I'm using Sentry 2.1 for authentication.
My User Model:
<?php namespace App\Models;
use Eloquent;
use Illuminate\Auth\UserInterface;
use Illuminate\Auth\Reminders\RemindableInterface;
class User extends \Cartalyst\Sentry\Users\Eloquent\User implements UserInterface, RemindableInterface {
/* Sentry Defaults omitted for brevity */
public function children()
{
return $this->hasMany('App\Models\Children');
}
public function getFullNameAttribute()
{
return trim($this->attributes['first_name'] . ' ' . $this->attributes['last_name']);
}
}
My login function:
$credentials = array(
'email' => Input::get('email'),
'password' => Input::get('password')
);
if (Auth::attempt($credentials))
{
$user = Sentry::authenticate($credentials, $remember);
return Redirect::to('/');
}
The reason why I'm using Auth::attempt and then Sentry::authenticate is because I am migrating from an old database to a new one, so I attach a hook/listener on auth.attempt so I can process checking for old password.
Now, after I'm logged in, I can't access the full_name accessor attribute.
$user = Sentry::getUser();
echo $user->full_name; // results in NULL
I think I'm missing a small thing here but I just can't find that missing piece.
Thanks for the help!
did you edit config of Sentry (dir: /app/config/packages/cartalyst/sentry/config.php") ??
from
'model' => 'Cartalyst\Sentry\Users\Eloquent\User',
to
'model' => 'App\Models\User',
Related
I'm getting below error when trying login with google or Facebook.
Argument 1 passed to Illuminate\Auth\Guard::login() must implement
interface Illuminate\Contracts\Auth\Authenticatable, null given
i'm using socialite package for laravel. what is the problem, i'm unable to solve it.i'm first time using laravel Socialite package
use App\User;
use App\Http\Controllers\Controller;
use Illuminate\Auth\Events\Registered;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Validator;
use Illuminate\Foundation\Auth\RegistersUsers;
use Laravel\Socialite\Facades\Socialite;
class RegisterController extends Controller
{
protected function create(array $data)
{
return User::create([
'name' => $data['name'],
'email' => $data['email'],
'password' => bcrypt($data['password']),
'user_type' => 'user',
'active_status' => '1'
]);
}
public function redirectToProvider()
{
return Socialite::driver('facebook')->redirect();
}
public function handleProviderCallback()
{
try{
$socialuser = Socialite::driver('facebook')->stateless()->user();
}
catch(exception $e){
return redirect('/');
}
$user=User::where('facebook_id',$socialuser->getid())->first();
if(!$user)
User::create([
'facebook_id'=>$socialuser->getid(),
'email'=>$socialuser->getemail(),
'name'=>$socialuser->getname(),
]);
auth()->login($user);
return redirect()->to('/dashboard');
}
}
Please help me.i'm a beginner.
Thanks
Check your User model make sure it implements Authenticable. I'd guess it currently extends Model but doesn't use Authenticable. Post it here to let use confirm it looks ok.
How to integrate laravel throttle if I did not use the default LoginController given by laravel?
here's my controller:
use AuthenticatesUsers;
//function for login
public function login(Request $requests){
$username = $requests->username;
$password = $requests->password;
/**to login using email or username**/
if(filter_var($username, FILTER_VALIDATE_EMAIL)) {
Auth::attempt(['email' => $username, 'password' => $password]);
} else {
Auth::attempt(['username' => $username, 'password' => $password]);
}
if(Auth::check()){
if(Auth::user()->type_user == 0){
return view('users.dashboard');
}
else{
return view('admin.dashboard');
}
}
else{
return Redirect::back()->withInput()->withErrors(['message'=>$login_error],'login');
}
}
I want to limit the failed logins but I can't seem to make it work using my own controller. Can you guys help me please?
add the following code inside your method. make it the first thing
// If the class is using the ThrottlesLogins trait, we can automatically throttle
// the login attempts for this application. We'll key this by the username and
// the IP address of the client making these requests into this application.
if ($this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request);
return $this->sendLockoutResponse($request);
}
now add the following code where log in fails. this will increment the failed attempt count.
$this->incrementLoginAttempts($request);
on successful login, add the following code so it resets.
