I have some problem with Auth::attempt. When i write good Login with bad password attempt login into website anyway with wrong user. Why it dont work ?
Method:
public function postLogin(LoginRequest $request) {
if (Auth::attempt(["name" => $request["name"], "password" => $request["password"]])) {
return Redirect::route("home");
} else {
return Redirect::route("home");
}
}
LoginRequest
class LoginRequest extends Request {
public function rules() {
return [
"name" => "required|exists:users",
"password" => "required",
];
}
public function messages(){
return [
"name.required" => "Login is empty.",
"password.required" => "Password is empty.",
"name.exists" => "User not found.",
];
}
}
I know i redirect to same view, but view have 2 options for auth and !auth, but I see auth page when I login with good login and bad password, other options works. What did I wrong ?
Regards
edit:
view
<form action={{ route("login") }} method="post">
<input class="form-control" type="text" name="name" /><br />
<input class="form-control" type="password" name="password" /><br />
<input class="form-control" type="hidden" name="_token" value="{{ csrf_token() }}" /><br />
Remember me! <input class="form-control" type="checkbox" name="remember_me" value=""/><br />
<input class="btn btn-primary" type="submit" value="Zaloguj" />
</form>
the password column is named "password" ? and is hashed?
you can see the doc for more information.
https://laravel.com/docs/5.2/authentication#authenticating-users
Related
I am trying to reset the password but I am getting the error message "Trying to get property of non-object".
I have also attached the screen shot of my error please have a look at it.
My Controller for resetting the password:
class ResetPasswordController extends Controller
{
protected $user;
public function __construct(User $user)
{
$this->user = $user;
}
public function showResetForm(Request $request, $token = null)
{
return view('auth.passwords.reset')->with(
['token' => $token, 'email' => $request->email]
);
}
public function reset(Request $request)
{
try {
$password = $this->user->where('id', Auth::user()->id)->value('password');
if(Hash::check($request->input('current_password'),$password)) {
$this->user->where('id', Auth::user()->id)->update(['password' => bcrypt($request->input('new_password'))]);
$token = $request->header('Authorization');
JWT::invalidate($token);
Auth::logout();
return response(['status' => true, 'message' => 'Password changed successfully'], 200);
} else {
return response(['status' => false, 'message' => 'The Current Password is invalid.'], 200);
}
} catch (\Exception $ex) {
return response(['status' => false, 'message' => $ex->getMessage()], 500);
}
}
}
My Routes configuration:
\Illuminate\Support\Facades\Auth::routes();
Route::get('password/reset/{token}', 'Auth\ResetPasswordController#showResetForm');
Route::post('password/reset', 'Auth\ResetPasswordController#reset')->name('password.request');
My View template:
<form action="{{ route('password.request') }}" method="post">
<input type="hidden" name="_token" value="{{ csrf_token() }}">
<div class="form-group">
<label for="login-form-email">Current Password</label>
<input type="password" class="form-control" name="current_password" id="login-form-password" tabindex="2" placeholder="Current Password" tabindex="4">
</div>
<div class="form-group">
<label for="login-form-password">New password</label>
<input type="password" class="form-control" name="new_password" id="login-form-password" tabindex="2" placeholder="New Password" tabindex="4">
</div><!-- /.form-group -->
<div class="form-group">
<label for="login-form-password-retype">Confirm new password</label>
<input type="password" class="form-control" name="new_password_confirmation" id="login-form-password-retype" tabindex="3" placeholder="Confirm password">
</div><!-- /.form-group -->
<div class="form-group">
<input type="submit" class="btn btn-primary pull-right" name="reset-confirm" id="reset-confirm" tabindex="4" value="Reset Password">
</div>
</form>
How can I find a solution based on this code and error message?
User doesn't need to be a member
Your first problem is here:
public function __construct(User $user)
You're injecting a user, without it knowing what user to use, unless this is coming from middleware. So the constructor shouldn't take a user, nor do you need to protected member. If you really want it as a protected member you could do the following:
public function __construct()
{
$this->user = Auth::user();
}
But since you have Auth::user(), you don't need it as a member.
where on a Model is Static
You have
$this->user->where('id', Auth::user()->id)->value('password')
Model's where function is a static function you shouldn't call it on an individual object. Instead you shoud call it using the scoping operator (::). Most versions of PHP should error out at that point. The correct way to get the current user's password hash from the database is:
$hash = Auth::user()->password;
If you had an id, you could:
$hash = User::where('id','=',$userId)->get()->password;
If you kept the user as a member (against the recommendation) but did it as in the above section of this answer, you could:
$hash = $this->user->password
Why?
Lastly, the Auth module from Laravel in modern versions already takes care of this for you in app\Http\Controllers\Auth. Why are reinventing the wheel?
