I have made an Admin Interface(A very simple Admin Interface).But if i want to login as an admin,i can not able to logged in as an admin though my username and password is absolutely right.
My Admin Controllers resides,
app/
controller/
Admin/
AdminController.php
And My views resides
app/
views/
admin/
Admin-login.blade.php
and i have created routes something like this
Route::get('admin',array(
'as' => 'admin',
'uses' =>'Admin\AdminController#AdminLogin'
));
Route::group(array('before' => 'auth'),function(){
//These Urls are Intended page after Admin Sign In
Route::get('marriage-admin/',array(
'as' => 'marriage-admin',
'uses' => 'MarriageController#MarriageAdmin'
));
Route::post('edit-marital-data',array('as' => 'edit-marital-data','uses' => 'MarriageController#EditMarritalStatus'));
Route::post('searched-marital-data',array('as' => 'searched-marital-data','uses' => 'MarriageController#SearchMarriage'));
}
Route::group(array('before' => 'guest'),function(){
/* CSRF Protect*/
Route::group(array('before' => 'csrf'),function(){
Route::post('admin-marriage',array(
'as' => 'admin-marriage',
'uses' => 'Admin\AdminController#AdminLoginPost'
));
}
}
and this is my Admin Controller
<?php
namespace Admin;
class AdminController extends \BaseController{
public function AdminLogin(){
return \View::make('admin.login');
}
public function AdminLoginPost(){
$auth=\Auth::attempt(array(
'username' => \Input::get('username'),
'password' => \Input::get('password')
));
if($auth){
return \Redirect::intended('marriage-admin');
}else{
return \Redirect::route('admin')->with('global','The username or password you provided is wrong!');
}
return Rediret::route('admin')->with('global','Please Review Your Admin Database.');
}
}
?>
and i have also created a Admin.php model since i have a different table namely admins in my database.
<?php
use Illuminate\Auth\UserTrait;
use Illuminate\Auth\UserInterface;
use Illuminate\Auth\Reminders\RemindableTrait;
use Illuminate\Auth\Reminders\RemindableInterface;
class Admin extends Eloquent implements UserInterface, RemindableInterface {
public function getRememberToken()
{
return $this->remember_token;
}
public function setRememberToken($value)
{
$this->remember_token = $value;
}
public function getRememberTokenName()
{
return 'remember_token';
}
/*public static function blood_search($blood_group){
return static::where('blood_group','LIKE','%'.$blood_group.'%');
} */
protected $table = 'admins';
protected $fillable=array
( 'username',
'password'
);
use UserTrait, RemindableTrait;
}
in mention, page after login or you can say the dash bored of the Admin is taken from another controller namely MarriageController
Now if i try to logged in as an Admin.
i am getting the message
The username or password you provided is wrong!
which i have set in my Admin Controller, if auth is fail.
So why i am getting this message though the username and password i am providing is absolutely right ?
now my question is,am i missing some configuration for Admin??
Laravel doesn't use md5 encryption. While creating a user you need to Hash password using laravel Hash::make()
User::create(array(
'username' => Input::get('username'),
'password' => Hash::make(Input::get('password'))
));
If you want to manually insert it to database then
return Hash::make('yourpass');
then paste the returned result.
Related
After a huge search in the internet and in the forum, I just gave up...
I am develping a rest api using Laravel 8 and I am trying since week to make the email verification working using the officiel documentation for that, the email is always sent successfully once the user is registered event(new Registered($user));
The problem is that once I click on the link in the received email, I got redirected to the login page (which in this case is a post call)..
