Previous session can not destroy in laravel 5.7 - laravel

I am creating login page & after logout my session value can not destroy. Any problem with code? I am using flush method,forget method to remove previous session value.
public function userLogin(Request $req)
{
$username=$req->input('username');
$password=$req->input('password');
$finduser = Users::where(['email'=>$username,'password'=>$password])
->orwhere(['mobile'=>$username,'password'=>$password])
->first();
Session::put('username', $finduser->name);
Session::put('userid', $finduser->id);
$session_id=Session::get('session_id');
if($username != $finduser->mobile and $username != $finduser->email)
{
Session::put('message','Email or mobile number does not exists');
return redirect::to('/login');
}
else if($password != $finduser->password)
{
Session::put('message','Your Password is incorrect');
return redirect::to('/login');
}
else if($finduser)
{
return redirect::to('/home');
}
}
public function logout(Request $req)
{
Session()->forget(['userid', 'username','session_id']);
Session()->flush();
//Session::flush();
return redirect('/login');
}

Try \Session()->flush(); instead of Session()->flush();

Related

Catching org_internal 403 error via Google's OAUTH?

I have google OATH setup via socialite (only for within our organisation) and everything is working fine.
One thing I'd like to try and do is catch this "error" and get redirected back to our login page with a custom message telling the user that they do not belong to our organisation.
In principle this works fine, they can just hit the back button... but for fluidity and design, I'd like to catch this and redirect back to our home page.
Is this even possible? If so, how would you recommend I go about it?
public function show()
{
return view('auth.login');
}
public function redirectToProvider($driver)
{
if( ! $this->isProviderAllowed($driver) ) {
return $this->sendFailedResponse("{$driver} is not currently supported");
}
try {
return Socialite::driver($driver)->redirect();
} catch (Exception $e) {
return $this->sendFailedResponse($e->getMessage());
}
}
public function handleProviderCallback( $driver )
{
try {
$user = Socialite::driver($driver)->user();
} catch (Exception $e) {
return $this->sendFailedResponse($e->getMessage());
}
// check for email in returned user
return empty( $user->email )
? redirect()->intended('/login?failed=1')
: $this->loginOrCreateAccount($user, $driver);
}
protected function sendSuccessResponse()
{
return redirect()->intended('/');
}
protected function sendFailedResponse($msg = null)
{
return redirect()->intended('/login?failedResponse='.$msg);
}
protected function loginOrCreateAccount($providerUser, $driver)
{
// check for already has account
$user = User::where('email', $providerUser->getEmail())->first();
// if user
if( $user ) {
// update the avatar and provider that might have changed
$user->update([
'avatar' => $providerUser->avatar,
'provider' => $driver,
'provider_id' => $providerUser->id,
'access_token' => $providerUser->token
]);
} else {
return redirect()->intended('/login?noUser=1');
}
// login the user
Auth::login($user, true);
return $this->sendSuccessResponse();
}
private function isProviderAllowed($driver)
{
return in_array($driver, $this->providers) && config()->has("services.{$driver}");
}

Authentication for different user Laravel ( Trying to get property of non-object )

Hei guys another error in authentication login, So I want to give different dashboard for different user, so example user_type = 1 it will redirect to user1/dashboard and user_type = 2 it will redirect to user2/dashboard but I got this error
Trying to get property of non-object authentication
this is my LoginController in laravel
if (Auth::attempt($credentials) && Auth::user()->user->user_type == 1) {
// Authentication passed...
return redirect('user1/dashboard');
} else {
Session::flash('login_error');
return redirect('/login');
}
this is my middleware, I make it 2 middleware with User1Middleware and User2Middleware
if (Auth::check() && Auth::user()->users->user_type == 1)
{
return $next($request);
} else {
return redirect('/login');
}
So Users is on my database and user_type is my table name, Can you help me guys so glad if this problem can fix very soon
From the answer I edited my code to this but still got bug it redirect to user1/dashboard not redirect to user2/dashboard even I have logic for user_type = 2
$credentials = $request->only('email', 'password','user_type');
$credentials["is_verified"] = true;
if (Auth::attempt($credentials) && Auth::user()->user_type == 1) {
// Authentication passed...
return redirect('user1/dashboard');
} else if( Auth::attempt($credentials) && Auth::user()->user_type == 2) {
return redirect('user2/dashboard');
} else {
Session::flash('login_error');
return redirect('/login');
}
You don't have to do this:
Auth::user()->user
Because the first piece of code:
Auth::user()
Is the user. With this in mind, you can change your code to look like this:
if (Auth::attempt($credentials) && Auth::user()->user_type == 1) {
// Authentication passed...
return redirect('user1/dashboard');
} else {
Session::flash('login_error');
return redirect('/login');
}
if (Auth::check() && Auth::user()->user_type == 1)
{
return $next($request);
} else {
return redirect('/login');
}
There you go buddy!
EDIT: Code added to question
Your else if only checks if the user has a type, it does not have this piece of code:
Auth::attempt($credentials)
Hi in LoginController add or replace method
protected function authenticated($request, $user)
{
if ($user->user_type == 1) {
return redirect()->route('here you route name');
}
return redirect()->route('here you route name for second type of user');
}

