im new to laravel 5.8 im trying to set up a multiple auth but after i register a new job_seeker it suppose to redirect me to job_seeker.profile instead it redirect me back to job_seeker.register
i try some code in stackoverflow but nothing works
public function render($request, Exception $exception)
{
return parent::render($request, $exception);
}
protected function unauthenticated($request, AuthenticationException $exception)
{
if ($request->expectsJson()) {
return response()->json(['error' => 'Unauthenticated.'], 401);
}
return redirect()->guest(route($login));
}
protected function unauthenticated($request, AuthenticationException $exception)
{
if ($request->expectsJson())
{
return response()->json(['message' => $exception->getMessage()], 401);
}
$guard = array_get($exception->guards(), 0);
switch ($guard) {
case 'job_seeker':
$login = 'job_seeker.register';
break;
case 'employer':
$login = 'employer.register';
break;
default:
$login = 'login';
break;
}
return redirect()->guest(route($login));
}
Route::post('job_seeker.login',['as'=>'job_seeker.login','uses'=>'job_seeker\login_job_seeker_Controller#login']);
Route::get('job_seeker.register',['as'=>'job_seeker.register','uses'=>'job_seeker\login_job_seeker_Controller#show_login_form']);
Route::get('job_seeker.profile',['as'=>'job_seeker.profile','uses'=>'job_seeker\job_seeker_profile_controller#show_profile']);
Related
In Laravel 9 I make Repository class and in one of its methods I have with 2 findOrFail calling
use Illuminate\Database\Eloquent\ModelNotFoundException;
class ArticleToManyVotesRepository
...
public function store(int $id, int $manyItemId, array $data): JsonResponse|MessageBag
{
$article = Article::findOrFail($id);
$vote = Vote::findOrFail($manyItemId);
if ($article->votes()->where('vote_id', $manyItemId)->exists()) {
throw new CustomManyToManyItemException('Article "' . $id . '" with vote ' . $manyItemId . ' already exists');
}
DB::beginTransaction();
try {
$article->votes()->attach($manyItemId, $data);
DB::Commit();
} catch (\Exception $e) {
\Log::info(varDump($e->getMessage(), ' -1 STORE $e->getMessage()::'));
DB::rollback();
return sendErrorResponse($e->getMessage(), 500);
}
return response()->json(['result' => true], 201); // 201
}
In the parent controller I have try block with checks for ModelNotFoundException:
public function articleManyVotesStore(Request $request, int $articleId, int $voteId)
{
try {
$data = $request->only('article_id', 'active', 'expired_at', 'supervisor_id', 'supervisor_notes');
return $repository->store(id: $articleId, manyItemId: $voteId,
data: $data);
} catch (ModelNotFoundException $e) {
return response()->json(['message' => $e->getMessage()], 404);
}
} catch (CustomManyToManyItemException $e) {
return response()->json(['message' => $e->getMessage()], 500);
}
}
But as in store method there are 2 calling of "findOrFail" in which way can I catch a valid Exception of findOrFail ?
Seems findOrFail has no any parameters ?
Thanks!
one way is to compare exception model namespace like below
try {
$data = $request->only('article_id', 'active', 'expired_at', 'supervisor_id', 'supervisor_notes');
return $repository->store(id: $articleId, manyItemId: $voteId,
data: $data);
} catch (ModelNotFoundException $e) {
if($e->getModel() === Article::class){
//add your logic here
}elseif($e->getModel() === Vote::class){
//add your logic here
}
return response()->json(['message' => $e->getMessage()], 404);
}
I am handling an API exception of validation errors throwing exception Illuminate\Validation\ValidationException. It returns an exception $this->convertValidationExceptionToResponse($exception, $request).Validation Exception does not show the error message.
Trying $exception->getMessage() from the output of $this->convertValidationExceptionToResponse($exception, $request); throws error.
How to send the error messages of validation in the response ?
