I'm trying to achieve what described here
https://www.codecourse.com/index.php/forum/topics/how-can-l-protect-the-register-page-in-laravel-52-with-the-auth-middleware-after-php-artisan-make-auth/2717
but I'm not able to get it.
Basically to prevent users that are not "admin" to register new users.
I'm really new with Laravel, so probably it's a simply thing I'm not able to get. And I know there's a lot of material on the web, but I've tried almost everything and nothing wants work.
My AuthController is:
<?php
namespace App\Http\Controllers\Auth;
use App\User;
use Validator;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ThrottlesLogins;
use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;
class AuthController extends Controller
{
/*
|--------------------------------------------------------------------------
| Registration & Login Controller
|--------------------------------------------------------------------------
|
| This controller handles the registration of new users, as well as the
| authentication of existing users. By default, this controller uses
| a simple trait to add these behaviors. Why don't you explore it?
|
*/
use AuthenticatesAndRegistersUsers, ThrottlesLogins;
/**
* Where to redirect users after login / registration.
*
* #var string
*/
protected $redirectTo = '/';
/**
* Create a new authentication controller instance.
*
* #return void
*/
public function __construct()
{
$this->middleware($this->guestMiddleware(), ['except' => ['logout', 'getRegister']]);
}
/**
* Get a validator for an incoming registration request.
*
* #param array $data
* #return \Illuminate\Contracts\Validation\Validator
*/
protected function validator(array $data)
{
return Validator::make($data, [
'name' => 'required|max:255',
'surname' => 'required|max:255',
'email' => 'required|email|max:255|unique:users',
'password' => 'required|min:6|confirmed',
'role' => 'required|max:5',
]);
}
/**
* Create a new user instance after a valid registration.
*
* #param array $data
* #return User
*/
protected function create(array $data)
{
$is_admin='0';
if ($data['role']=='Admin') {$is_admin='1';}
return User::create([
'name' => $data['name'],
'surname' => $data['surname'],
'email' => $data['email'],
'is_admin' => $is_admin,
'password' => bcrypt($data['password']),
]);
}
/**
* Show the application registration form.
*
* #return \Illuminate\Http\Response
*/
public function getRegister()
{
if (! Auth::user()->is_admin == '1')
return abort(403);
return $this->showRegistrationForm();
}
/**
* Handle a registration request for the application.
*
* #param \Illuminate\Http\Request $request
* #return \Illuminate\Http\Response
*/
public function postRegister(Request $request)
{
if (! Auth::user()->is_admin == '1')
return abort(403);
return $this->register($request);
}
}
and my routes.php
<?php
/*
|--------------------------------------------------------------------------
| Application Routes
|--------------------------------------------------------------------------
|
| Here is where you can register all of the routes for an application.
| It's a breeze. Simply tell Laravel the URIs it should respond to
| and give it the controller to call when that URI is requested.
|
*/
Route::get('/', function () {
return view('welcome');
});
Route::get('register', 'Auth\AuthController#getRegister');
Route::post('/register', 'Auth\AuthController#postRegister');
Route::auth();
Route::get('/home', 'HomeController#index');
However the registration form is always visible also for not logged users.
Can someone please help me telling me where is my error? (and maybe how to fix it!)
Thank you a lot, M.
Related
I am trying to update an old (5.2) laravel installation to the newest one (9.2) and most is working except the authentication part.
I already installed laravel/ui, I have an authentication middleware, route and controller but for some reason I get:
Invalid route action: [App\Http\Controllers\Auth\AuthController].
My Authenticate.php middleware:
<?php
namespace App\Http\Middleware;
use Illuminate\Auth\Middleware\Authenticate as Middleware;
class Authenticate extends Middleware
{
/**
* Get the path the user should be redirected to when they are not authenticated.
*
* #param \Illuminate\Http\Request $request
* #return string|null
*/
protected function redirectTo($request)
{
if (! $request->expectsJson()) {
return route('login');
}
}
}
My route in web.php :
Route::get('/login', 'App\Http\Controllers\Auth\AuthController')->name('login');
And my AuthController:
<?php
namespace App\Http\Controllers\Auth;
use App\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Topsite\Dataroom\Models\LogEntry;
use Validator;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ThrottlesLogins;
use Illuminate\Foundation\Auth\RegistersUsers;
class AuthController extends Controller
{
/*
|--------------------------------------------------------------------------
| Registration & Login Controller
|--------------------------------------------------------------------------
|
| This controller handles the registration of new users, as well as the
| authentication of existing users. By default, this controller uses
| a simple trait to add these behaviors. Why don't you explore it?
|
*/
use RegistersUsers, ThrottlesLogins;
/**
* Where to redirect users after login / registration.
