I have a system where Admin will Enter his Client Dashboard with Client's Credentials. Admin has all information of Clients.
---------------------
Client1 Login
Client2 Login
---------------------
Now in my Controller I want to do this action. Admin will go to his Client Dashboard.
Is it possible to do?
public function login(User $user)
{
$credentials = $user->only('email', 'password');
Auth::logout();
// But after logout() it will stop, I know that.
if (Auth::attempt($credentials)) {
// Authentication passed...
return redirect('/');
}
}
Is it possible to Login in two accounts (Admin & Client) at the same time? :-P
for two login in same time in laravel u have to create admin table or client table and make seprate login in admin guard and default login u have to overwrite login with user guard then only u can maintain 2 login in same time in laravel
GUARD doc link here
Related
I want to know how to logout the desired guard not all guards.
following code will logout all guards:
Auth::logout();
$request->session()->invalidate();
$request->session()->regenerateToken();
If the user and admin loged in at the same time it will logout both.
I want when admin send logout request to:
Route::get('/admin/logout',function(){
//some codes
})
it logout only admin not the user.
And logout only the user by following route
Route::get('/logout',function(){
})
In my Laravel 8 Application link to login route is provided on different locations, i.e., user can login from multiple pages. By default, after login user is redirected to the dashboard. I am looing for a way to return the user to same page from where he clicked on the login button.
I am using Laravel with Jetstream and Livewire. The documentation says that I can do this by changing "public const HOME = '/ dashboard';" to the desired destination, but in my case the destination can be more than a single url.
I tried 'redirect()->back()' in place of '/ dashboard' but it does not work. Please help what change is required.
Save previous url when you redirect user to login page and after authentication of user redirect him on same page with the session you saved. Try this:
public function showLoginForm()
{
session(['link' => url()->previous()]);
return view('auth.login');
}
protected function authenticated(Request $request, $user)
{
return redirect(session('link'));
}
my normal login functionality is working fine. but I am trying to login with social login so I need to do Auth Attempt on successful social login to manage Auth::User()->id throughout the application.
code
I am not able to compare the hash password
if(user is already register still user tried social login with same email){
//here i am trying to get that email id password
$userFromEmail = DB::table('users')->where('email', 'user#gmail.com')->first();
if(Auth::attempt([ 'email'=> $userFromEmail->email,'password'=> $userFromEmail->password ])){
dd(Auth::User()->id);
}else{
echo("not login");
}
}
I got it instead of doing Auth::attempy(email,password) i am authenticating by Auth::loginUsingId($user->id);
I want to implement a system where 6 types of users exist. So one is 'customer' who will login by a route like /login and rest of 5 users are admins and only they will be login using another route /system/base-admin. However, 'customer' never login with the /system/base-admin route if anyhow can known this route. And both route have different login form and if they failed to login 'customer' will be redirected /login and admins /system/base-admin.
I know about $guard and middleware check.
Question: How can i implement above scenario and how react professionals with this scenario?
Route::get('/login','CustomerLoginController#processLogin')->name('customer.login');
Route::get('/system/base-admin', 'AdminLoginController#processAdminLogin')->name('system.admin')
My Controller Looks like
public function processLogin(){ return view('customer.login');}
public function processAdminLogin(){ return view('admin.login')}
Thank you in advance.
The only reason I see to have different endpoints for login is to have different views.
Copy your Auth\LoginController, change $redirectTo to redirect to your admin panel. Overwrite AuthenticatesUsers\showLoginForm to show your admin form and update middleware in __construct.
Protect all your admin routes with admin middleware.
Now. Your users CAN login to your panel. BUT nothing will happen since they don't have access.
If you want to show them some kind of message when they try you can overwrite AuthenticatesUsers\login method with something like this
...
if ($this->attemptLogin($request)) {
if(!auth()->user()->isAdmin()){
throw ValidationException::withMessages([
$this->username() => 'You don\'t have access to this page',
]);
}
return $this->sendLoginResponse($request);
}
...
I have overwritten Login and Logout functionality as I need to check many more conditions to authenticate the user like below.
public function login(Request $request)
{
$this->validateLogin($request);
$input=$request->all();
$user=User::where('username',$input['username'])->first();
//If Temp Password is set
if(strlen($user->temp_password)>10)
{
if (Hash::check($input['password'], $user->temp_password))
{
Auth::login($user);
$this->setUserSession($user);
$landing_page=Menu::find($user->landing_page);
return redirect()->route($landing_page->href);
}
else {
session()->put('failure','Invalid Username or Password');
return redirect('/login');
}
}
else{ //If Temp password is not set
if (Hash::check($input['password'], $user->password))
{
Auth::login($user);
$this->setUserSession($user);
$landing_page=Menu::find($user->landing_page);
return redirect()->route($landing_page->href);
}
else {
session()->put('failure','Invalid Username or Password');
return redirect('/login');
}
}
}
Now I need to restrict Same user from login once again in some other screen or place. I have checked Session Data but nothing is stored as Unique for a User.
ie. If a username admin is loged in US the same username admin must not be allowed to login from UK.
Update
Oh bagga, question wasn't quite clear. You are trying to restrict the number of sessions to 1 only. If I get it, then you will have to use a database session driver. Right now, I think you may be using the default driver (file). It only checks the session within the same browser. Using database session may allow you to check for session everywhere, and restrict the number of connections.
First, make sure your routes are within the web middleware so they can access sessions. Then, inside of the web middleware, create a group of routes that are only accessible for users who are not logged in.
Route::group(['middleware' => 'guest'], function () {
Route::get('login', 'LoginController#login');
// any other route
});
Logged in users won't be able to access the login route anymore.
You could also do the check in your login function to see if the user's is already connected by using
if (Auth::check()) {
// user is connected
// redirect them
}
What does this->setUserSession($user) do?
You can do this using login token.
Generate a login token and keep it in database.
And check for it's entry in database while logging in.
If it doesn't exist let log in success.
Else fail.
And delete login token every time user logs out.
Or
you can generate new token on each login success. And deleting old token and invalidating the old login.
But in this case you have to keep that token in session and for each request you have to check that token with database token.
If it matches, allow user
Else logout the user with notice.
I'll prefer the second method personally.
As you can check for the token in the middleware itself.