namespace App\Exceptions;
use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
use Illuminate\Auth\AuthenticationException;
use Illuminate\Validation\ValidationException;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
use Symfony\Component\HttpKernel\Exception\MethodNotAllowedHttpException;
use Symfony\Component\HttpKernel\Exception\HttpException;
use Throwable;
use Exception;
class Handler extends ExceptionHandler
{
public function render($request, Throwable $exception)
{
if ($request->is('api/*')) {
return $this->handleException($request, $exception);
}
return parent::render($request, $exception);
}
public function handleException($request, Exception $exception)
{
if (method_exists($exception, 'getStatusCode')) {
$statusCode = $exception->getStatusCode();
} else {
$statusCode = 500;
}
if ($exception instanceof MethodNotAllowedHttpException) {
$response['message'] = 'Method Not Allowed';
$response['status'] = false;
$response['status_code'] = $statusCode;
return response()->json($response, $statusCode);
}
if ($exception instanceof NotFoundHttpException) {
$response['message'] = 'Not Found';
$response['status'] = false;
$response['status_code'] = $statusCode;
return response()->json($response, $statusCode);
}
if ($exception instanceof HttpException) {
$response['message'] = $exception->getMessage();
$response['status'] = false;
$response['status_code'] = $statusCode;
return response()->json($response, $statusCode);
}
if ($exception instanceof AuthenticationException) {
$exception = $this->unauthenticated($request, $exception);
$response['message'] = 'Authentication Error';
$response['status'] = false;
$response['status_code'] = $exception->getStatusCode();
return response()->json($response, $statusCode);
}
if ($exception instanceof ValidationException) {
$exception = $this->convertValidationExceptionToResponse($exception, $request);
$response['message'] = 'Validation Error';
$response['status'] = false;
$response['status_code'] = $exception->getStatusCode();
return response()->json($response, $statusCode);
}
if (config('app.debug')) {
$response['trace'] = $exception->getTrace();
$response['code'] = $exception->getCode();
$response['status'] = false;
$response['status_code'] = $statusCode;
return response()->json($response, $statusCode);
}
$response['message'] = $exception->getMessage();
$response['status'] = false;
$response['status_code'] = $statusCode;
return response()->json($response, $statusCode);
}
Does anyone know how to use guards in redirectTo() method in Authenticate middleware in laravel 5.8.15(or simply 5.8)?
I get this error
"Declaration of App\Http\Middleware\Authenticate::redirectTo($request, $guards) should be compatible with Illuminate\Auth\Middleware\Authenticate::redirectTo($request)"
use Illuminate\Support\Facades\Route;
protected function redirectTo($request, $guards)
{
if (! $request->expectsJson()) {
if (array_first($this->guards) === 'admin') {
return route('admin.login');
}
return route('login');
}
}
//Updated code but still getting error
//Error:: Declaration of App\Http\Middleware\Authenticate::handle($request,
Closure $next, $guard = NULL) should be compatible with
Illuminate\Auth\Middleware\Authenticate::handle($request, Closure $next,
...$guards)
//Code
....
use Closure;
use Illuminate\Support\Facades\Auth;
....
public function handle($request, Closure $next, $guard = null)
{
switch ($guard) {
case 'admin':
if (Auth::guard($guard)->check()) {
return redirect()->route('admin.login');
}
break;
default:
if (Auth::guard($guard)->check()) {
return redirect('/login');
}
break;
}
return $next($request);
}
CHeck like this and redirect on your condition
public function handle($request, Closure $next)
{
switch ($this->getGuard()) {
case 'admin':
if (!Auth::guard($guard)->check()) {
return redirect()->route('admin_login');
}
break;
case 'vendor':
if (!Auth::guard($guard)->check()) {
return redirect()->route('vendor_login');
}
break;
case 'user':
if (Auth::guard($guard)->check()) {
return redirect()->route('user_login');
}
break;
default:
if (Auth::guard($guard)->check()) {
return redirect('/login');
}
break;
}
return $next($request);
}
Modify the render($request, Exception $exception) in App/Exceptions/Handler.php to look like the one below:
/**
* Render an exception into an HTTP response.
*
* #param \Illuminate\Http\Request $request
* #param \Exception $exception
* #return \Illuminate\Http\Response
*/
public function render($request, Exception $exception)
{
if(get_class($exception) != 'Illuminate\Auth\AuthenticationException'){
return parent::render($request, $exception);
}
$guard = Arr::get($exception->guards(),0);
switch ($guard){
case 'admin':
return redirect(route('admin.login'));
break;
default:
return redirect(route('login'));
break;
}
}
I have trouble with Request validation in Laravel, when request data pass validation everything is ok but then data is invalid server response with 404
UserRequest
public function authorize()
{
return true;
}
public function rules()
{
return [
'name' => 'sometimes|required|unique:users,Name|min:5|max:30'
];
}
UserController
public function update(UserRequest $request, $id)
{
$token = JWTAuth::getToken();
$tokenData = JWTAuth::getPayload($token)->toArray();
if ($request->name != null) {
if (User::where('id', $tokenData['idUser'])->update(['Name' => $request->name])) {
$status = true;
} else {
$status = false;
}
}
return response()->json(['status' => $status]);
}
Try with this
public function update(UserRequest $request, $id)
{
$token = JWTAuth::getToken();
$tokenData = JWTAuth::getPayload($token)->toArray();
$validated = $request->validated();
if ($validated) {
if (User::where('id', $tokenData['idUser'])->update(['Name' => $request->name])) {
$status = true;
} else {
$status = false;
}
return response()->json(['status' => $status]);
}
else {
return redirect()->back()->withErrors($validated);
}
}
Hope this helps :)
These are the basic functions of the driver user.