*
* #var string
*/
protected $redirectTo = '/';
/**
* The custom login view.
*
* #var string
*/
protected $loginView = 'pages.login';
/**
* Create a new authentication controller instance.
*
* #return void
*/
public function __construct()
{
$this->middleware('guest', ['except' => 'logout']);
}
/**
* Get a validator for an incoming registration request.
*
* #param array $data
* #return \Illuminate\Contracts\Validation\Validator
*/
protected function validator(array $data)
{
return Validator::make($data, [
'name' => 'required|max:255',
'email' => 'required|email|max:255|unique:users',
'password' => 'required|confirmed|min:6',
]);
}
/**
* Create a new user instance after a valid registration.
*
* #param array $data
* #return User
*/
protected function create(array $data)
{
return User::create([
'name' => $data['name'],
'email' => $data['email'],
'password' => bcrypt($data['password']),
]);
}
/**
* Send the response after the user was authenticated.
*
* #param \Illuminate\Http\Request $request
* #param bool $throttles
* #return \Illuminate\Http\Response
*/
protected function handleUserWasAuthenticated(Request $request, $throttles)
{
if ($throttles) {
$this->clearLoginAttempts($request);
}
if (method_exists($this, 'authenticated')) {
return $this->authenticated($request, Auth::guard($this->getGuard())->user());
}
LogEntry::create([
'account_id' => Auth::id(),
'message' => 'Ingelogd'
]);
return redirect()->intended($this->redirectPath());
}
}
I thought maybe I need to set a method in the route so I changed the route to:
Route::get('/login', 'App\Http\Controllers\Auth\AuthController#handleUserWasAuthenticated')->name('login');
But this gives:
Too few arguments to function App\Http\Controllers\Auth\AuthController::handleUserWasAuthenticated(), 1 passed in C:\xampp\htdocs\dataroom.website.nl.test\vendor\laravel\framework\src\Illuminate\Routing\Controller.php on line 54 and exactly 2 expected
I think the $throttles variable is empty but what needs to be passed there? Or maybe I am thinking wrong alltogether and the fix is something else?
I've made a referral system on my laravel project v5.4 but I have 2 issues with that:
My users referral link will load index page of my website instead of loading register page. (How I fix it?)
When user register with referral link nothing will happen in database of the person who invited new user and also new user him/herself. (How I get info in both users tables?)
I simply used this tutorial to get my referral system:
https://brudtkuhl.com/building-referral-system-laravel/
This is my CheckReferral Middleware:
<?php
namespace App\Http\Middleware;
use Illuminate\Http\Response;
use Closure;
class CheckReferral
{
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure $next
* #return mixed
*/
public function handle($request, Closure $next)
{
if( $request->hasCookie('referral')) {
return $next($request);
}
else {
if( $request->query('ref') ) {
return redirect($request->fullUrl())->withCookie(cookie()->forever('referral', $request->query('ref')));
}
}
return $next($request);
}
}
This is my UserController
public function referral() {
$user = User::find(1);
return view('users.referral', compact('user'));
}
Here is my route:
Route::get('/referral', 'UserController#referral')->name('referral');
My RegisterController
<?php
namespace App\Http\Controllers\Auth;
use App\User;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Validator;
use Illuminate\Foundation\Auth\RegistersUsers;
use Cookie;
use DB;
class RegisterController extends Controller
{
/*
|--------------------------------------------------------------------------
| Register Controller
|--------------------------------------------------------------------------
|
| This controller handles the registration of new users as well as their
| validation and creation. By default this controller uses a trait to
| provide this functionality without requiring any additional code.
|
*/
use RegistersUsers;
/**
* Where to redirect users after registration.
*
* #var string
*/
protected $redirectTo = '/home';
/**
* Create a new controller instance.
*
* #return void
*/
public function __construct()
{
$this->middleware('guest');
}
/**
* Get a validator for an incoming registration request.
*
* #param array $data
* #return \Illuminate\Contracts\Validation\Validator
*/
protected function validator(array $data)
{
return Validator::make($data, [
'name' => 'required|string|max:255',
'username' => 'required|string|max:255|unique:users',
'email' => 'required|string|email|max:255|unique:users',
'password' => 'required|string|min:6|confirmed',
'g-recaptcha-response' => 'required|captcha',
]);
}
/**
* Create a new user instance after a valid registration.
