I can’t do Laravel Authentication 5.2

Asked

Viewed 772 times

2

I’ve been trying for some time to make an authentication and I can’t, I’m a beginner in the business, who is willing to help me know that you will be practically saving my life, because I’ve thought about giving up several times to work with this.

I am calling a controller method from the login form./

View:

{{Form::open(array('action' => 'UsuarioController@Login', 'method' => 'POST'))}}

In the controller I am setting a variable and looking in the database if there is the login entered according to the table login field, then I check if the login and password returns true to redirect the desired view, if not, returns the login view. /

Controller:

class UsuarioController extends Controller
{
    public function Login(Request $request)
    {
        $usuario = UsuarioEsic::where('login','=',$request->get('login'))->first();

        if ($usuario && $usuario->senha)      {

            Auth::login($usuario);

            return view('e_sic.usuario.esic_content');   

        } else { 
           return view('e_sic.inicio.esic_conteudo'); 
        }

    }
}

Model:

    class UsuarioEsic extends Model
{
    protected $table = 'usuario_esic';
    public $timestamps = false;
    public static $snakeAttributes = false;
    protected $dates = ['dataNasc'];
}

Obs: I did not understand well the thing of the routes using auth, I thought I was doing right as the tutorials I saw.

Route:

Route::group(['middleware' => 'auth'], function(){
    Route::auth();
    Route::post('/Login', 'UsuarioController@Login');
});

Auth.php:

'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model' => Portal\Entity\Local\UsuarioEsic::class,
        ],

Authcontroller:

protected $redirectTo = 'Esic/Conteudo';

Every time I try to log in it says that the page was not found and redirects me to the url I have or not typed anything in the login form.

I’ve researched several topics on various forums, I’ve seen videos and read tutorials about it and yet I can’t make progress on it, I know how hard I have to learn things, but I’m here asking someone with a good heart to waste some of their time teaching me/ explaining how I make it work perfectly, please ! Grateful from now on.

Note: Any questions about the code I am willing to pass on any information !

1 answer

3


Basically what I noticed in your code has errors even security in the authentication part, because:

Is made a select at the base and compares true && true along those lines (if ($usuario && $usuario->senha) and have it authenticated without checking, that’s a security breach everyone will log into your site and then you’ve seen what happens.

A basic authentication would be with a method like this:

public function auth(Request $request)
{

    $values = $request->values();

    if (Auth::attempt($values, false))
    {    
        return redirect()->intended('admin/');
    }

    return 'error';

}

In that $request comes two information: email and password and in that method of Auth::attempt it checks if the user exists, if yes, authenticates the user giving permission to uses the restrictive area, if it does not give a message from "error" that at this time you can work the information from Invalid login and so on.


In the route part it works like this: (it depends a lot on the logic used)

Example: Route Login

Route::group(['middleware' => ['web'], 'namespace' => 'Admin'], function ()
{
 Route::get('/admin/login', ['as'=>'admin.login','uses'=>'LoginController@index']);
 Route::post('/admin/auth', ['as'=>'admin.auth','uses'=>'LoginController@auth']);
});

Example: Route que vai utilizar a autenticação

Route::group(['middleware' => ['web', 'auth'], 'namespace' => 'Admin'], function ()
{
    //CREDIT
    Route::get('/admin/credit', ['as' => 'credit', 'uses' => 'CreditController@index']);
    ...
});

That is, in the routes of login can’t have auth that checks if any user is logged in, already in the other routes that need authentication has been added auth


Also configure in Middleware Authenticate (briefcase app\Http\Middleware)

class Authenticate
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @param  string|null  $guard
     * @return mixed
     */
    public function handle($request, Closure $next, $guard = null)
    {
        if (Auth::guard($guard)->guest())
        {
            if ($request->ajax() || $request->wantsJson())
            {
                return response('Unauthorized.', 401);
            }
            else
            {
                return redirect()->guest('admin/login');
            }
        }
        return $next($request);
    }
}

your authentication redirect: return redirect()->guest('admin/login');, in my case is admin/login.

  • Friend, thank you so much for being willing to help me, I have some questions in your example above, in $request you told me that it has two information, which in case is email and password, how would I change to the fields desired by me? For example: Login and Password .

  • Dude, I don’t think this area is for me, even though so many tutorials and examples I can’t do a simple authentication. Complicated !

  • In a form put two text boxes with the said name (email and password)

  • But I want to have full control of what I’m doing, it’s important to know how to do things manually instead of just using the system totally ready, I could give the 'php Artisan make:auth' and edit everything that is feasible, however I need to learn what to do, Only it’s a little complicated, I’m a layman.

  • @Lincolnbinda I understand your concern to learn and it is valid, but here at stackoverflow would be hard I believe I teach a step by step, apologies, but, I think the site is to ask immediate questions within contexts. (If I’m not mistaken) There are courses in Laravel you could join this group that is very active: http://laravel-br.slack.com/ sign up - there the staff can help you mainly in courses.

  • Good John, thanks for your help, man. Note: I have a certain notion, I’ve done some things and learned a lot in this time of study, not to mention the help I had here on the forum, but in particular, in the case of authentication I’m getting a lot, did not get in my head anyway, Anyway, I’ll try harder, thanks again.

Show 1 more comment

Browser other questions tagged

You are not signed in. Login or sign up in order to post.