Laravel 8 How to restrict user login if email is not verified - laravel

I am using Bootstrap Starter template package in Laravel 8 that replaces Tailwind CSS framework with Bootstrap CSS framework.
https://packagist.org/packages/shahvirag/laravel-ui-bootstrap
The problem I'm having is that user can sign in after registration without needing to verify account through email. How can I restrict his access until the email is not verified?
I have followed the steps and tried using routes middleware, but there is no such file in App\Http\Controllers\PagesController;
Route::get('/',[PagesController::class, 'index'])->name('users')->middleware('verified'); // this does not work
Any help?
routes/web.php
<?php
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\PagesController;
Route::get('/', function () {
return view('main');
});
Route::middleware(['auth'])->group(function() {
Route::get('/home', function() {
return view('home');
})->name('home');
Route::get('/user/profile', function() {
return view('profile');
})->name('profile');
});
Route::get('/',[PagesController::class, 'index'])->name('users')->middleware('verified');
resources/views/auth/login.blade.php
#extends('layouts.app')
#section('content')
<div class="container">
<div class="row justify-content-center">
<div class="col-md-8">
<div class="card">
<div class="card-header">{{ __('Login') }}</div>
<div class="card-body">
<form method="POST" action="{{ route('login') }}">
#csrf
<div class="form-group row">
<label for="email" class="col-md-4 col-form-label text-md-right">{{ __('E-Mail Address') }}</label>
<div class="col-md-6">
<input id="email" type="email" class="form-control #error('email') is-invalid #enderror" name="email" value="{{ old('email') }}" required autocomplete="email" autofocus>
#error('email')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
#enderror
</div>
</div>
<div class="form-group row">
<label for="password" class="col-md-4 col-form-label text-md-right">{{ __('Password') }}</label>
<div class="col-md-6">
<input id="password" type="password" class="form-control #error('password') is-invalid #enderror" name="password" required autocomplete="current-password">
#error('password')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
#enderror
</div>
</div>
<div class="form-group row">
<div class="col-md-6 offset-md-4">
<div class="form-check">
<input class="form-check-input" type="checkbox" name="remember" id="remember" {{ old('remember') ? 'checked' : '' }}>
<label class="form-check-label" for="remember">
{{ __('Remember Me') }}
</label>
</div>
</div>
</div>
<div class="form-group row mb-0">
<div class="col-md-8 offset-md-4">
<button type="submit" class="btn btn-primary">
{{ __('Login') }}
</button>
#if (Route::has('password.request'))
<a class="btn btn-link" href="{{ route('password.request') }}">
{{ __('Forgot Your Password?') }}
</a>
#endif
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
#endsection


To use verified middleware, your user model should implement MustVerifyEmail
class User extends Authenticatable implements MustVerifyEmail
{
use Notifiable;
// ...
}


Try this instead
Route::get('/',[PagesController::class, 'index'])->name('users')->middleware(['auth', 'verified']);


You can use the method included with the User model:
$user->hasVerifiedEmail()
Or in the routes middleware(['verified'])

Related

Login form in Laravel is giving the error 419 Page Expired

It used to work somoothly, then I added Sociallite and then it some point it broke the default login with email and password.
Now every time I login with username and password I get the error "419 Page Expired" and it's literally diving me crazy because I have tried everything, with no luck.
View login.blade.php:
<form method="POST" action="{{ route('login') }}">
#csrf
<div class="form-group row">
<label for="email" class="col-md-4 col-form-label text-md-right">{{ __('E-Mail Address') }}</label>
<div class="col-md-6">
<input id="email" type="email" class="form-control #error('email') is-invalid #enderror" name="email" value="{{ old('email') }}" required autocomplete="email" autofocus>
#error('email')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
#enderror
</div>
</div>
<div class="form-group row">
<label for="password" class="col-md-4 col-form-label text-md-right">{{ __('Password') }}</label>
<div class="col-md-6">
<input id="password" type="password" class="form-control #error('password') is-invalid #enderror" name="password" required autocomplete="current-password">
#error('password')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
#enderror
</div>
</div>
<div class="form-group row">
<div class="col-md-6 offset-md-4">
<div class="form-check">
<input class="form-check-input" type="checkbox" name="remember" id="remember" {{ old('remember') ? 'checked' : '' }}>
<label class="form-check-label" for="remember">
{{ __('Remember Me') }}
</label>
</div>
</div>
</div>
<div class="form-group row mb-0">
<div class="col-md-8 offset-md-4">
<button type="submit" class="btn btn-primary">
{{ __('Login') }}
</button>
#if (Route::has('password.request'))
<a class="btn btn-link" href="{{ route('password.request') }}">
{{ __('Forgot Your Password?') }}
</a>
#endif
</div>
</div>
</form>
Route web.php:
Route::post('login', [
'as' => '',
'uses' => 'Auth\LoginController#login'
]);
I searched the web and found some ppl talking about clearing cash, clearing cookies, checking cash and storage permissions, clearing SESSION_DOMAIN and I did all, but it's still the same.
Please anyone is still facing such issue in Larvel 7?

