I am using Laravel 5.7. For security reasons, I set my laravel application to automatically logout after one hour inactivity. But I want the user log back in the same page before they got kicked out by the system. I try to use Session, but it only store previous url which is the login page url. How can I retrieve that URL before user got automatically logout?
All you need to do is put this in your logout function.
session(['returnUrl' => url()->previous()]);
And then on login function, redirect user to session('returnUrl') and delete session data with session()->forget('returnUrl')
Use this in your login controller
url()->previous()
Related
I have tried to use Auth::check() to authenticate if the user is logged in, it works but it still works even when the session has expired which I did not expect it to work.
Please how can i check if the session has expired inside the view file and redirect to login page. It is making some session based items to produce error in my page.
I prefer running the check in the view to execute the redirect command
Thanks
I am new to Laravel. I am using Laravel's auth controllers for login/register on my website. After login/register, it will redirect to a dashboard. This is fine.
The problem is when the user (not logged in) submits a particular form. The form submission will take the user to a protected page. The auth system will intercept this (if not logged in) and ask for the user to login and the user can sign in. But after the sign in it won't get redirected to the actual destination. Instead, it goes back to the previous page. I tried the redirectto->intended() way in the middleware. It still does not work.
Found the solution. Use HTTP session. I am not sure if this is the best method.
POST the form to a route which doesn't need authentication
Validate and store the form data in the session using the controller
Redirect to the protected route where the auth will intercept and ask the user to login
After successful login, redirect to the original destination page using return redirect()->intended('defaultPage');
Access the form data from session inside the blade view
I am not storing any sensitive data in session. I have no idea how secure this method is.
If you have any suggestions please post.
I'm using a custom SocialLoginController to log my users with facebook or google in al Laravel 5.3 project
In some cases I send to users an email with info about one change and the URL to the resource, for example https://myweb.com/settings/profile/[the-uuid]
when the user tries to access but is not logged in, he's redirected to the Handler#render() where I send it to login with return redirect()->guest('/login'); and after login with social account I redirect them using return redirect()->intended('/home') but since I don't use the LoginController, the redirection to the requested URL is not working.
Any idea? Thanks
The problem is the request object is lost after redirect the user to login with facebook or google, so I fixed by saving the requested URI in a session variable and then checking if exists after redirect
return Session::get('intended') ? redirect()->to(\Session::get('intended')) : redirect()->to('/expenses');
Maybe this could help someone
I am using sentry to authenticate users in laravel 5.3. When the user clicks auth protected route is redirect to the login form. After login, the user is redirected to home page.
How can I configure sentry in manner that the authenticated user is not redirected back to home page but instead to the original destination before login. Kindly assist I seem not to figure it out.
You can use a function called intended
return redirect()->intended('dashboard');
The intended method on the redirector will redirect the user to the URL they were attempting to access before being intercepted by the authentication middleware. A fallback URI may be given to this method in case the intended destination is not available.
https://laravel.com/docs/5.3/authentication#authenticating-users
Maybe this may help you --
You can try giving the url something like this localhost:8000/something?url=anythingelse so that after login change the redirect path to $_GET['url'].
Use a form rather than link to go to login page. Try this --
<form method="GET" url="{{ url('/some') }}?{{ Request::path() }}" id="login"></form>
Login
I'm using laravel Auth. When I login into my website all works great. When I try to refresh or go to another page (still using Auth middleware) my session is expired, I'm directly logged-out and I must login again. How can I fix this so I remain logged in when refreshing the page or browsing to another?