*
* #param array $data
* #return User
*/
protected function create(array $data)
{
$referred_by = Cookie::get('referral');
return User::create([
'name' => $data['name'],
'username' => $data['username'],
'email' => $data['email'],
'password' => bcrypt($data['password']),
'affiliate_id' => str_random(10),
'referred_by' => $referred_by,
]);
}
User Model
protected $fillable = [
'name', 'username', 'email', 'password', 'affiliate_id', 'referred_by',
];
And That's it!
if this is for registration the right way to do this is first in your routes you should have a optional input like ..
Route::get('/register/{referral?},'Auth\RegisterController#registerPage');
then in that controller
public function registerPage($referral=0)
{
return view with the $referral variable ..
}
in your view .. your form should look like this ..
<form action="/register/{{ referral }}" method="post" ..... >
back to your route ..
Route::post('/register/{referral},'Auth\RegisterController#doRegister');
in your controller again ..
public function doRegister(Request $request, $referral)
{
$request->merge(['referred_by' => $referral]);
}
so your referred_by is either 0 or other value .. it's up to you how you handle the validation ..
Add register page url in the value in this part -> url('/')
#if(!Auth::user()->affiliate_id)
<input type="text" readonly="readonly"
value="{{url('/').'/?ref='.Auth::user()->affiliate_id}}">
#endif
Question number 1:
I think you should add {{url('/register')}} here instead of {{url('/')}} to make it look this way:
#if(!Auth::user()->affiliate_id)
<input type="text" readonly="readonly"
value="{{url('/register').'/?ref='.Auth::user()->affiliate_id}}">
#endif
If that's how your register route endpoint is defined.
How can I redirect to login page, after a user is registered on my web application with a message called "Your information is received and witing for admin approval.". By using laravel 5.4 version
Note: I have done the login and register by using Auth procress of laravel 5.4.
Edit: Here is my RegisterController
namespace App\Http\Controllers\Auth;
use App\User;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Validator;
use Illuminate\Foundation\Auth\RegistersUsers;
use Illuminate\Support\Facades\Storage;
class RegisterController extends Controller
{
/*
|--------------------------------------------------------------------------
| Register Controller
|--------------------------------------------------------------------------
|
| This controller handles the registration of new users as well as their
| validation and creation. By default this controller uses a trait to
| provide this functionality without requiring any additional code.
|
*/
use RegistersUsers;
/**
* Where to redirect users after registration.
*
* #var string
*/
protected $redirectTo = '/login';
/**
* Create a new controller instance.
*
* #return void
*/
public function __construct()
{
$this->middleware('guest');
}
/**
* Get a validator for an incoming registration request.
*
* #param array $data
* #return \Illuminate\Contracts\Validation\Validator
*/
protected function validator(array $data)
{
return Validator::make($data, [
'name' => 'required|string|max:255',
'email' => 'required|string|email|max:255|unique:users',
'password' => 'required|string|min:6|confirmed',
'userimage' => 'required|image'
]);
}
/**
* Create a new user instance after a valid registration.
*
* #param array $data
* #return User
*/
protected function create(array $data) {
$path = Storage::putFile('userimages',$data['userimage']);
$user = User::create([
'name' => $data['name'],
'email' => $data['email'],
'password' => bcrypt($data['password']),
'userimage' => $path,
'user_type' => 3
]);
return $user;
}
In RegisterController, by default Laravel login the user, so when you redirect back to login route. It gives you page is not redirecting properly error.
In your RegisterController add the register method :
/**
* Handle a registration request for the application.
*
* #param \Illuminate\Http\Request $request
* #return \Illuminate\Http\Response
*/
public function register(Request $request)
{
$this->validator($request->all())->validate();
event(new Registered($user = $this->create($request->all())));
return redirect($this->redirectPath())->with('message', 'Your message');
}
Also add this line of code on the top of RegisterController:
use Illuminate\Http\Request;
use Illuminate\Auth\Events\Registered;
I would like to get the email and password when I call AuthController#login method but there isn't in the controller.
My proyect : I want to save all activity from login , the bad passwords , bad email , how many time the user tried to enter to the system and the corrects logins of course .
My model UserActivity have this attributes: email,password,datetime .
I would like to create a new variable and save it userActivity->save(); when I call the POST method login.