$this->clearLoginAttempts($request);
Try adding throttling to your controller's constructor, like so:
/**
* Create a new login controller instance.
*
* #return void
*/
public function __construct()
{
$this->middleware('throttle:3,1')->only('login');
}
Unfortunately, the Laravel docs don't say much about throttling:
https://laravel.com/docs/6.x/authentication#login-throttling
However, the 3,1 part of the string corresponds to a maximum of 3 tries with a decay time of 1 minute.
throttle could be defined in /project-root/laravel/app/Http/Kernel.php in the routeMiddleware array like so:
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,.
The Laravel documentation explains this method here: https://laravel.com/docs/6.x/middleware#assigning-middleware-to-routes
use Trait ThrottlesLogins present in Illuminate\Foundation\Auth and override the 2 functions as mentioned below. I have tested it on Laravel 5.6 and working fine.
public function maxAttempts()
{
//Lock out on 5th Login Attempt
return 5;
}
public function decayMinutes()
{
//Lock for 1 minute
return 1;
}
Although, this answer is very late, but here is , what i did, and it worked. I hope it helps you too. I am using laravel 5.2.
<?php
namespace App\Http\Controllers;
use App\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\MessageBag;
use Cookie;
use Illuminate\Foundation\Auth\ThrottlesLogins;
use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;
class UserController extends Controller
{
/** Add This line on top */
use AuthenticatesAndRegistersUsers,ThrottlesLogins;
/** This way, you can control the throttling */
protected $maxLoginAttempts=3;
protected $lockoutTime=300;
public function postUserSignIn(Request $request)
{
/** This line should be in the start of method */
if ($this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request);
return $this->sendLockoutResponse($request);
}
/** Validate the input */
$validation = $this->validate($request,[
'email' => 'required|email',
'password' => 'required|min:4'
]);
/** Validation is done, now login user */
//else to user profile
$check = Auth::attempt(['email' => $request['email'],'password' => $request['password']]);
if($check){
$user = Auth::user();
/** Since Authentication is done, Use it here */
$this->clearLoginAttempts($request);
if ($user->role == 1 || $user->role == 2){
if(Session::has('cart')){
return redirect()->route('cart');
}
return redirect()->intended();
}elseif($user->role == 99) {
return redirect()->route('dashboard');
}
}else{
/** Authentication Failed */
$this->incrementLoginAttempts($request);
$errors = new MessageBag(['password' => ['Email and/or Password is invalid']]);
return redirect()->back()->withErrors($errors);
}
}
}
Route::post('login', ['before' => 'throttle:2,60', 'uses' => 'YourLoginController#Login']);
if ($this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request);
return redirect()->route('login')->with('alert-warning', 'Too many login attempts');
}
protected function hasTooManyLoginAttempts(Request $request)
{
$maxLoginAttempts = 3;
$lockoutTime = 1; // In minutes
return $this->limiter()->tooManyAttempts(
$this->throttleKey($request), $maxLoginAttempts, $lockoutTime
);
}
try my version:
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
class LoginController extends Controller{
use AuthenticatesUsers;
public function login(Request $request){
if($this->hasTooManyLoginAttempts($request)){
$this->fireLockoutEvent($request);
return $this->sendLockoutResponse($request);
}else{
if (Auth::attempt(['username' => $request->login_username, 'password' => $request->login_password])) {
session()->put(['username'=>Auth::user()->username,'userid'=>Auth::user()->id]);
return redirect()->intended('anydashboard');
}else{
$this->incrementLoginAttempts($request);
//my '/' path is the login page, with customized response msg...
return redirect('/')->with(['illegal'=>'Login failed, please try again!'])->withInput($request->except('password'));
}
}
}
}
in order to use Eloquent Model Auth (which is default), your AUTH_MODEL should implements AuthenticatableContract, so double check your model:
namespace App;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Auth\Authenticatable;
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
class User extends Model implements AuthenticatableContract,CanResetPasswordContract
{
use Authenticatable, CanResetPassword;
//protected $fillable = [];
...
}
Hey guys I'm trying to learn PHP frameworks as well as OOP and I'm using Laravel 5.1 LTS.