how to pass session variable into view using laravel4

I want to pass logged in id into my view page.i got the id in the function of user_login_submits.
Actually i want to get the id in one more function in the same controller.
how to get the session id in controller..
Normally session put its enough i did like that.
Here is my code anyone can check and tel me what need to change here
Controller
public function user_login_submits()
{
$inputs = Input::all();
$uname = Input::get('username');
$password = Input::get('password');
$logincheck=Userlogin::login_checks($uname,$password);
if($logincheck == 1)
{
$id=Session::get('customer_id');
return Redirect::to('businessprio/create_news?p=1');
}
else if($logincheck == 0)
{
//echo "fail";
return Redirect::to('businessprio/create');
}
}
Model
public static function login_checks($uname,$password)
{
$check = DB::table('customer_login')
->where('username','=',$uname)
->where('password','=',$password)->get();
if($check)
{
//Session::put(['customer_id'=>'value']);
Session::put('customer_id', $check[0]->customer_id);
Session::put('username', $check[0]->username);
return 1;
}
else
{
return 0;
}
}
I won't pass it to model, instead i would do it in controller itself,
public function user_login_submits()
{
$uname = Input::get('username');
$password = Input::get('password');
$check = DB::table('customer_login')
->where('username','=',$uname)
->where('password','=',$password)->count();
if($check==1)
{
$id=Session::get('customer_id');
return Redirect::to('businessprio/create_news?p=1');
}
else
{
return Redirect::to('businessprio/create');
}
}
Recommendation :
But i would strongly recommend you to do it by Auth::attempt i.e., to follow the clean one
public function user_login_submits()
{
if (Auth::attempt(['email' => $userEmail, 'password' => $userPassword])) {
return Redirect::to('businessprio/create_news?p=1');
}
else
{
return Redirect::to('businessprio/create');
}
}
If you do so, then you can access the Default checking for authenticated user
Auth::check()
Get the Logged in user details by
Auth::user()->id
Auth::user()->username
Note : To use default Auth::attempt you should use the User Model too.

Call to undefined method Illuminate\Database\Query\Builder::save()?

I'm getting this error after trying to save my model. This is the error I'm getting:
Call to undefined method Illuminate\Database\Query\Builder::save()
This is my code:
public function getActivate ($code)
{
$user = User::where('code','=',$code)->where('active','=',0);
if ($user->count())
{
$user->first();
//Update user to active state
$user->active = 1;
$user->code ='';
if($user->save())
{
return Redirect::route('home')
->with('global', 'Account Activated ! You can sign in ');
}
}
return Redirect::route('home')
->with('global', 'We could not activate your account. Try again later');
}
My version of Laravel is the stable one.
The problem is you are not getting the first instance of your user, and you are just calling the save() on the query itself.
Here is the updated code:
public function getActivate ($code)
{
$user = User::where('code','=',$code)->where('active','=',0)->first();
if ($user)
{
//Update user to active state
$user->active = 1;
$user->code ='';
if($user->save())
{
return Redirect::route('home')
->with('global', 'Account Activated ! You can sign in ');
}
}
return Redirect::route('home')
->with('global', 'We could not activate your account. Try again later');
}
Also, you may simplify your query build by replacing where($column, '=', $query) to
$user = User::whereCode($code)->whereActive(0)->first();

laravel auth and session not persisting

The laravel session and auth I use have some problem in server, but working really fine in localhost . I will show.
Route
Route::get('/signin', 'PageController#signin');
Route::get('/signup', 'PageController#signup');
Route::get('/terms', 'PageController#terms');
Route::resource('/', 'PageController');
Route::controller('user', 'UserController');
PageController
public function index() {
if (Auth::check()) {
return View::make('user.index');
} else {
return View::make('landing');
}
}
UserController
public function postLogin() {
$data = array();
$secured = ['user_email' => $_POST['email'], 'password' => $_POST['password']];
if (Auth::attempt($secured, isset($_POST['remember']))) {
if (Auth::user()->user_status == 1 ) {
return Redirect::to('/');
} else {
$data['success'] = false;
}
} else {
$data['success'] = false;
}
return $data;
}
Auth::check() fails in pagecontoller even after login succeds. But if I change the code to
UserController
public function postLogin() {
$data = array();
$secured = ['user_email' => $_POST['email'], 'password' => $_POST['password']];
if (Auth::attempt($secured, isset($_POST['remember']))) {
if (Auth::user()->user_status == 1 ) {
return Return View::make(user.index);
} else {
$data['success'] = false;
}
} else {
$data['success'] = false;
}
return $data;
}
I get the index page and if I click the link of the home I get the landing page not the index page.
I guess I clarify my problem, I have gone through may solution replied earlier in same manner question nothing working.
I don't think its the server problem because another laravel application is working fine in same server.
Please help.
Your query seems to be incomplete, from what i understand you are able to get the index page after passing the authentication check only once, and that is by using this method:
public function postLogin() {
$data = array();
$secured = ['user_email' => $_POST['email'], 'password' => $_POST['password']];
if (Auth::attempt($secured, isset($_POST['remember']))) {
if (Auth::user()->user_status == 1 ) {
return Return View::make(user.index);
}
else {
$data['success'] = false;
}
}
else {
$data['success'] = false;
}
return $data;
}
try using a different browser to make sure there is no cookie storage restrictions in the client side and check the app/config/session.php file and see if you have configured the HTTPS Only Cookies according to your needs.
and just on an additional note this line "return Return View::make(user.index);" looks vague.

Resources