This is my first laravel project. I am making a website with login user.I question is when i enter my url then open always home page.If user logged in then it show name in navbar and for guest always show as a guest.I don't want to change url for both case....Even when a guest after login it goes to same url but then that user show as a auth user. Please help me How can I do that. I take concept from ecommerce website.
Route::group(['middleware' => 'web'], function () {
Route::get('/', 'WebController#loadPage');
Route::get('/signin', 'WebController#login');
});
this is my route.I already change navbar using #auth and #guest.But how to check at first that the user r auth or not without changing url.
You can use middleware for authenticated routes.
if you using default auth of laravel then simply set route middleware for your authenticated routes like below
Route::group(['middleware' => 'auth'],function (){
//Your Protected routes goes here
});
or if you want to redirect your user to some custom route after login then simple you can edit this in LoginCOntroller inside Controller/Auth and set varibale protected $redirectTo = '/YourRedirectionPath';
I suggest you read the documentation it is well documented Authentication documentation
Related
I want to implement user authentication (require login to visit any page) for a Laravel project (Laravel 7.x/8.x) that is currently open to any visitor without login. With Auth::routes() in web.php, every thing works as expected with respect to login process if a user accesses or is redirected to the login page.
Now I'm wondering if there's a straight forward and simple mechanism that will redirect a user to the login page if the user is not logged in when accessing any page of the project without having to modify the controller or view of each page. Specifically what I'm looking for is something that I can set in a config file, e.g. config/auth.php, say, 'force_login' => true/false, so if 'force_login' is set to true, the system would automatically check whether or not a user is logged in when the user access any page and redirect to the login page if the user is not logged in, and if 'force_login' is set to false, the system would bypass the authentication process all together. Such kind of mechanism may already exist, but I found no mention of it when I searched around online. I appreciate any suggestions/hints. Thanks.
Yes, youu need to use the auth middleware on all the routes that you want to forced be logged, or tou could only group them in one.
// Auth is required to acces these routes
Route::middleware(['auth'])->group(function () {
Route::get('/home', 'HomeController#index');
Route::get('any_route', 'AnyController#index');
...
});
// Auth is not required
Route::get('/', function () {
return view('welcome');
});
I am having a problem with Laravel 5.7 Email verification.
After using Laravel's email verification it is forcing me to the login page if I'm not logged in.
Here is what we need:
We enable the code for the email verification of users. So when someone signup we want to verify the user email. We want the user to signup on the website, the user is asked to verify the email address and they can't do anything further until verified - which is ok for me.
Our trouble is, if a new user comes (Not registered) to our website, our website will force all that user to the login page as well .
A normal user who is not signed up is also getting to login page and force to verify or log in.
While we want the only user who signed up needs to verify. Which is working.
All the normal users who are not subscribed can use site easy. Where currently they are going to login page
What I've done so far
Added the following code
class User extends Authenticatable implements MustVerifyEmail
Auth::routes(['verify' => true]);
Route::get('profile', function () { })->middleware('verified');
After Verifying Emails
protected $redirectTo = '/dashboard';
It is working fine but,
What I need is that I don't want to force users to verify email because this is blocking the user from accessing the home page of my website.
The problem is you need to specify what pages will use auth middleware. To exclude your welcome view.
In your controller file.
public function __construct()
{
$this->middleware('auth')->except('welcome');
}
public function home(){
return view('welcome');
}
Im using 'welcome' view, because I believe that you do not change the code of default Laravel installation, you must be careful, since the view 'home' is the default page that laravel shows after you logged in. If you remove the authentication layer of that page, any user can access your system. You must change the code of this page or create another view.
In your web.php file
Route::get('/', 'HomeController#home');
Laravel Docs - Controller Middleware
try to add except method and check for url home
public function __construct()
{
$this->middleware(['auth', 'verified'])->except('home');
}
Another newb queestion here
How to apply session timeout in laravel? My app have this instance that when a user logs out. That previous route/s should not be loaded but my app loads it. how to implement in laravel that session destroy in PHP? Any ideas?
In routes/web.php add your protected routes in a middleware group so they won't be accessible when logged out.
Route::group(['middleware' => 'auth'], function() {
Route::get('profile', 'UserController#profile');
});
Then /profile will require users to be logged in. As well as any other routes in that group.
Learn more about sessions here: https://laravel.com/docs/5.4/session
Update
I think I've got what you mean. After doing Auth::logout(); do
return redirect()->back();
What will happen is the browser will try to redirect back to a 'protected' page and the protected page will kick them to the login page. WHen they click on 'back' on the browser, it will still display the login page.
in my laravel application, there is something strange happening, i had the idea when a user have a active session, some how the app didnt let the user go the the login page form. For example if im logged in to my app, and then go to login page, i expect that im redirect to the dashboard since i have a live session.
What is wrong?
My routes:
// Login and Dashboard route
Route::get('/', 'PagesController#getIndex');
Route::get('dashboard', 'MainController#getDashboard');
//Authentication Routes
Route::get('auth/login', 'Auth\AuthController#getLogin');
Route::post('auth/login', 'Auth\AuthController#postLogin');
Route::get('auth/logout', 'Auth\AuthController#getLogout');
My laravel version is 5.2
You can control the redirect after login in app/Http/Controller/Auth/AuthController.php by changing the $redirectTo string.
protected $redirectTo = 'dashboard';
You can control the redirect from /login when you have an active session in app/Http/Middleware/RedirectIfAuthenticated.php. If you want to show the login page with an active session you could comment return redirect('your/route');
I'm new to laravel framework and I used the laravel-5.2 out of the box user authentication feature for creating a user authentication system. It is working fine. But when I want my home page to be displayed not the login page as the root. That is I want to access the login via the home page not the login page first. How can I customize my routes.
Just make sure that your home page route is not protected by the auth middleware. The default auth scaffolding provided by Laravel generates the following "home" route:
Route::get('/home', 'HomeController#index');
Inside the HomeController, in the constructor, is the following statement:
public function __construct()
{
$this->middleware('auth');
}
This means that any route handled by this controller is subject to the auth middleware: if you're not logged in, you'll be redirected to the login page. So, if you don't want your "home" route to be protected by auth, you need to either remove the auth middleware from the HomeController, or create a new controller to handle your "home" route, one which does not use the auth middleware.