Manual authentication of a table field in the Laravel Framework 5.3

Asked

Viewed 369 times

1

I’m starting now with the Framewok Laravel 5.3., however quado crio with artisan o make:auth it automatically creates the views, model, and controllers concerning Login. Only I added a field to tables users called status of the kind boolean. I need to make a check if that status this as true (1) or false (0).

How would I do this procedure. So, I thought, I create an example object:

$data = Auth::user();

and would check with the if

if($data->status === true){

he would enter the session

} else {

it would return to login with a message saying that its status is currently disabled.

}

Because if you don’t have this check, the user will simply log into the admin panel. I hope you understand.

oop laravel-5 logic

  • That field status will be changed at your discretion, right? It’s just one more step of verification until the login is successful?

1 answer

1


Create a middleware and configure your project on the administration routes whether you can or not, follow the step by step:

On the console type:

php artisan make:middleware CheckStatus

will be created in the folder app/Http/Middleware an archive CheckStatus.php edit as follows:

<?php

namespace App\Http\Middleware;

use Closure;

class CheckStatus
{        
    public function handle($request, Closure $next)
    {
        if (\Auth::user()->status == 1) 
        {
            return redirect('home');
        }    
        return $next($request);
    }

}

to register this middleware servant CheckStatus amid app/Http/Kernel.php in $routeMiddleware add a key (auth status.) as follows:

protected $routeMiddleware = [
    'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
    'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
    'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
    'can' => \Illuminate\Auth\Middleware\Authorize::class,
    'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
    'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,

    'auth.status' => \App\Http\Middleware\CheckStatus::class,
];

then add on your route(s) (Route):

On a route:

Route::get('admin/', function () 
{

})->middleware('auth.status');

In a group of routes:

Route::group(['middleware' => 'auth.status'], function () {
    Route::get('/admin/change', function ()    
    {

    });

    Route::get('admin/profile', function () 
    {

    });
});

Can also be added direct on Controller:

class AdminController extends Controller
{
    public function __construct()
    {
        $this->middleware('auth.status');

    }
}

In that link has the translation made by Craftsmen group .

References:

  • Look at my route up there, as it is still passing without checking the status field.

  • Look at my route . Even so it is still passing even with my table field being 0 . right was for it to pass if it is == 1 is not? Route::group(['url' => 'admin', 'middleware' => 'auth.status', 'prefix' => 'admin', 'namespace' => 'Admin'], Function() { Route::get('admin', Function() { Return view('Panel.admin_template'); }); Route::get('profile', 'Profilecontroller@profile'); Route::post('profile', 'Profilecontroller@update_avatar'); Route::Resource('article', 'Artigocontroller'); });

  • @Natanmelo status == 1 is what you did. Because the code is true. Pass the code of your middleware

  • So, plus I did everything right as you described, yet it doesn’t check my status. If in my status the user is like 0 and even then he is logging in.

  • I’m sorry I’m a beginner in the language and I’m not quite sure what’s going on. I read the manual you suggested, but it still didn’t work.

  • @Natanmelo all start is not easy, especially with framework that has many versionings and everything else. You need exactly what? i got that you want to block some routes that are administrator type is this? report in a nutshell please again! I also believe that there is a lack of details in the code to immediately solve your problem, but, it is worth remembering that it is good to start with Laravel from the beginning Authentication and Authorization that are different things are kind of boring to learn in Laravel.

  • Got it. when I enter the /Register url it enters the. login form. when it registers it and redirected to the admins area. I need that after the login registration, it makes a check if the status field of the users table is as 1. if there is no 1 it goes back to the login screen with the message that the user is still disabled. I say this so that the area Adminis. stay followed. If you do not do this, anyone who registers will have access to administrative area. I’m grateful you’re helping me.

  • @Natanmelo this pattern that is passed to the user, not much server (or better has to change a lot) to be a link to administrative part, because in this model that comes by default is as if any user could register and I believe that its goal is another. It offers you an example of how to log in to the site, how to register users on the site, but, I only use as a reference, I create based on documentation my type of authentication and authorization through these examples codes. So it’s complicated because you’re a beginner and I don’t know how to help anymore ...

  • OK very obg, by the feed back.

Show 4 more comments

Browser other questions tagged oop laravel-5 logic

You are not signed in. Login or sign up in order to post.