public function authenticate(Request $request){
$credentials=$request->only('email','password');
try {
\Config::set('auth.providers.users.model', \App\Driver::class);
\Config::set('auth.providers.users.table', 'drivers');
\Config::set('jwt.user', \App\Driver::class);
if (!$token =JWTAuth::attempt($credentials)) {
return response()->json(['error'=>'Invalid_Crendals'],401);
}
} catch (JWTException $e) {
return response()->json(['error' => 'could_not_create_token'], 500);
}
return response()->json(['token Login Driver'=>compact('token'),'msg'=>'driver']);
}
public function register(){
$email=request()->email;
$name=request()->name;
$last=request()->last;
$password=request()->password;
$driver=Driver::create([
'name'=>$name,
'email'=>$email,
'last'=>$last,
'password'=>bcrypt($password),
]);
\Config::set('auth.providers.users.model', \App\Driver::class);
\Config::set('auth.providers.users.table', 'drivers');
\Config::set('jwt.user', \App\Driver::class);
$token=JWTAuth::fromUser($driver);
return response()->json(['token Driver'=>$token],200);
}
public function testd(){
try {
\Config::set('auth.providers.users.model', \App\Driver::class);
\Config::set('auth.providers.users.table', 'drivers');
\Config::set('jwt.user', \App\Driver::class);
$token=JWTAuth::getToken();
$driver=JWTAuth::toUser($token);
} catch (JWTException $e) {
return response()->json(['error' => 'could_not_create_token'], 500);
}
return response()->json($driver);
}
These are the conventional user functions
public function authenticate(Request $request){
$credentials=$request->only('email','password');
try {
\Config::set('auth.providers.users.model', \App\User::class);
\Config::set('auth.providers.users.table', 'users');
\Config::set('jwt.user', \App\User::class);
if (!$token =JWTAuth::attempt($credentials)) {
return response()->json(['error'=>'Invalid_Crendals'],401);
}
} catch (JWTException $e) {
return response()->json(['error' => 'could_not_create_token'], 500);
}
return response()->json(['toke Login User'=>compact('token'),'msg'=>'User Register']);
}
public function register(){
$email=request()->email;
$name=request()->name;
$password=request()->password;
$user=User::create([
'name'=>$name,
'email'=>$email,
'password'=>bcrypt($password),
]);
\Config::set('auth.providers.users.model', \App\User::class);
\Config::set('auth.providers.users.table', 'users');
\Config::set('jwt.user', \App\User::class);
$token=JWTAuth::fromUser($user);
return response()->json(['token'=>$token],200);
}
public function testd(){
try {
\Config::set('auth.providers.users.model', \App\User::class);
\Config::set('auth.providers.users.table', 'users');
\Config::set('jwt.user', \App\User::class);
$token=JWTAuth::getToken();
$driver=JWTAuth::toUser($token);
} catch (JWTException $e) {
return response()->json(['error' => 'could_not__User_create_token'], 500);
}
return response()->json($driver);
}
And used a middleware for each one This is for the driver user
public function handle($request, Closure $next)
{
try {
Config::set('jwt.user','App\Driver');
Config::set('auth.providers.users.model', \App\Driver::class);
$user=JWTAuth::parseToken()->authenticate();
if (! $user) {
return response()->json(['user_not_found'], 404);
}
} catch (Tymon\JWTAuth\Exceptions\TokenExpiredException $e) {
return response()->json(['token_expired'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\TokenInvalidException $e) {
return response()->json(['token_invalid'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\JWTException $e) {
return response()->json(['token_absent'], $e->getStatusCode());
}
return $next($request);
}
And for the conventional user
try {
Config::set('jwt.user','App\User');
Config::set('auth.providers.users.model', \App\User::class);
if (! $user = JWTAuth::parseToken()->authenticate()) {
return response()->json(['user_not_found'], 404);
}
} catch (Tymon\JWTAuth\Exceptions\TokenExpiredException $e) {
return response()->json(['token_expired'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\TokenInvalidException $e) {
return response()->json(['token_invalid'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\JWTException $e) {
return response()->json(['token_absent'], $e->getStatusCode());
}
return $next($request);
}
File App.php
Route::post('authenticate','Api\UserController#authenticate');
Route::post('register','Api\UserController#register');
Route::post('authenticate/driver','Api\DriverController#authenticate');
Route::post('register/driver','Api\DriverController#register');
Route::post('test/driver','Api\DriverController#testd')->middleware('driver');
Route::post('test/user','Api\UserController#testd')->middleware('user');
Users are authenticated and register well in their corresponding tables The problem I encounter is the following, When I use the generated token when registering a user Driver and I use this same token to access the route test / user where by logic this does not owe me To show no result since it is an incorrect token generated by another user, this same token enters the function and shows me the data of a conventional user. How can I solve this security problem? The truth has been many days and I have not been able to solve it.