Here my routes/api.php:
Route::group(['namespace' => 'App\Http\Controllers', 'middleware' => ['api'], 'prefix' => 'auth'], function ($router) {
Route::post('login', 'AuthController#login')->name('login');
Route::post('register', 'AuthController#register');
Route::post('logout', 'AuthController#logout');
Route::post('profile', 'AuthController#profile')->middleware('verified');
Route::post('refresh', 'AuthController#refresh');
});
Route::group(['namespace' => 'App\Http\Controllers', 'middleware' => ['api']],function ($router) {
Route::get('/email/verify/{id}/{hash}', 'VerificationController#verify')->middleware(['auth', 'signed'])->name('verification.verify');
Route::get('/email/resend', 'VerificationController#resend')->middleware(['auth', 'throttle:6,1'])->name('verification.send');
});
And here my VerificationController:
<?php
namespace App\Http\Controllers;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Foundation\Auth\EmailVerificationRequest;
class VerificationController extends Controller
{
public function resend(Request $request)
{
$request->user()->sendEmailVerificationNotification();
return response()->json(['message' => __('auth.email_sent')], Response::HTTP_NO_CONTENT);
}
public function verify(EmailVerificationRequest $request)
{
$request->fulfill();
return response()->json(['message' => __('auth.user_verified_successfully')], Response::HTTP_RESET_CONTENT);
}
}
Last but not least, I added the LogVerifiedUser event to EventServiceProvider as required.
Any suggestion plz? I tried to remove the middleware auth from verify route, but it doesn't help me...
PS: I am using JWT for authentication
I had to develop exactly the same functionality for my rest laravel 8 api, I share my work with you, hoping to be able to help you.
To begin, your problem is that the user is redirected to the login page after clicking on the verification link. But the question is has the user been marked as verified in the database when he click ?
If it is marked as verified in the database after the click, the functionality is working but the problem is the redirection. Because if you are using a Rest API you would probably want the user to be redirected to a login or success page of your frontend application.
The last problem is your middleware. First in the api.php file the middleware for the connection is 'auth:api' instead of 'auth'. But for once you do not have to put middleware on the verification route otherwise you will have to have the user connect so that he validates his email and since you go through an API route it is pretty boring ...
Finally here is the solution I opted for :
1. In your app/Models/User.php implements MustVerifyEmail (Normally, from what I understood, that you already did, but I prefer to put it in case if other people go through this topic)
<?php
namespace App\Models;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Laravel\Passport\HasApiTokens;
class User extends Authenticatable implements MustVerifyEmail
{
use HasFactory, Notifiable, HasApiTokens;
/**
* The attributes that are mass assignable.
*
* #var array
*/
protected $fillable = [
'name',
'email',
'password',
];
/**
* The attributes that should be hidden for arrays.
*
* #var array
*/
protected $hidden = [
'password',
'remember_token',
];
/**
* The attributes that should be cast to native types.
*
* #var array
*/
protected $casts = [
'email_verified_at' => 'datetime',
];
}
2. In your app/Http/Controllers/AuthController.php add event on registered user (Normally, from what I understood, that you already did, but I prefer to put it in case if other people go through this topic)
<?php
namespace App\Http\Controllers;
use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Auth\Events\Registered;
class AuthController extends Controller
{
public function register(Request $request)
{
$validatedData = $request->validate([
'name' => 'required|max:55',
'email' => 'email|required|unique:users',
'password' => 'required|confirmed'
]);
$validatedData['password'] = bcrypt($request->password);
$user = User::create($validatedData);
event(new Registered($user));
$accessToken = $user->createToken('authToken')->accessToken;
return response(['user' => $user, 'access_token' => $accessToken]);
}
public function login(Request $request)
{
$loginData = $request->validate([
'email' => 'email|required',
'password' => 'required'
]);
if (!auth()->attempt($loginData)) {
return response(['message' => 'Invalid Credentials']);
}
$accessToken = auth()->user()->createToken('authToken')->accessToken;
return response(['user' => auth()->user(), 'access_token' => $accessToken]);
}
}
3. In your routes/api.php defines this routes :
// Verify email
Route::get('/email/verify/{id}/{hash}', [VerifyEmailController::class, '__invoke'])
->middleware(['signed', 'throttle:6,1'])
->name('verification.verify');
// Resend link to verify email
Route::post('/email/verify/resend', function (Request $request) {
$request->user()->sendEmailVerificationNotification();
return back()->with('message', 'Verification link sent!');
})->middleware(['auth:api', 'throttle:6,1'])->name('verification.send');
4. Create app/Http/Controllers/VerifyEmailController.php
<?php
namespace App\Http\Controllers;
use Illuminate\Auth\Events\Verified;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Routing\Controller;
use App\Models\User;
class VerifyEmailController extends Controller
{
public function __invoke(Request $request): RedirectResponse
{
$user = User::find($request->route('id'));
if ($user->hasVerifiedEmail()) {
return redirect(env('FRONT_URL') . '/email/verify/already-success');
}
if ($user->markEmailAsVerified()) {
event(new Verified($user));
}
return redirect(env('FRONT_URL') . '/email/verify/success');
}
}
Explanations:
With this solution we keep all the operation of checking the official documentation by email. Except that instead of checking if the user is connected to retrieve it and put his email in verified. We launch a method in a controller which will find the corresponding user to put it in verified.