I have small issue with authentication when user try to login but the username and password not matched in table how can return to login page with error massage
login.blade.php
<form class="login-box animated fadeInUp" action="valdateData" method="POST" >
{{csrf_field()}}
<div class="box-header">
<h2>Log In</h2>
</div>
<label for="username">Username</label>
<br/>
<input type="text" id="username" name="username">
<br/>
<label for="password">Password</label>
<br/>
<input type="password" id="password" name="password">
<br/>
<button type="submit">Sign In</button>
<br/>
<p class="small">Forgot your password?</p>
</form>
web.php
Route::post('/testgetvalue','OrdersController#GetValues');
Route::get('/ES','OrdersController#PrepareIndex');
Route::get('/loginForm','LoginController#ShowLoginPage');
Route::post('/valdateData','LoginController#checkValidate');
Route::post('login/{id}','LoginController#ShowErrorMassege');
LoginController.php
public function ShowLoginPage()
{
return view('/loginForm');
}
public function checkValidate(Request $request)
{
$username=$request->input('username');
$password=$request->input('password');
$isVald=true;
$checkValdate = \DB::table('authentications')
->where(['username'=>$username,'password'=>$password])
->get();
if(count($checkValdate) > 0)
{
$isVald=true;
session()->set('UserValidate','true');
session()->set('username',$username);
//$value=session()->get('test');
// echo "session "+$value;
return redirect('/es');
} else {
return redirect('/login/'.$isVald);
}
}
in this part
return redirect('/login/'.$isVald);
how can return to login page with error message
thanks
$validator = Validator::make($request->all(), [
'username'=>'required|min:3|max:30',
'password'=>'digits_between:1,5000',
]);
if ($validator->fails())
{
return redirect()->back()->with('error', sprintf('Server failed provided data validation.Please try again and follow the validation rules as instructed.'));
}
Here is a example of how you can do it, depends on your validatin rules. You can also define partials with a costum message foreach error, you should also use "use Illuminate\Support\Facades\Validator;" in your controller
I'm having some trouble with my form, on submit I get the error 'Whoops, looks like something went wrong.'.
I'm using Laravel 4.2, my routes look like this:
Route::get('/', function()
{
return View::make('index');
});
Route::post('/', array('as' => 'login', 'uses' => 'HomeController#login'));
And my form looks like this:
<form action="{{ action('HomeController#login') }}" method="post">
<input class="signUpField-index" id="signUpEmail-index" type="text" placeholder="Email Address (required, but never shown) *" name="email" />
<input class="signUpField-index" id="signUpPassword-index" type="password" placeholder="Password *" name="password" />
<input id="signUpSubmit-index" type="submit" value="Sign Up" />
<input name="_token" type="hidden" value="{{ csrf_token() }}"/>
</form>
And my controller looks like this:
<?php
class HomeController extends BaseController {
public function showIndex()
{
return View::make('index');
}
public function login() {
//return var_dump(_POST);
return View::make('index');
}
}
I think it might be the action that is incorrect but I am not too sure, I've tried to look at other examples and tutorials like here: Adding form action in html in laravel, but they have not helped.
Thanks in advance.
Its not action,its url.
Use:
<form url="your action" method="post">
</form>
But if you want to stay on a same page,use Ajax for submit.
I've made a login function in which I render a template after checking the login and password. This's the form that i've made inside a template.
<form action="{{ path("login") }}" method="post" id="formulaire_connexion">
<label class="control-label">Email
<input type="text" name="email" id="email" placeholder="your#email.com" onclick="this.select()"/>
</label>
<label class="control-label">Password</br>
<input type="password" name="password" id="password" placeholder="*********" onclick="this.select()"/>
</label>
<input type="checkbox" id="remember_me" name="remember_me"><label for="remember_me">Remember me </label></br>
<button type="submit" id="connexion" name="connexion">Connexion</button>
</form>
And this's the logging check method :
public function loginAction(Request $request)
{
$mail = $request->get('email');
$pass = $request->get('password');
$oauth = new OAuth($mail, $pass);
$baseUrl = "http://api.localhost/v1/";
$connexion = "{$baseUrl}login/".$mail."/".$pass;
$oauth->fetch($connexion, $_REQUEST, OAUTH_HTTP_METHOD_GET);
$reponseInformations = json_decode($oauth->getLastResponse(), true);
if (!$reponseInformations) {
$data['erreur'] = "Bad credentials";
return $this->render('EspacePointDeVenteBundle:Authentication:authentication.html.twig', array(
'erreur' => $data,
));
}else{
return $this->render('EspacePointDeVenteBundle:Home:index.html.twig', array(
'reseau' => $reseau,
'identifiant' => $key,
'key' => $identifiant,
));
}
}
After a wrong login connexion I render the same login template, but the routing is changed to /login instead of havig /index per example. What I need to know how to keep the same routing even if we called a foreign method.
I am trying to get the login to work in Kohana, but so far it fails to log the user in.
I have been successfully able to create new users, so I have all the tables set up.
My view for the login page is as follows,
<td style="vertical-align:top">
<div id="log_in">
<form class="pure-form pure-form-stacked" action="/kohana-blog/index.php/signup/login" method="post">
<fieldset>
<legend>Log In</legend>
<label for="username">Username</label>
<input id="username" name="username" type="text" placeholder="nonamedude" required>
<label for="password">Password</label>
<input id="password" name="password" type="password" placeholder="Password" required>
<label for="remember" class="pure-checkbox"></label>
<input id="remember" type="checkbox"> Remember me
<br>
<button type="submit" class="pure-button notice">Log In</button>
</fieldset>
</form>
</div>
</td>
My controller is as follows
$this->template->content = View::factory('signup/home')
->bind('message', $message);
if (HTTP_Request::POST == $this->request->method())
{
$remember = array_key_exists('remember', $this->request->post()) ? (bool) $this->request->post('remember') : FALSE;
$remember = FALSE;
$user = Auth::instance()->login($this->request->post('username'), $this->request->post('password'), $remember);
if ($user)
{
Request::current()->redirect('signup/home');
}
else
{
$message = "login failed";
}
}
I can't figure out why it doesn't authenticate the user.
My auth.php is as follows:
'driver' => 'orm',
'hash_method' => 'sha256',
'hash_key' => 'somerandomstring',
'lifetime' => 1209600,
'session_type' => Session::$default,
'session_key' => 'auth_user',
Additionally, the roles_users table have the correct values and the users table has the data from the form.
Is there a way to debug this to find the source of the issue?
First of all make sure your user has login role assigned in roles_users table.
By default you won't be able to login if you don't have this role.
Btw. it's cleaner to write:
$post = $this->request->post();
$user = Auth::instance()->login($post['email'], $post['password'], isset($post, 'remember'));