syntax error, unexpected 'layouts' (T_STRING), expecting ')' (View: C:\xampp7\htdocs\shopping\resources\views\auth\register.blade.php)

ican not open to page "register.blade.php" when I click to register itt alert this error
syntax error, unexpected 'layouts' (T_STRING), expecting ')' (View: C:\xampp7\htdocs\shopping\resources\views\auth\register.blade.php) I can open page login.blade.php
my code in app.blade.php::
<a class="nav-link" href="{{ route('login') }}">{{ __('Login') }}</a>
#if (Route::has('register'))
<li class="nav-item">
<a class="nav-link" href="{{ route('register') }}">{{ __('Register') }}</a>
</li>
#endif

There is a problem with your Register helper function, you are missing ')
<button type="submit" class="btn btn-primary">
{{ __('Register}}
</button>
Change to
<button type="submit" class="btn btn-primary">
{{ __('Register')}}
</button>

register.blade.php::
#extends('layouts.app')
#section('content')
<div class="container">
<div class="row justify-content-center">
<div class="col-md-8">
<div class="card">
<div class="card-header">{{ __('Register') }}</div>
<div class="card-body">
<form method="POST" action="{{ route('register') }}">
#csrf
<div class="form-group row">
<label for="name" class="col-md-4 col-form-label text-md-right">{{ __('Name') }}</label>
<div class="col-md-6">
<input id="name" type="text" class="form-control #error('name') is-invalid #enderror" name="name" value="{{ old('name') }}" required autocomplete="name" autofocus>
#error('name')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
#enderror
</div>
</div>
<div class="form-group row">
<label for="email" class="col-md-4 col-form-label text-md-right">{{ __('E-Mail Address') }}</label>
<div class="col-md-6">
<input id="email" type="email" class="form-control #error('email') is-invalid #enderror" name="email" value="{{ old('email') }}" required autocomplete="email">
#error('email')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
#enderror
</div>
</div>
<div class="form-group row">
<label for="password" class="col-md-4 col-form-label text-md-right">{{ __('Password') }}</label>
<div class="col-md-6">
<input id="password" type="password" class="form-control #error('password') is-invalid #enderror" name="password" required autocomplete="new-password">
#error('password')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
#enderror
</div>
</div>
<div class="form-group row">
<label for="password-confirm" class="col-md-4 col-form-label text-md-right">{{ __('Confirm Password') }}</label>
<div class="col-md-6">
<input id="password-confirm" type="password" class="form-control" name="password_confirmation" required autocomplete="new-password">
</div>
</div>
<div class="form-group row mb-0">
<div class="col-md-6 offset-md-4">
<button type="submit" class="btn btn-primary">
{{ __('Register}}
</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
#endsection

