-user route on my laravel routes.
At the end of my activation action into my controller, I make a return redirect('/')->with('message', 'Your account has been activated');.
According to the documentation this line put my message into the session.
But now I want to access this session into my .vue component when the component is mounted.
I tried to use the vue-session package, but that returns me always "undefined" when I try to access the this.$session.get('message').
My '/' component is composed with an app.blade.php where I have a router-view component who render the component based on my vue routes.
I am quite sure I am not the first person who want to do something like this, but I don't find any clue on the internet how to do that.
I tried with the props but in vain :(
Thanks
Related
I am building a weather app with laravel(almost finished) and i decided to implement the frontend with react/redux/react-router and use laravel from api calls. The only thing that i decided to leave the same is my custom laravel auth implementation with routes and views. However, i struggle to find a secure way to pass my Auth::user object after login in order to store on redux. I have 2 options:
1) After login and before render the main jsx, to make an axios request to specific route in order to return the Auth::user like:
in routes.php
Route::post('/auth/user' ,function(){
return response()->json(['user'=>auth()->user()]);
})->middleware('auth');
in js
axios.post('/auth/user').then((res)=>{console.log(res.data.user)}).catch((e)=>{console.log(e)})
2) pass Auth::user with blade, catch it with getAttribute, save it to redux and instantly remove from DOM:
<div id="app" data-usr="{{ auth()->user() }}"></div>
However neither of them seem to me like a secure way to pass this kind of data. Can anyone tell me his opinion about this or figure me with a better solution?
Thanks a lot.
I would create a Class to represent the user with just the vital information I need to show on the front-end.
So instead of passing auth->user() to the front, you can inject it into a decorator and generate a simpler user class with just the methods you wish to display.
Thankfully i found a solution with API TOKEN implementation built-in with Laravel. Also i destroy token after logout and recreate it in login, so nobody can use it with other services to collect data if he is not signed in
I'm new to laravel and making a web service that can function without javascript (if a user has it disabled or something.)
But it would be a better user experience to be able to perform certain actions without refreshing the whole page. I'd like to be able to say, send a form without reloading the page, or refresh notifications.
The options I can think of are:
1) Send the ajax to the same route as the pure html form, but with an extra variable and make my laravel respond with json when that variable is detected
2) Use the API route? Will this detect the currently logged in user?
3) Make new routes for everything ajax, even though they function the same as my current routes (aside from returning a view)
Also, does the CSRF token work multiple times in a row, or do I need to disable that to handle multiple ajax form posts in a row without page refreshes?
I recommend keeping the routes separate, both to prevent weird caching bugs and for your own sanity as the code changes over time.
Laravel is set up out of the box to let you define web routes in routes/web.php and api routes in routes/api.php. Routes defined in your api.php file will be available at /api/* by default. It's much easier to manage changing the application this way, rather than trying to make your controllers do both views and api responses.
With Laravel Passport, your API routes can detect the currently logged in user via the auth:api middleware when combined with adding the Laravel\Passport\Http\Middleware\CreateFreshApiToken to your web middleware group.
https://laravel.com/docs/5.7/passport#consuming-your-api-with-javascript
An easy way to manage the duplicated controllers (one for web and one for api) is to put Api controllers in their own namespace, with php artisan make:controller Api/FooController. You can even set up your Api routes to look for controllers in this namespace by default by editing RouteServiceProvider.php.
I am new to the laravel framework,and i setup the laravel basic authentication it simple and awesome.
I need a clarification in following things
1.when i list the all routes using route list command i can see the many routes including the functionalities for login and register ,but the routes not registerd in in route.php file ,how its worked?
2.I want to add some more fields in registration for that i am looking for this function AuthController#register ,but there is no function named register in it,so where it is actually located.??
EDIT
1.I need to find the login functions also,because I want to show custom error message to the user is(password not found,invalid email,account blocked )
2.want to change the route after logout
SO community!
I have a project, that I've built on Laravel 5.2. As its authorization I am using the built in one, that can be generated by running
php artisan make:auth
It serves well, but the system's users will be mostly invited by the administrator, whose account is created by the built-in auth action under the route /register. There will be multiple instances of my project hosted separately.
Once the system is set up I do need the route to create the administrator account, but after that I would like the route to be not be accessible.
The customization I need is as follows:
I am thinking about an "if" that would check how many administrator accounts there currently are. If there is at least one, the /register route would redirect to /login.
Something like this:
$administrators = User::where( 'role', User::ROLE_ADMIN )->get();
if ( count( $administrators ) != 0 ) return redirect( url('/login') );
It is a simple piece of code, but I do not know where to put it.
First possible solution:
At first I was thinking that I would need to customize the register action by adding the check to it, but the AuthController does not have register action and I do not understand how the AuthController works.
Second possible solution:
I was thinking of creating a middleware with the admin count check for the /register route, but in the routes file the built-in authorization routes are somehow condensed and added with this piece of code:
Route::auth();
Is there some way of extracting the /register route out of that, so I bind the middleware on to it?
Or maybe there is a better way of adding the check.
Any help will be much appreciated!
I'm looking for a way for users that are logged in to register new users. I don't want unregistered users creating new users. The problem that I'm coming up against is that Laravel does a lot of rerouting when you use their registration controllers so that it auto reroutes you away from the registration page if you are already logged in. Is there a way that I can get around this functionality without having to rewrite all of the registration logic?
I've tried simply adding auth middleware to the registration route but it immediately reroutes to the home page of the app before you hit the registration view. If I create a route that redirects to the registration view like this-
Route::get('register', function(){
return view('auth.register');
});
It will give me the registration page but silently fail to add any users to the database. I think it may be because the RegistersUsers class has use RedirectsUsers as its first statement. Short of rewriting the code there is there another way to accomplish what I'm trying to do?
I'm using Laravel 5.2 with the make:auth standard views