I am tired with Google login, when single Gmail account logged in browser everything fine, but when two or more Gmail account logged in browser then login successfully but redirect in the google account setting (url:https://myaccount.google.com), here is my controller code. I want to redirect to back page.
public function redirect()
{
return Socialite::driver('google')->redirect();
}
public function callback()
{
$googleUser = Socialite::driver('google')->user();
$existUser = User::where('email',$googleUser->email)->first();
if($existUser) {
Auth::loginUsingId($existUser->id);
}
else {
$user = new User;
$user->first_name = $googleUser->name;
$user->email = $googleUser->email;
$user->google_id = $googleUser->id;
$user->password = bcrypt(rand(1,10));
$user->save();
Auth::loginUsingId($user->id);
}
return back();
}
Redirect to this page, I want to redirect back page
This happens because of return back(); since your server is redirecting back to Google through the HTTP Referer header. This header is unreliable, please do not use it.
Instead, before login with google, save the current URL in the user session and after the login callback, redirect to that URL. In this way, you will be able to bring the user back to the original page.
Related
In my Laravel 8 Application link to login route is provided on different locations, i.e., user can login from multiple pages. By default, after login user is redirected to the dashboard. I am looing for a way to return the user to same page from where he clicked on the login button.
I am using Laravel with Jetstream and Livewire. The documentation says that I can do this by changing "public const HOME = '/ dashboard';" to the desired destination, but in my case the destination can be more than a single url.
I tried 'redirect()->back()' in place of '/ dashboard' but it does not work. Please help what change is required.
Save previous url when you redirect user to login page and after authentication of user redirect him on same page with the session you saved. Try this:
public function showLoginForm()
{
session(['link' => url()->previous()]);
return view('auth.login');
}
protected function authenticated(Request $request, $user)
{
return redirect(session('link'));
}
I am using steam auth. Once a user authenticates in steam, he is redirected back to my form where I ask him for his username(my and steam username rules differ) and email(steam does not provide it).
The problem is that if input is invalid he is redirected back(via laravel request) but at that point all GET parameters from steam are lost and he needs to visit steam login page again.
Controller method that decides whether to redirect to steam or show my login form
public function steamLogin()
{
if ($this->steam->validate()) {
$info = $this->steam->getUserInfo();
if (!is_null($info)) {
$user = User::where('steam', $info->getSteamID64())->first();
if (is_null($user)) {
if (!Cache::has('steam_' . $info->getSteamID64())) {
Cache::put('steam_' . $info->getSteamID64(), $info, Carbon::now()->addMinutes(5));
}
return view('auth.steam', ['info' => $info]);
}
Auth::login($user, true);
return redirect('/');
}
}
return $this->steam->redirect();
}
It is taken off an example here
http://localhost/admin/login
I have logged in then I am redirecting to
localhost/admin/
Now I am open localhost/admin/login
then I want to redirect on
localhost/admin/dashboard not on
localhost/admin/
You need to put it in your auth controller.
protected $redirectTo = '/admin/dashboard';
You can use like this,
header('Location: http://www.example.com/');
You have to check if the user is logged :
if (Auth::check()) {
return Redirect::to('localhost/admin/');
}else{
log-in part
}
You have to simply check for the that particular user is logged into system using below code -
if (Auth::check()) {
return Redirect::to('admin/dashboard');
}else{
return Redirect::to('login/admin');
}
If user is logged in then redirect to dashboard of admin &
If user isn't logged in then redirect to login blade of the project.
Short version: What would be the appropriate way to send the JWT generated from Facebook login (laravel/socialite) to the angularjs front end without using session.
Long Version
I am making an app that has angularjs front end and laravel 5.2 backend. I am using tymondesigns/jwt-auth for authentication instead of session.
I am also using laravel/socialite for social Facebook authentication. For that I am using the stateless feature of socialite so that I don't need session in any ways.