Missing required parameters for Route with custom password reset

I'm trying to add new type of users "Client" into existing project.
It already had "Admin" user, which does not have email password reset function.
I duplicated and modified native Laravel out of the box Auth controllers, blade forms and model and now I can login and logout as Client (guard:client).
My problem is in password reset function.
"Forgot Your Password?" button redirects to the right url (http://127.0.0.1:8000/client/password/reset).
"Send Password Reset Link" button generates email with link (http://127.0.0.1:8000/client/password/reset/a7558b0f294af7cdaeafd73617f664e1d76ed27d567d648e8b468eb9edcc9c2d)
But when push that link I get following error:
Missing required parameters for [Route: client.password.reset] [URI:
client/password/reset/{token}]. (View:
C:\wamp64\www\testkz\resources\views\index\client\reset.blade.php)
Where reset.blade.php is a copy of resources\views\auth\passwords\reset.blade.php
My routes
Route::post('/password/email','Client\ClientForgotPasswordController#sendResetLinkEmail')->name('client.password.email');
Route::get('/password/reset','Client\ClientForgotPasswordController#showLinkRequestForm')->name('client.password.request');
Route::post('/password/reset','Client\ClientResetPasswordController#reset');
Route::get('/password/reset/{token}','Client\ClientResetPasswordController#showResetForm')->name('client.password.reset');
ClientResetPasswordController
<?php
namespace App\Http\Controllers\Client;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ResetsPasswords;
use Illuminate\Http\Request;
use Password;
use Auth;
class ClientResetPasswordController extends Controller
{
use ResetsPasswords;
protected $redirectTo = '/client';
public function __construct()
{
$this->middleware('guest:client');
}
protected function guard()
{
return Auth::guard('client');
}
protected function broker()
{
return Password::broker('clients');
}
public function showResetForm(Request $request, $token = null)
{
return view('index.client.reset')->with(
['token' => $token, 'email' => $request->email]
);
}
}
blade
#extends('index.layout.layout')
#section('content')
<div class="container">
<div class="row">
<div class="col-md-8 col-md-offset-2">
<div class="panel panel-default">
<div class="panel-heading">Reset Client Password</div>
<div class="panel-body">
#if (session('status'))
<div class="alert alert-success">
{{ session('status') }}
</div>
#endif
<form class="form-horizontal" role="form" method="POST" action="{{ route('client.password.reset') }}">
{{ csrf_field() }}
<input type="hidden" name="token" value="{{ $token }}">
<div class="form-group{{ $errors->has('email') ? ' has-error' : '' }}">
<label for="email" class="col-md-4 control-label">E-Mail Address</label>
<div class="col-md-6">
<input id="email" type="email" class="form-control" name="email" value="{{ $email or old('email') }}" required autofocus>
#if ($errors->has('email'))
<span class="help-block">
<strong>{{ $errors->first('email') }}</strong>
</span>
#endif
</div>
</div>
<div class="form-group{{ $errors->has('password') ? ' has-error' : '' }}">
<label for="password" class="col-md-4 control-label">Password</label>
<div class="col-md-6">
<input id="password" type="password" class="form-control" name="password" required>
#if ($errors->has('password'))
<span class="help-block">
<strong>{{ $errors->first('password') }}</strong>
</span>
#endif
</div>
</div>
<div class="form-group{{ $errors->has('password_confirmation') ? ' has-error' : '' }}">
<label for="password-confirm" class="col-md-4 control-label">Confirm Password</label>
<div class="col-md-6">
<input id="password-confirm" type="password" class="form-control" name="password_confirmation" required>
#if ($errors->has('password_confirmation'))
<span class="help-block">
<strong>{{ $errors->first('password_confirmation') }}</strong>
</span>
#endif
</div>
</div>
<div class="form-group">
<div class="col-md-6 col-md-offset-4">
<button type="submit" class="btn btn-primary">
Reset Password
</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
#endsection

Make sure form method id POST
<form class="form-horizontal" method="POST" action="{{ route('password.request') }}">
{{ csrf_field() }}
<input type="hidden" name="token" value="{{ $token }}">
</form>

I upgraded my project from Laravel 5.3 to 5.5, but used old version of reset.blade.php

how login/register from any page in laravel

I'm using Laravel 5.5 and I want to login/register from any page in my application and not to be require to load domain.com/login or domain.com/register for that.
PS: I'm using default authentication php artisan make:auth

Just copy the form content of login/Register page and paste it in your laravel page.
<form class="form-horizontal" role="form" method="POST" action="{{ url('/login') }}">
{{ csrf_field() }}
<div class="form-group{{ $errors->has('email') ? ' has-error' : '' }}">
<label for="email" class="col-md-4 control-label">E-Mail Address</label>
<div class="col-md-6">
<input id="email" type="email" class="form-control" name="email" value="{{ old('email') }}" required autofocus>
#if ($errors->has('email'))
<span class="help-block">
<strong>{{ $errors->first('email') }}</strong>
</span>
#endif
</div>
</div>
<div class="form-group{{ $errors->has('password') ? ' has-error' : '' }}">
<label for="password" class="col-md-4 control-label">Password</label>
<div class="col-md-6">
<input id="password" type="password" class="form-control" name="password" required>
#if ($errors->has('password'))
<span class="help-block">
<strong>{{ $errors->first('password') }}</strong>
</span>
#endif
</div>
</div>
<div class="form-group">
<div class="col-md-6 col-md-offset-4">
<div class="checkbox">
<label>
<input type="checkbox" name="remember" {{ old('remember') ? 'checked' : ''}}> Remember Me
</label>
</div>
</div>
</div>
<div class="form-group">
<div class="col-md-8 col-md-offset-4">
<button type="submit" class="btn btn-primary">
Login
</button>
<a class="btn btn-link" href="{{ url('/password/reset') }}">
Forgot Your Password?
</a>
</div>
</div>
</form>

