Laravel multiauth redirection problem after authentication - laravel

I have three different guard with different login page
all working great but there is issue after login
E.g.
There are three Auth:
Default(web)
branch
agent
I logged in into agent account firs time and I logged out
when I enter credentials of branch it redirects to agent login page and when I go back to branch, voila its already logged-in
However it does not happen on first attempt of login right after opening window

It was just cup of tee
here you go.......!
I modified attemptLogin() method in each auth's login controller
protected function attemptLogin(Request $request)
{
if($this->guard()->attempt($this->credentials($request), $request->filled('remember')))
{
return redirect()
->intended(route('agent.dashboard'))
->with('success','You are Logged!');
}
}
in case you get following error
Argument 1 passed to App\Http\Controllers\Auth\LoginController::attemptLogin()
add following on top of controller
use Illuminate\Http\Request;

Related

add routes after login page for user

I use backpack 4 for laravel(laravel 8)and can't write a route for the user page. After login user has to get /user/dashboard or /dashboard, but the user is redirected to /admin/dashboard. How can I solve this problem?
web.php
Route::get('/', function() {
return redirect()->route('backpack.auth.login');
});
Route::get('/user/dashboard', [DashboardUserController::class, 'index'])->middleware(['web','admin']);
If your users won't ever need to use Backpack and should only able to view the dashboard, you could add a new middleware to Backpack's set of middlewares that checks if your user is an admin or a normal user to redirect them if they are not an admin.
Because Backpack registers the login routes itself, you can't just add your middleware to the route on registration. Instead you'll need to add your middleware to Backpack's admin middleware group. That's the one that gets added to all admin routes.
Steps:
Create the new middleware:
php artisan make:middleware RedirectToDashboard
Open the new middleware at app/Http/Middleware/RedirectToDashboard.php
Change the handle method to look something like this:
public function handle(Request $request, Closure $next)
{
if($request->user()->isNormalUser()) { // You need to change this to the check if the user is a normal user, that's specific to your application
return redirect()->to('dashboard'); // 'dashboard' is the name of your route, you may need to change it.
}
return $next($request);
}
Add the new middleware to Backpack's default set of middlewares in config/backpack/base.php. Open the file and look for the middleware_class entry (most likely somewhere around line 220). Add \App\Http\Middleware\RedirectToDashboard::class to the array.
Log into Backpack as a normal user and check if you get redirected.
The /admin prefix comes from the file: config/backpack/base.php.
Remove route_prefix from the file.
Your users will be redirected to /dashboard.

Laravel guest middleware

I have a page in my web app that should be blocked from logged in users. Similar to how a login or register page should not be accessible to already logged in users. I accomplished this by using guest middleware in controller constructor.
$this->middleware("guest")->only("page_action"); // like this
In this setup, if logged in user tries to visit that page they get redirected to home page. But I need to show a 404 not found page instead of redirecting. How can I do that?
In short, how can I make a page accessible to guest only and make it look like it does not exist to logged in users?
The guest logic is inside inside App\Http\Middleware\RedirectIfAuthenticated.
if (Auth::guard($guard)->check()) {
abort(404)
}
return $next($request);
Otherwise, you need to create a new middleware like #Atiqur suggested.
In your method just check if the user is loggedIn, if then abort to 404 like below...
if(\Illuminate\Support\Facades\Auth::check()) {
return abort(404);
}
#Rest of the code is for guest user.....
#