The basic authentication works perfectly. But, when I try to use Facebook login, I follow these steps
User clicks on a button on the angular side that redirects to the provider login page of the back end.
public function redirectToProvider() {
return Socialite::with('facebook')->stateless()->redirect();
}
2. User gives his login information. After logging in he is redirected to my handlecallback function.
try {
$provider = Socialite::with('facebook');
if ($request->has('code')) {
$user = $provider->stateless()->user();
}
} catch (Exception $e) {
return redirect('auth/facebook');
}
return $this->findOrCreateUser($user);
Next I use the findorcreate function to determine whether the user exists or not. If not than I just create a new user and create JWT from that.
$user = User::where('social_id', '=', $facebookUser->id)->first();
if (is_object($user)) {
$token = JWTAuth::fromUser($user);
return redirect()->to('http://localhost:9000/#/profile?' . 'token=' . $token);#angular
} else {
$result = array();
$result['name'] = $facebookUser->user['first_name']
$result['email'] = $facebookUser->user['email'];
$result['social_id'] = $facebookUser->id;
$result['avatar'] = $facebookUser->avatar;
$result['gender'] = $facebookUser->user['gender'];
$result['status'] = 'active';
$result['login_type'] = 'facebook';
$result['user_type'] = 'free_user';
try {
$user = User::create($result);
} catch (Exception $e) {
return response()->json(['error' => 'User already exists.'], HttpResponse::HTTP_CONFLICT);
}
$token = JWTAuth::fromUser($user);
return redirect()->to('http://localhost:9000/#/profile?' . 'token=' . $token);#angular
}
My problem is, in the last block of code I am having to send the jwt to my frontend via url. Which isn't secure at all. What would be the right way to send the generated JWT to the frontend without using session. Thank you
The official documentation of Laravel Socialite says:
Stateless Authentication
The stateless method may be used to disable session state verification. This is useful when adding social authentication to an API:
return Socialite::driver('google')->stateless()->user();
Then, you can authenticate using the jwt-auth method:
JWTAuth::fromUser($user)
If you're using $http on the Angular side, try returning the token as a JSON response from Laravel:
return response()->json(compact('token'));
Then store the token in localStorage or sessionStorage or what have you.
If you're generating your Angular page from within Laravel (i.e. not using Laravel as an API, but showing your Angular page from /public/index.php, for instance) you could load the view with the token in the data for the view.
As long as you're using HTTPS either of these two scenarios are better than passing the token in the redirect URL.
You can store token and use client side redirect without storing to browser history to redirect user to profile page without token in URL:
document.location.replace({profile-url})
Im a bit of a newbie when it comes to Laravel so i was hoping someone could help out.
Im using the standard authentication and login stuff that ships with Laravel so theres nothing fancy going on, but what i want to do is check in the DB to see if a few fields are completed ( name, address, postcode ) .... If they are, then the user gets redirected to the dashboard, but if they aren't, the user will get redirected to the profile page to fill out the rest of their information.
Im guessing i should put something in my routes.php file in the
Route::post('login', function
part, but how do i check for the fields?
Any help would be greatly appreciated.
Cheers,
Once you have authenticated the user using Auth::check you'll be able to grab the authenticated user with Auth::user.
if (Auth::attempt($credentials))
{
$user = Auth::user();
if ($user->email == '' || $user->address == '')
{
return Redirect::to('user/profile');
}
return Redirect::to('home');
}
You just need to check the fields you want on the user to make sure they are there. If they're not then redirect them to the profile page. If they are redirect them to the home page or somewhere else.
You can also do it this way
if (Auth::attempt(array('email'=>Input::get('email'), 'password'=>Input::get('password')))) {
return Redirect::to('users/dashboard');
} else {
return Redirect::to('users/profile');
}
You can use this code
if (Auth::guest())
{
//user is not authenticated or logged in;
return Redirect::to('login');
}else{
//user is authenticated and logged in;
return Redirect::to('profile');
}