I use
php artisan make:auth
but in the AuthController.php i only found that functions.
function __construct
function validator
function create
but i got that route with php artisan route:list command
POST | login | | App\Http\Controllers\Auth\AuthController#login | web,guest |
namespace App\Http\Controllers\Auth;
use App\User;
use Validator;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ThrottlesLogins;
use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;
class AuthController extends Controller
{
/*
|--------------------------------------------------------------------------
| Registration & Login Controller
|--------------------------------------------------------------------------
|
| This controller handles the registration of new users, as well as the
| authentication of existing users. By default, this controller uses
| a simple trait to add these behaviors. Why don't you explore it?
|
*/
use AuthenticatesAndRegistersUsers, ThrottlesLogins;
/**
* Where to redirect users after login / registration.
*
* #var string
*/
protected $redirectTo = '/';
/**
* Create a new authentication controller instance.
*
* #return void
*/
public function __construct()
{
$this->middleware($this->guestMiddleware(), ['except' => 'logout']);
}
/**
* Get a validator for an incoming registration request.
*
* #param array $data
* #return \Illuminate\Contracts\Validation\Validator
*/
protected function validator(array $data)
{
return Validator::make($data, [
'name' => 'required|max:255',
'email' => 'required|email|max:255|unique:users',
'password' => 'required|min:6|confirmed',
]);
}
/**
* Create a new user instance after a valid registration.
*
* #param array $data
* #return User
*/
protected function create(array $data)
{
return User::create([
'name' => $data['name'],
'email' => $data['email'],
'password' => bcrypt($data['password']),
]);
}
}
(I created laravel login this way because is easier, but i want to do only that diferent. Sorry my English is bad) .
There is method postLogin in Illuminate/Foundation/Auth/AuthenticatesUsers.php which can be overwritten.
Eg in AuthController add:
/**
* Handle a login request to the application.
*
* #param \Illuminate\Http\Request $request
* #return \Illuminate\Http\Response
*/
public function postLogin(Request $request)
{
dd($request->all());
return parent::postLogin($request);
}
I am new in laravel app development. When I am using auth middleware, then it works fine for unregistered user(redirecting to login page). But when logged user going to visit that page, then its redirecting to home page (root directory).
below the route from routes.php code is
Route::group(['middleware' => 'auth'], function () {
Route::resource('/edit', 'userController#edit');
});
Below my userController.php code is
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Http\Requests;
use App\allUsers;
class userController extends Controller
{
public function index(){
}
public function show($id){
}
public function edit(){
return view('auth.user_edit');
}
}
Below my authController code is
<?php
namespace App\Http\Controllers\Auth;
use App\User;
use Validator;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ThrottlesLogins;
use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;
class AuthController extends Controller
{
/*
|--------------------------------------------------------------------------
| Registration & Login Controller
|--------------------------------------------------------------------------
|
| This controller handles the registration of new users, as well as the
| authentication of existing users. By default, this controller uses
| a simple trait to add these behaviors. Why don't you explore it?
|
*/
use AuthenticatesAndRegistersUsers, ThrottlesLogins;
/**
* Where to redirect users after login / registration.
*
* #var string
*/
protected $redirectTo = '/dashboard';
/**
* Create a new authentication controller instance.
*
* #return void
*/
public function __construct()
{
$this->middleware($this->guestMiddleware(), ['except' => 'logout']);
}
/**
* Get a validator for an incoming registration request.
*
* #param array $data
* #return \Illuminate\Contracts\Validation\Validator
*/
protected function validator(array $data)
{
return Validator::make($data, [
'name' => 'required|max:255',
'email' => 'required|email|max:255|unique:users',
'password' => 'required|min:6|confirmed',
]);
}
/**
* Create a new user instance after a valid registration.
*
* #param array $data
* #return User
*/
protected function create(array $data)
{
return User::create([
'name' => $data['name'],
'email' => $data['email'],
'password' => bcrypt($data['password']),
]);
}
}
Anyone help me please.
You can overwrite the $redirectTo variable in your AuthController:
/**
* Where to redirect users after login / registration.
*
* #var string
*/
protected $redirectTo = '/dashboard';
Update:
Try Changing your route:
Route::group(['middleware' => 'auth'], function () {
Route::get('edit', 'userController#edit');
});
Route::resource creates all CRUD routes for your automatically.
https://laravel.com/docs/5.1/controllers#restful-resource-controllers
Yes Problem solved. Just changed the route
Route::group(['middleware' => ['web', 'auth']], function () {
Route::get('/edit', 'userController#edit');
});