I have two seprate table for authentication. Following middleware pointing to different table:
$this->middleware('auth:admin'); // - admins
$this->middleware('auth'); // - user
The solution i need :
I want authentication must be done with two diffrent table through only
"$this->middleware('auth')" middleware
Through middleware "$this->middleware('auth')" I want to login both
admin and user. Currently admin and user login from diffrent
middleware I have shown above.
For this, in which file and where I need to change in my project folder?
If you want to have both "guards" be checked you can just pass multiple guards to the auth middleware.
$this->middleware('auth:web,admin');
This will spin through the guards passed and if any of them produce a user it will set that guard as the default moving forward.
Related
I'm working on my first Laravel project and have implemented 2FA according to this tutorial but unfortunately, the 2FA mechanism created is attached only to HomeController.
So if a user tries to access www.thingy.com/something from an unauthenticated state, they enter email and password as usual and then get directly to /something without the 2FA prompt appearing.
My first thought was adding the middleware bit to every __construct() function in each of my resource controllers, but they don't already have a __construct() function (can I add one anyway?) and even if that worked, it doesn't seem like the right way of doing it.
I also considered adding it to Controller itself since that's what every other controller is based on, but of course I wouldn't want 2FA required for non-authenticated views too (just register, login etc really because the site requires a login to use).
What's the correct way of doing this?
You can add the middleware to a group of routes in your routes/web.php file.
Route::middleware('2fa')->group(function () {
// All routes here will go through the "2fa" middleware
});
I want to authenticate normal users (users-table) with login form and laravel auth.
Additionally I want to authenticate students (students-table) with API-request like:
mylaravelsite.com/?studentkey=XXXXXXXXXXXXXXXXXX&studentname=YYYYY
How can I do this? I think with a middleware?
How can I use the Auth class to check if the logged in person is user or student or guest?
I like to build applications in the following way:
A route having a single purpose, meaning, one route is for authenticating users and another route is for authenticating students
Validating data on the middleware before performing ANY operation
Now to your question:
If you really need, you can create different routes linked to the same authentication method, and create a middleware to each where you 'manipulate' run-type which class the Auth is going to be used
auth()->getProvider()->setModel(App\Student::class);
There are other ways to do this, depending on the way you wish to authenticate. If you want a more detailed explanation, give us a scenario to work on:
How the user authenticates vs how the student authenticates
What is going to differ from these 2 authentications and how its handled
Note: You're authenticating users with a HTTP request to a certain route, which is the same as your example link, except that you're giving an HTTPGET example and default is POST on authentication
I want to have the same route within the auth:api middleware, and also out of it.
Right now, if I include it in both, only the one out of the auth:api is taken into consideration, even if the user is logged in.
Is there a way that if the user is logged in it goes to auth:api and if not it goes out of any middleware?
The reason to do this is that if the user is logged in, I want to access user information, and for that it needs to go through the auth:api.
As long as you're including the token in the request, you will be able to get access to the current User.
Out-of-the-box, Laravel will set the default guard to be web. When you place routes under the auth middleware it will set the default guard to be whatever is passed to the middleware i.e. when you have auth:api it will set the default guard to be api for that request.
If you want to be able to access the User without it being under the auth:api middleware, you will simply need to be explicit with what guard should be used e.g.
auth('api')->user(); // or Auth::guard('api')->user();
The same applies for check():
auth('api')->check(); // or Auth::guard('api')->check();
or if you're using the Request object:
$request->user('api'); // or request()->user('api');
It 's not possible to have multiple same routes in your application and work independently. Laravel will match the first one that it find in your routes map.
Create one route and check for authentication in your controller.
if (Auth::check()) {
// The user is logged in...
}
Is it possible to protect one!! laravel route with htaccess password?
I have a migrator route and that one should be accessed with a htaccess password
You can try Laravel HTTP Basic Authentication to protect a route in a simple way:
Route::get('your-route', function () {
// Only authenticated users may enter...
})->middleware('auth.basic');
Please note that, by default, this technique uses email and password stored in 'users' table to give access to an user.
Is it possible to modify the Laravel App Authentication? like I want to show different forms per different login route, like If I have 2 different login routes for admin and user.
Admin login route, can access the admin dashboard
/app/system/login
User login route, can access only the user page
/app/system/user/login
I tried to do
php artisan route:list
and I see this
LoginController#login
LoginController#showLoginForm
but I don't know where to find them to modify those for my requirements. Any help, ideas please?
You can edit Auth Controller is in Http/Controllers/Auth/AuthController.php, functions get import from file Illuminate/Foundation/Auth/AuthenticatesUsers.php.
Read to documentation how create other auth.