How to use intended function in Laravel

I need to register in a tournament with the URL:
http://laravel.dev/tournaments/1/register/
This URL is in the middleware 'auth', so if the user is not logged, he is redirected to login / page.
What I need is to redirect to
http://laravel.dev/tournaments/1/register/
After login.
In my routes.php, I have:
Route::get('tournaments/{tournamentId}/register', 'TournamentController#register');
I was told to use
redirect()->intended
but I don't know how to do it.
In the general case, User will be redirected to /admin, but in this case, I want him to keep doing his main action ( Register tournament)...
I'm using the built in trait for login, so I checked what system do when login and it is already using this function:
protected function handleUserWasAuthenticated(Request $request, $throttles)
{
if ($throttles) {
$this->clearLoginAttempts($request);
}
if (method_exists($this, 'authenticated')) {
return $this->authenticated($request, Auth::guard($this->getGuard())->user());
}
return redirect()->intended($this->redirectPath());
}
Thing is it will redirect me to a default path, not a dynamic one...
You should to know different between Redirect To and Redirect Intended
Redirect Intended: redirects the user to where they were originally going
Redirect To: Redirect the user to the page **YOU** specify them to go.
Things to check:
Use your browser's inspect element network feature to trace redirects - there may be several, which could help clear up confusion.
The intended() method requires a call to guest() when redirecting previous to the former. This happens in the Authenticate middleware, but
if you're using some other middleware (such as a middleware to catch and redirect admins to an admin area), this might be triggering first and redirecting without using guest().
Does your controller using the AuthenticatesUsers trait implement the authenticated method? If so this will be returned instead of redirect()->intended().

Magento - Redirect back (similar to using setBeforeAuthUrl) when user creates a new account

I have the following controller action, which redirects to the login page if no user is logged in:
public function requireloginAction() {
if(!Mage::getSingleton('customer/session')->isLoggedIn()) {
// Not logged in
// Save requested URL for later redirection
Mage::getSingleton('customer/session')->setBeforeAuthUrl($this->getRequest()->getRequestUri());
header("Status: 301");
header('Location: '.Mage::helper('customer')->getLoginUrl()); // send to the login page
}
else {
// Logged in
.. do something ..
}
}
By using setBeforeAuthUrl, once the user logs in he/she is redirected back to this action.
Problem:
If instead of logging in, the user, creates an account he/she is then redirected to the main page, rather then to the url set in setBeforeAuthUrl.
Question:
Is there something similar to setBeforeAuthUrl that works with Account Creation too? Or how can I achieve the desired effect?
(Magento Version 1.6)
You can try using the following extension. http://www.magentocommerce.com/magento-connect/MagePsycho/extension/3763/custom_login_redirect
Or you can also open app/code/core/Mage/Customer/controllers/AccountController.php and look for the createPostAction() function around line 328 edit:
$url = $this->_welcomeCustomer($customer);
$this->_redirectSuccess($url);
to
$url = 'http://www.mycustomrediurecturl.com';
$this->_redirectSuccess($url);
If you want to do it the nice way override the controller add configuration options and make it a module :)
Cheers
Found solution.
First of all, setBeforeAuthUrl($url) does work for both "Log In" and "New Account Creation"!
The main difference (and the reason I had the problem) is that for a "New Account Creation" Magento checks if $url is within the domain name of the current store and if it is not, it redirects to the "My Account" page. While the redirection for "Log In" redirects to any $url.
I do not know if this is a bug or a feature (I'm using V1.6.0.0).
So just make sure to redirect to a url within the domain name of the current store - especially in a Multi Store configuration.

CodeIgniter only allow access to certain controllers when logged in

I have some CodeIgniter controllers which should only be accessed by users who have logged in (i.e. where $this->session->userdata('username') is not null). If a non-authenticated person attempts to access said controllers they should receive:
header('location: /auth/login');
There has got to be a better way to do this than to put a
if (!$this->session->userdata('username'))
header('location: /auth/login');
else
{
[rest of function]
}
in front of every function in the controller...
I know DX_Auth has a similar functionality, but I am not using an authentication plugin and I am not open to doing so.
Thanks!
Mala
Do the user login check when the class is created, so it doesn't matter what function the user is accessing it will check for the session variable and redirect to the login page on failure:
function className()
{
parent::Controller();
if(!$this->session->userdata('username')) header('location: /auth/login');
}
That's the way of calling the __constructor or it's equivalent in codeigniter when you create controllers/models, or at least that's what I understood!

Resources