I hope I was understandable and that it can help you :)
That's because in register() method you don't logged in the user immediately after registering the user, when the user click the link in the email, laravel auth middleware detect that current user who visit the link is not authenticated, so it redirect the user to login route. To solve this problem refer to #Matthieu Gelle answer but customizes it as follows:
in step number 2 just add this code
Auth::login($user);
below event(new Registered($user));
in step 3 use this middleware:
->middleware(['auth', 'signed'])->name('verification.verify');
for those who use sanctum:
->middleware(['auth:sanctum', 'signed'])->name('verification.verify');
and change method name from '__invoke' to 'verifyEmail'
in step 4 use this method:
public function verifyEmail(\Illuminate\Foundation\Auth\EmailVerificationRequest $request)
{
$request->fulfill();
return response()->json(['code' => 200, 'message' => "Verified successfully"], 200);
}
So i have been working with Laravel and Auth0 for some time now and i think i am at the end :)
I am able to log into my application using a link to the widget / hosted page
Now everything seems to be working and once the page callbacks to my site the user I saved in my database.
However, it doesn't seem that my application remembers the user.
When i attempt to check if a user is logged in:
$isLoggedIn = \Auth::check();
it says false
I have tried debugging multiple functions however with no results so i am kind of lost on where to start with this.
Does anyone know why this is happening?
My configuration
So this is my AuthController:
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Illuminate\Routing\Controller;
class AuthController extends Controller
{
public function __construct()
{
}
public function login()
{
return \App::make('auth0')->login(null, null, ['scope' => 'openid profile email'], 'code');
}
public function logout()
{
\Auth::logout();
return \Redirect::intended('/');
}
public function dump()
{
$isLoggedIn = \Auth::check();
return view('dump')
->with('isLoggedIn', $isLoggedIn)
->with('user',\Auth::user()->getUserInfo())
->with('accessToken',\Auth::user()->getAuthPassword());
}
}
Then in my web:
Route::get('/login', ['as' => 'login', 'uses' => 'AuthController#login']);
Route::get('/logout', ['as' => 'logout', 'uses' => 'AuthController#logout'])->middleware('auth');
Route::get('/dump', ['as' => 'dump', 'uses' => 'AuthController#dump', 'middleware' => 'auth'])->middleware('auth');
Route::get('/auth0/callback', '\Auth0\Login\Auth0Controller#callback');
I have created separate table called subscribers in mysql changed config/auth.php settings to 'model' => App\Subscribers::class, 'table' => 'subscribers'.
I have login form on home page, that submits to the home page.
so in routes i have below
Route::get('/', function () {
return view('home');
});
Route::post('/', 'LoginController#validate');
my LoginController
namespace App\Http\Controllers;
use App\Http\Requests;
use Illuminate\Support\Facades\Auth;
class LoginController extends Controller
{
public function validate()
{
// attempt to do the login
$auth = Auth::attempt(
[
'email' => strtolower(Input::get('email')),
'password' => Hash::make(Input::get('password'))
]
);
if ($auth) {
return Redirect::to('dashboard');
}
}
}
when i login i get below error
Declaration of App\Http\Controllers\LoginController::validate() should be compatible with App\Http\Controllers\Controller::validate(Illuminate\Http\Request $request, array $rules, array $messages = Array, array $customAttributes = Array)
You can't use 'validate' as a name for a function. It will conflict with:
App\Http\Controllers\Controller::validate
Also add an 'else' to your if statement so if your authentication fails you can redirect the user back to the login screen for example.