I have the following code in my AuthController
<?php
namespace App\Http\Controllers\Auth;
use App\Verification;
use Mail;
use App\User;
use Validator;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ThrottlesLogins;
use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;
class AuthController extends Controller
{
use AuthenticatesAndRegistersUsers, ThrottlesLogins;
private $redirectTo = '/home';
public function __construct()
{
$this->middleware('guest', ['except' => 'getLogout']);
}
protected function validator(array $data)
{
return Validator::make($data, [
'name' => 'required|max:255',
'email' => 'required|email|max:255|unique:users',
'password' => 'required|confirmed|min:6',
]);
}
protected function create(array $data){
$user = User::create([
'name' => $data['name'],
'email' => $data['email'],
'password' => bcrypt($data['password']),
]);
// generate our UUID confirmation_code
mt_srand((double)microtime()*15000);//optional for php 4.2.0 and up.
$charid = strtoupper(md5(uniqid(rand(), true)));
$uuid = substr($charid, 0, 8)
.substr($charid, 8, 4)
.substr($charid,12, 4)
.substr($charid,16, 4)
.substr($charid,20,12);
$data['confirmation_code'] = $uuid;
// pass everything to the model here
$setVerification = new Verification();
$setVerification->setVerificationCode($data['email'], $data['confirmation_code']);
// send email for confirmation
Mail::send('email.test', $data, function ($m) use ($data){
$m->from('test#test.com', 'Your Application');
$m->to($data['email'])->subject('Thanks for register! Dont forget to confirm your email address');
});
return $user;
}
}
my error message Class 'Models\Verification' not found is coming from this piece of code here
// pass everything to the model here
$setVerification = new Verification();
$setVerification->setVerificationCode($data['email'], $data['confirmation_code']);
which looks right to my beginner's eyes, but it's clearly wrong.
Here is my Verification class that has the setVerificationCode method
<?php
namespace App\Http\Controllers;
use App\User;
use DB;
use App\Http\Controllers\Controller;
class Verification {
/**
* This method will update the confirmation_code column with the UUID
* return boolean
**/
protected function setVerificationCode($email, $uuid) {
$this->email = $email;
$this->uuid = $uuid;
// check to see if $email & $uuid is set
if (isset($email) && isset($uuid)) {
DB::table('users')
->where('email', $email)
->update(['confirmation_code' => $uuid]);
return TRUE;
} else {
return FALSE;
}
}
/**
* This method will validate if the UUID sent in the email matches with the one stored in the DB
* return boolean
**/
protected function verifyConfirmationCode() {
}
}
Please give the following in AuthController
use App\Http\Controllers\Verification;
instead of
use App\Verification;
If we give use App\Verification , it will check if there is any model named Verification.
its seems that, you are missing something, which, Extend your Model with eloquent model
use Illuminate\Database\Eloquent\Model;
class Verification extends Model
{
and the rest is seems fine.
also share your verification model code
Updated
instead of your this line
use App\Verification;
do this
use App\Models\Verification;
as you created custom directory for your Models then its better to auto load it in your composer.json file. add this line "app/Models" in your "autoload" section. follow this
"autoload": {
"classmap": [
"database",
"app/Models"
],
and after that, run this command in your project repo composer dump-autoload
In code with the comment "THIS IS NOT WORKING", I can't authorize.
I get user object and use Auth::login($user) but it doesn't work.
User in this moment creates in database.
public function login(Request $request)
{
if(Auth::check()) {
return redirect('home');
}
if($request->isMethod('post')) {
if($request->has('username') && $request->has('password')) {
$inputs = $request->except('_token');
if(!Auth::attempt(['username' => $inputs['username'], 'password' => $inputs['password']])) {
$user = $this->registerUser($inputs);
if($user) {
Auth::login($user);
}
}
}
return (Auth::check()) ? redirect()->route('home') : redirect()->back()->with('form_error', true);
}
return view('pages.auth.login');
}
User.php maybe here is something wrong?
namespace App\Models\system;
use Illuminate\Auth\Authenticatable;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Foundation\Auth\Access\Authorizable;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\Access\Authorizable as AuthorizableContract;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
class User extends Model implements AuthenticatableContract,
AuthorizableContract,
CanResetPasswordContract
{
use Authenticatable, Authorizable, CanResetPassword;
protected $primaryKey = 'uid';
protected $table = 'eltk.dbo.system_users';
protected $guarded = [];
protected $hidden = ['password', 'remember_token'];
}
Let's start step by step.
