I am trying to implement google login using socialite plugin in laravel in which I want to set password filed (is user should set a new password before entering into the profile page).
After the password entering I need to create a new user entry via User::create() method ,but I don't know how to access the $user variable in my createUser function
Code
public funtion handleCallback($provider) {
//get userinfo
$user = Socialite::driver($provider)->user();
//set new password
return view('views.new-password');
}
//new password and create user
public function createUser(Request $request) {
//$user from handleCallback
dd($user)
}
Can I use a session variable to store this data so that I can access across multiple controllers is it the right way to do this??
Related
I'm using the Laravel Tymon package for JWT user authentication.
I'm also caching every user object after a new user is created and saved in the database so that I can load the data faster on selects.
The authenticate() method in the Tymon package takes the token as an input and uses the user model in order authenticate the user as follows:
public function authenticate($token = false)
{
$id = $this->getPayload($token)->get('sub');
if (! $this->auth->byId($id)) {
return false;
}
return $this->auth->user();
}
Is it possible to authenticate the token against the cached user model instead of the actual model?
I have tried one way to do this and that is overriding the authenticate() method in AppServiceProvider.
But I want to handle this on the User model instead. Which means that I want the User model to fetch the user object from cache (if it exists) instead of fetching it from the database and change/override nothing on the authenticate method.
I'm using an API wherein I want to login the user. The only information that I have is his/her email.
How will I be able to authenticate that user without having to insert his/her password?
Here's the code that I tried.
public function linkedinLogin()
{
$email = json_decode($_POST['email']);
Session::put('linkedin_email', $email);
//$value = session('linkedin_email');
if (Session::has('linkedin_email')) Auth::login(Session::get('linkedin_email'));
return $value;
}
I believe that you have to pass App\User to the Auth::login function, but you are passing an email address. This will not work.
What I suggest is doing one of two things:
Find the ID of the user associated with that linkedin_email and use the Auth::loginUsingId(id) to authenticate the user. or,
Find the user associated with that linkedin_email and pass the $user to the Auth::login function.
For Example:
$user = App\User::where('linkedin_email', $value)->get()->first();
Auth::login($user);
I understand that the auth functions allows a user to login etc, but I wanted a confirmation on what exactly was happening in the background.
My guess is that it's just a cookie that holds the login details, correct?
Or is it only storing the remember_token and then automatically comparing that with what is stored in the users table?
So if I wanted to create an account edit page. Would I have to do anything like comparing the auth id with the users table id that the e-mail matches up with? Or is it handling all that automatically?
Laravel Auth is nothing but its class where already all authentication methods or functions are written in laravel out of box.so you need not required to write all that function which is relating to user login.for example to check user we simply use
Auth::check();
but in laravel auth class they written like this
public function check()
{
return !is_null($this->user());
}
in the same way for login attempt we are passing parameter to attempt method .Here also laravel built in function is there
public function attempt(array $credentials = [], $remember = false, $login = true)
{
$this->fireAttemptEvent($credentials, $remember, $login);
$this->lastAttempted = $user = $this->provider->retrieveByCredentials($credentials);
// If an implementation of UserInterface was returned, we'll ask the provider
// to validate the user against the given credentials, and if they are in
// fact valid we'll log the users into the application and return true.
if ($this->hasValidCredentials($user, $credentials)) {
if ($login) {
$this->login($user, $remember);
}
return true;
}
return false;
}
Here you are passing all credentials in array and remember password and all
I do have a UserController and User Model in my Laravel 5 source.
Also there is one AuthController is also Present (shipped prebuilt with laravel source).
I would like to query data from db in my blades making use of Eloquent Models.
However, Neither in my User Model (Eloquent ) nor in any of the controller, the user() method is defined. even then, I could use it in my blade by accessing it from Auth class. why?
For example,
in my blade, {{ Auth::user()->fname }} works. it retrieve the data fnamefrom my users table and echo it.
What is the logic behind it, and can i emulate the same for other db tables such as tasks?
Whenever you do it automatically or manually some like this
if (Auth::attempt(['email' => $email, 'password' => $password]))
{
}
The selected User's Data will be stored in the storage/framework/sessions
It will have data something like
a:4:{s:6:"_token";s:40:"PEKGoLhoXMl1rUDNNq2besE1iSTtSKylFFIhuoZu";s:9:"_previous";a:1:{s:3:"url";s:43:"http://localhost/Learnings/laravel5/laravel";}s:9:"_sf2_meta";a:3:{s:1:"u";i:1432617607;s:1:"c";i:1432617607;s:1:"l";s:1:"0";}s:5:"flash";a:2:{s:3:"old";a:0:{}s:3:"new";a:0:{}}}
The above sessions file doesn't have any data and it will have the data such as user's id, url, token in json format.
Then whenever you call the {{ Auth::user()->fname }} Laravel recognises that you're trying to fetch the logged in user's fname then laravel will fetch the file and get the user's primary key and refer it from the user's table from your database. and you can do it for all coloumns of the users table that you have.
You can learn more about it here
This user function is defined under
vendor/laravel/framework/src/Illuminate/Auth/Guard.php
with following content :
/**
* Get the currently authenticated user.
*
* #return \Illuminate\Contracts\Auth\Authenticatable|null
*/
public function user()
{
if ($this->loggedOut) return;
// If we have already retrieved the user for the current request we can just
// return it back immediately. We do not want to pull the user data every
// request into the method because that would tremendously slow an app.
if ( ! is_null($this->user))
{
return $this->user;
}
$id = $this->session->get($this->getName());
// First we will try to load the user using the identifier in the session if
// one exists. Otherwise we will check for a "remember me" cookie in this
// request, and if one exists, attempt to retrieve the user using that.
$user = null;
if ( ! is_null($id))
{
$user = $this->provider->retrieveById($id);
}
// If the user is null, but we decrypt a "recaller" cookie we can attempt to
// pull the user data on that cookie which serves as a remember cookie on
// the application. Once we have a user we can return it to the caller.
$recaller = $this->getRecaller();
if (is_null($user) && ! is_null($recaller))
{
$user = $this->getUserByRecaller($recaller);
if ($user)
{
$this->updateSession($user->getAuthIdentifier());
$this->fireLoginEvent($user, true);
}
}
return $this->user = $user;
}
this Guard.php has more functions defined in it which we use every now and then without even knowing where they are coming from
It works because Laravel comes with decent authentication.
Auth is the authentication library and has plenty of features like this, check out the documentation!
I'm trying to get authentication working in Symfony2.
My users use a login form somewhere else on the site that is not controlled by symfony2.
what I would like is Symfony to detect the users are already logged in and authenticated by reading a session variable and comparing against the DB.
I don't want to reimplement a login form on the symfony part of the website.
In symfony 1.x, for example, I would simply overload the BasicSecurityUser class and use the setAuthenticated method, but it seems this is not possible in Symfony2.
Is there any simple way of achieving the same result?
Thank you!
Once you know the user name of the authenticated user, you can log them in with:
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
class MyController {
// Takes either userName or an actual user object
protected function setUser($userName)
{
if (is_object($userName)) $user = $userName;
else
{
$userProvider = $this->get('zayso_core.user.provider');
// Need try/catch here
$user = $userProvider->loadUserByUsername($userName);
}
$providerKey = 'secured_area';
$providerKey = $this->container->getParameter('zayso_area.provider.key'); // secured_area
$token = new UsernamePasswordToken($user, null, $providerKey, $user->getRoles());
$this->get('security.context')->setToken($token);
return $user;
}