Hi i have a table name chat_users
I have connected users table for last few projects it working fine. But this is my first project i have a different table name chat_users
I want to login this table with username and password
I have tried but unable to login.
Please help me.
Code-
AppController.php
<?php
App::uses('Controller', 'Controller');
class AppController extends Controller {
public $components = array('Auth', 'Session', 'Email', 'Cookie', 'RequestHandler', 'Custom');
public $helpers = array('Html', 'Form', 'Cache', 'Session','Custom');
function beforeFilter() {
parent::beforeFilter();
$this->Auth->authenticate = array(
'Form' => array (
'scope' => array('ChatUser.is_active' => 1),
'fields' => array('ChatUser.username' => 'username', 'ChatUser.password' => 'password'),
)
);
}
}
?>
UsersController.php
<?php
App::uses('AppController', 'Controller');
class UsersController extends AppController {
public $name = 'Users'; //Controller name
public $uses = array('ChatUser');
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('login');
}
public function index() {
}
public function login() {
$this->layout='login';
if ($this->request->is('post')) {
if (!$this->Auth->login()) {
$this->Session->setFlash(__('Invalid username or password, try again'), 'error_message');
$this->redirect($this->Auth->redirect());
}
}
if ($this->Session->read('Auth.ChatUser')) {
return $this->redirect(array('action' => 'index'));
exit;
}
}
public function logout() {
return $this->redirect($this->Auth->logout());
}
}
Above query i am getting missing table.
See screenshot-
Your auth component configuration is incorrect. You are missing the appropriate userModel option, which defines the name of the model to use
And the fields configuration doesn't work the way your are using it, the keys must be named username and password, and the value can then contain the actual column name, however since your columns are obviously using the default names, there's no need to use this option at all.
$this->Auth->authenticate = array(
'Form' => array (
'scope' => array('ChatUser.is_active' => 1),
'userModel' => 'ChatUser'
)
);
Also the session key will always be Auth.User unless you are explicitly changing it via AuthComponent::$sessionKey:
$this->Auth->sessionKey = 'Auth.ChatUser';
However, you are better of using the auth component to access the user data anyways:
// Use anywhere
AuthComponent::user('id')
// From inside a controller
$this->Auth->user('id');
See also
Cookbook > Authentication > Configuring Authentication handlers
Cookbook > Authentication > Accessing the logged in user
I'm using Sentry 2.1 for authentication.
My User Model:
<?php namespace App\Models;
use Eloquent;
use Illuminate\Auth\UserInterface;
use Illuminate\Auth\Reminders\RemindableInterface;
class User extends \Cartalyst\Sentry\Users\Eloquent\User implements UserInterface, RemindableInterface {
/* Sentry Defaults omitted for brevity */
public function children()
{
return $this->hasMany('App\Models\Children');
}
public function getFullNameAttribute()
{
return trim($this->attributes['first_name'] . ' ' . $this->attributes['last_name']);
}
}
My login function:
$credentials = array(
'email' => Input::get('email'),
'password' => Input::get('password')
);
if (Auth::attempt($credentials))
{
$user = Sentry::authenticate($credentials, $remember);
return Redirect::to('/');
}
The reason why I'm using Auth::attempt and then Sentry::authenticate is because I am migrating from an old database to a new one, so I attach a hook/listener on auth.attempt so I can process checking for old password.
Now, after I'm logged in, I can't access the full_name accessor attribute.
$user = Sentry::getUser();
echo $user->full_name; // results in NULL
I think I'm missing a small thing here but I just can't find that missing piece.
Thanks for the help!
did you edit config of Sentry (dir: /app/config/packages/cartalyst/sentry/config.php") ??
from
'model' => 'Cartalyst\Sentry\Users\Eloquent\User',
to
'model' => 'App\Models\User',