Why did you create user on a method where you need to handle just login logic?
What's the name of your database? Is it eltk or dbo or what? Define it in config/database.php under 'database' or in .env and use in model just table name, not name of the whole table, is not necessary.
In login method you need something like this:
public function processLogin(Request $request){
if(Auth::attempt(['email' => $request->input('email'), 'password' => $request->input('password'), 'active' => 1])){
return redirect('/');
}else{
return redirect('login')->withMessage('User with this email and/or password does not exist or your account is not active.');
}
}
And btw, when you in if-else statement login user afterward you need to redirect him on some route.
I have made an Admin Interface(A very simple Admin Interface).But if i want to login as an admin,i can not able to logged in as an admin though my username and password is absolutely right.
My Admin Controllers resides,
app/
controller/
Admin/
AdminController.php
And My views resides
app/
views/
admin/
Admin-login.blade.php
and i have created routes something like this
Route::get('admin',array(
'as' => 'admin',
'uses' =>'Admin\AdminController#AdminLogin'
));
Route::group(array('before' => 'auth'),function(){
//These Urls are Intended page after Admin Sign In
Route::get('marriage-admin/',array(
'as' => 'marriage-admin',
'uses' => 'MarriageController#MarriageAdmin'
));
Route::post('edit-marital-data',array('as' => 'edit-marital-data','uses' => 'MarriageController#EditMarritalStatus'));
Route::post('searched-marital-data',array('as' => 'searched-marital-data','uses' => 'MarriageController#SearchMarriage'));
}
Route::group(array('before' => 'guest'),function(){
/* CSRF Protect*/
Route::group(array('before' => 'csrf'),function(){
Route::post('admin-marriage',array(
'as' => 'admin-marriage',
'uses' => 'Admin\AdminController#AdminLoginPost'
));
}
}
and this is my Admin Controller
<?php
namespace Admin;
class AdminController extends \BaseController{
public function AdminLogin(){
return \View::make('admin.login');
}
public function AdminLoginPost(){
$auth=\Auth::attempt(array(
'username' => \Input::get('username'),
'password' => \Input::get('password')
));
if($auth){
return \Redirect::intended('marriage-admin');
}else{
return \Redirect::route('admin')->with('global','The username or password you provided is wrong!');
}
return Rediret::route('admin')->with('global','Please Review Your Admin Database.');
}
}
?>
and i have also created a Admin.php model since i have a different table namely admins in my database.
<?php
use Illuminate\Auth\UserTrait;
use Illuminate\Auth\UserInterface;
use Illuminate\Auth\Reminders\RemindableTrait;
use Illuminate\Auth\Reminders\RemindableInterface;
class Admin extends Eloquent implements UserInterface, RemindableInterface {
public function getRememberToken()
{
return $this->remember_token;
}
public function setRememberToken($value)
{
$this->remember_token = $value;
}
public function getRememberTokenName()
{
return 'remember_token';
}
/*public static function blood_search($blood_group){
return static::where('blood_group','LIKE','%'.$blood_group.'%');
} */
protected $table = 'admins';
protected $fillable=array
( 'username',
'password'
);
use UserTrait, RemindableTrait;
}
in mention, page after login or you can say the dash bored of the Admin is taken from another controller namely MarriageController
Now if i try to logged in as an Admin.
i am getting the message
The username or password you provided is wrong!
which i have set in my Admin Controller, if auth is fail.
So why i am getting this message though the username and password i am providing is absolutely right ?
now my question is,am i missing some configuration for Admin??
Laravel doesn't use md5 encryption. While creating a user you need to Hash password using laravel Hash::make()
User::create(array(
'username' => Input::get('username'),
'password' => Hash::make(Input::get('password'))
));
If you want to manually insert it to database then
return Hash::make('yourpass');
then paste the returned result.