I'm trying to login into my localhosted OctoberCMS app. Everything works as well, except login to backend page. It stills redirect back to login of backend. When I add incorrect username/pass it works as expected (shows popup with message "invalid pass"). If I put correct data, it redirect back to login of backend. CSRF are disabled, link policy is detect and app_url is to http://localhost.
Related
How to prevent browser back to display login page after logged in in inertia js?
if you login to inertia demo CRM with this url :
Demo Inertia Js : https://demo.inertiajs.com/login
afetr loginning you can see login page by browser back again.
How can I solve it?
Thanks
If you have successfully logged in and you go back using history back, the only thing you are doing is previewing how the login page looked like. You aren't doing any request, just visiting your browser's history.
If you go back and refresh the page, you can see that you are now being redirected to the dashboard, which means that you did a request and the server detected you are logged in. As you are logged in, redirects you from /login (guest) to /dashboard (auth).
So in my opinion there is nothing to solve, you don't need to prevent browser back to display login page, you need a middleware to redirect you out from guest routes if you are logged in, that is it.
Docs:
History.back() - MDN docs
RedirectIfAuthenticated middleware - PingCRM
Reason login page is rendered even logged in is because login page rendering request is not sent to the server.
In the login form submission, you can put additional option to replace the page.
Browser back button will also replace the page and eventually, rendering request gets sent.
Inertia.post('/login', {
email: email,
password: password
}, {
replace: true
})
I have a site using laravel-admin package. Login works fine on localhost, but once deployed to C Panel, its not login and they is now a message in my form This form is not secure. Auto fill have been disabled
Login Form
You are trying to submit the form from http whilst you have hosted the web over https. Open laravel config/admin file and change the https config to true see image below
I am developing a functionality to allow facebook users to register in our web application. The approach is:
We will create one app on facebook
Facebook authentication plugin (http://developers.facebook.com/docs/guides/web/#login) will be used in our registration page.
When user clicks on facebook button, facebook login page and then app authorization page are shown.
One user allows/disallows facebook app, user will be redirected to the main page(https://example.com)
But it's redirected like this(https://example.com/#=), so I am facing another issue with that.
Appended this characters(#=)
I have tried to fix the url, but it's redirected like that anyway.
Here is the redirection code.
Auth::login($user);
return Redirect::to(URL('/'));
My server is Nginx.
Hope to get solved my problem.
Thanks in advance!
Try to name the route then redirect to it.
Route::get('/', 'HomeController#index')-
>name('home');
then redirect()->to(route('home'));
i have a site
http://mysite.test/login
now if i will attempt
http://mysite.test/admin
it will redirect me to
http://mysite.test/login
this is very fine. but now i have subdomain for same site.
http://company.mysite.test/
and this URL serves as login page as well. but when i hit
http://company.mysite.test/admin
it is redirecting me to
http://company.mysite.test/login
which is is entirely wrong. it must be redirected to
http://company.mysite.test/
for subdomain. what should i do?
Change you login route to Route::get('/');
you'll also need to make changes to your Authenticate middleware that manages redirects to login page.
Hi I have a static website running at localhost:8080/site. Here I display a login form. The form's action is project:8888/app_dev.php/login_check
My Symfony application, running at project:8888/app_dev.php/ also has it's own login form with the same action, at project:8888/app_dev.php/login
When I login using the login form in my Symfony application all works fine.
When I submit the login form on the static website, I get the following security error:
Your session has timed out, or you have disabled cookies
I assume this is a security matter, which makes it impossible to post login credentials from another domain? Is there a way to work around? Thanks in advance.