Laravel form displayed as raw text

My problem is probably related to server configuration problem. This is the issue. I am developing a Laravel website that works fine when developing on my local machine (using the laradock docker environment).
I wanted to run it on a small local machine so I turned on a fresh Ubuntu 16.04 server and installed docker on it. Checked out my code and ran composer install.
After going to the main registration page, I see that parts of the registration form are displayed as raw text :
I don't see any errors when using the developers page and also no errors in the php-fpm, workspace or nginx container from laradock that hosts the website.
Any idea?
code:
<?php
$ip = get_ip_address();
$countries = [
"Afghanistan" => "Afghanistan",
"Albania" => "Albania",
"Zimbabwe" => "Zimbabwe"
];
?>
#extends('layouts.app')
#section('content')
<div class="container">
<div class="row">
<div class="col-md-8 col-md-offset-2">
<div class="panel panel-default">
<div class="panel-heading">Register</div>
<div class="panel-body">
<form class="form-horizontal" role="form" method="POST" action="{{ route('register') }}">
{{ csrf_field() }}
<div class="form-group{{ $errors->has('name') ? ' has-error' : '' }}">
<label for="name" class="col-md-4 control-label">Name</label>
<div class="col-md-6">
<input id="name" type="text" class="form-control" name="name" value="{{ old('name') }}" required autofocus>
#if ($errors->has('name'))
<span class="help-block">
<strong>{{ $errors->first('name') }}</strong>
</span>
#endif
</div>
</div>
<div class="form-group{{ $errors->has('email') ? ' has-error' : '' }}">
<label for="email" class="col-md-4 control-label">E-Mail Address</label>
<div class="col-md-6">
<input id="email" type="email" class="form-control" name="email" value="{{ old('email') }}" required>
#if ($errors->has('email'))
<span class="help-block">
<strong>{{ $errors->first('email') }}</strong>
</span>
#endif
</div>
</div>
<div class="form-group{{ $errors->has('password') ? ' has-error' : '' }}">
<label for="password" class="col-md-4 control-label">Password</label>
<div class="col-md-6">
<input id="password" type="password" class="form-control" name="password" required>
#if ($errors->has('password'))
<span class="help-block">
<strong>{{ $errors->first('password') }}</strong>
</span>
#endif
</div>
</div>
<div class="form-group">
<label for="password-confirm" class="col-md-4 control-label">Confirm Password</label>
<div class="col-md-6">
<input id="password-confirm" type="password" class="form-control" name="password_confirmation" required>
</div>
</div>
<div class="form-group">
<label for="country" class="col-md-4 control-label">Select your country</label>
<div class="col-md-6">
{{Form::select("country", $countries, null, ['type' => 'text','class' => 'form-control','placeholder' => 'Pick your country...'])}}
</div>
#if ($errors->has('country'))
<span class="help-block">
<strong>{{ $errors->first('country') }}</strong>
</span>
#endif
</div>
{{ Form::hidden('ip', $ip) }}
<div class="form-group">
<div class="col-md-6 col-md-offset-4">
<button type="submit" class="btn btn-primary">
Register
</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
#endsection
<?php
function get_ip_address() {
// check for shared internet/ISP IP
if (!empty($_SERVER['HTTP_CLIENT_IP']) && validate_ip($_SERVER['HTTP_CLIENT_IP'])) {
return $_SERVER['HTTP_CLIENT_IP'];
}
// check for IPs passing through proxies
if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
// check if multiple ips exist in var
if (strpos($_SERVER['HTTP_X_FORWARDED_FOR'], ',') !== false) {
$iplist = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
foreach ($iplist as $ip) {
if (validate_ip($ip))
return $ip;
}
} else {
if (validate_ip($_SERVER['HTTP_X_FORWARDED_FOR']))
return $_SERVER['HTTP_X_FORWARDED_FOR'];
}
}
if (!empty($_SERVER['HTTP_X_FORWARDED']) && validate_ip($_SERVER['HTTP_X_FORWARDED']))
return $_SERVER['HTTP_X_FORWARDED'];
if (!empty($_SERVER['HTTP_X_CLUSTER_CLIENT_IP']) && validate_ip($_SERVER['HTTP_X_CLUSTER_CLIENT_IP']))
return $_SERVER['HTTP_X_CLUSTER_CLIENT_IP'];
if (!empty($_SERVER['HTTP_FORWARDED_FOR']) && validate_ip($_SERVER['HTTP_FORWARDED_FOR']))
return $_SERVER['HTTP_FORWARDED_FOR'];
if (!empty($_SERVER['HTTP_FORWARDED']) && validate_ip($_SERVER['HTTP_FORWARDED']))
return $_SERVER['HTTP_FORWARDED'];
// return unreliable ip since all else failed
return $_SERVER['REMOTE_ADDR'];
}
?>

All the values echoed with {{ }} are sent through the htmlentities function of PHP. If you want to skip that, than you should use another notation:
{!! $unescaped_html !!}
Source

Resources