This is my auth.php file
return [
'defaults' => [
'guard' => 'salon_emp',
// 'passwords' => 'users',
],
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'salon_emp' => [
'driver' => 'jwt',
'provider' => 'salon_emp'
],
'app' => [
'driver' => 'session',
'provider' => 'client'
]
],
'providers' => [
'salon_emp' => [
'driver' => 'eloquent',
'model' => SalonEmployee::class,
],
'client' => [
'driver' => 'eloquent',
'model' => Client::class
]
],
This is my login function in my LoginController
public function login(LoginRequest $request)
{
if (auth('app')->attempt($request->validated())) {
auth('app')->user()->tokens()->delete();
return apiResponse([
'message' => 'Login successful!',
'token' => auth('app')->user()->createToken(auth('app')->user()->name)->plainTextToken
]);
} else {
return apiResponse([
'message' => 'Login not successful!',
], Response::HTTP_UNAUTHORIZED);
}
}
I am also using sanctum for authentication
in my routes file i am using the auth:sanctum middleware to secure my routs, for example:
Route::get('/test',function ()
{
dd('ss');
})->middleware('auth:sanctum');
how ever i get this error whenever i try to access it
Argument 2 passed to Illuminate\\Auth\\SessionGuard::__construct() must implement interface Illuminate\\Contracts\\Auth\\UserProvider, null given, called in \vendor\\laravel\\framework\\src\\Illuminate\\Auth\\AuthManager.php on line 128",
i have tried changing providers and drivers but no luck
I added this line to sanctum.php
'guard' => 'app'
and it worked fine
I'm testing with laravel sanctum but here some issues..
I'm creating Admin guard.
When I change the middleware to auth:sanctum_admin.. it should be only can access by admin but here I can access with normal user account with web guard. I don't know why?...I used passport with multiauth package.it's fine. but here in sanctum can't be separate User Table and Admin.
You can, also use multiple guards in sanctum. To achieve this, follow these steps -
Create your own guard as required. (In config/auth.php)
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
]
],
Set providers. (In config/auth.php)
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Admin::class,
],
],
Use this guard when you authenticate a user. (In route file)
if(auth()->guard('admin')->attempt($request->only('email','password')))
{
return auth()->guard('admin')->user();
}
#Abhishek Mitra
and for authorizatioin using Laravel Sanctum in case of Multiple Auth Guard, we can use middleware as such
Route::middleware(['auth:guard_name'])->get('/user', function(){
return auth()->guard('guard_name')->user();
}
config/auth.php
driver is sanctum
'guards' => [
'users' => [
'driver' => 'sanctum',
'provider' => 'users',
],
'partners' => [
'driver' => 'sanctum',
'provider' => 'partners',
],
'admins' => [
'driver' => 'sanctum',
'provider' => 'admins',
],
],
provider:
providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
'partners' => [
'driver' => 'eloquent',
'model' => App\Models\Partner::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Models\Admin::class,
],
],
model:
must be add Authenticatable
<?php
namespace App\Models;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
class Admin extends Authenticatable
{
use HasFactory, Notifiable;
/**
* The attributes that are mass assignable.
*
* #var array
*/
protected $fillable = [
'name',
'email',
'password',
];
/**
* The attributes that should be hidden for arrays.
*
* #var array
*/
protected $hidden = [
'password',
'remember_token',
];
/**
* The attributes that should be cast to native types.
*
* #var array
*/
protected $casts = [
'email_verified_at' => 'datetime',
];
}
Middleware:
Route::middleware(['auth:admin'])->get('/user', function(){
}
Guard:
auth()->guard('admin')->user();
Unauthenticated user message:
In app/Exceptions/Handler.php
use Illuminate\Auth\AuthenticationException;
function:
protected function unauthenticated($request, AuthenticationException $exception)
{
return response()->json(['message' => 'Unauthenticated.'], 401);
}
or
custom guard and custom redirect
public function render($request, Exception $exception)
{
$class = get_class($exception);
switch($class) {
case 'Illuminate\Auth\AuthenticationException':
$guard = array_get($exception->guards(), 0);
switch ($guard) {
case 'admin':
$login = 'admin.login';
break;
default:
$login = 'login';
break;
}
return redirect()->route($login);
}
return parent::render($request, $exception);
}
you must add your custom guard in config/auth.php.
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'custom-guard' => [
'driver' => 'session',
'provider' => 'custom-provider',
]
],
be careful, the driver in custom guard must be session.
and set provider as:
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'custom-provider' => [
'driver' => 'eloquent',
'model' => App\CustomProvider::class,
],
],
the App\CustomProvider::class must be the model.
after that can easily use the guard in auth.
auth('custom-guard')->user()
I also face the same issue and solved it by following -
In auth.php add an extra Guard - front
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'front' => [
'driver' => 'session',
'provider' => 'members',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => Vanguard\User::class,
],
'members' => [
'driver' => 'eloquent',
'model' => Vanguard\Member::class,
],
],
Log in as a Default User or Member
/** Default Guard**/
if (Auth::attempt(['username' => $credentials['username'], 'password' => $credentials['password']], $request->get('remember'))) {
}
/** Front Guard **/
if (Auth::guard('front')->attempt(['username' => $credentials['username'], 'password' => $credentials['password']], $request->get('remember'))) {
}
Finally add the Guard in sanctum.php
'guard' => ['front','web']
In config/auth.php:
'guards' => [
...
'api' => [
'driver' => 'sanctum',
'provider' => 'users',
],
],
(Tested in Laravel 9.x)
Defining API sanctum guards using the sanctum driver
'guards' => [
// Web Guards
'web' => [
'driver' => 'session',
'provider' => 'users',
],
//API Sanctum Guards
'admin-api' => [
'driver' => 'sanctum',
'provider' => 'admins',
],
'vendor-api' => [
'driver' => 'sanctum',
'provider' => 'vendors',
],
],
Defining Providers
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Models\Admin::class,
],
'vendors' => [
'driver' => 'eloquent',
'model' => App\Models\Vendor::class,
],
],
Generating Token
$user = Admin::where('email', $request->email)->first();
$token = $user->createToken(uniqid());
return ['token' => $token->plainTextToken];
$user = Vendor::where('email', $request->email)->first();
$token = $user->createToken(uniqid());
return ['token' => $token->plainTextToken];
Protecting Routes using sanctum guard
Route::middleware('auth:admin-api')->get('/admin', function (Request $request) {
return $request->user();
});
Route::middleware('auth:vendor-api')->get('/vendor', function (Request $request) {
return $request->user();
});
I think the default guard should be like this:
'defaults'{
'guard' : "sanctum_admin",
'passwords': 'admins',
}
Or
'defaults'{
'guard' : 'web',
'passwords' : 'users',
}
I have set the guard as admin like return Auth::guard('admin'). it can get data from the table 'admins' but after attempt Auth::user() return null
LoginController
===============
public function backendLogin(Request $request)
{
$this->validateLogin($request);
if ($this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request);
return $this->sendLockoutResponse($request);
}
if ($this->attemptLogin($request)) {
return $this->sendLoginResponse($request);
}
$this->incrementLoginAttempts($request);
return $this->sendFailedLoginResponse($request);
}
protected function guard()
{
return Auth::guard('admin');
}
config/auth.php
===============
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Admin::class,
],
],
I have tried many type of
auth()->guard('admin')->attempt($credentials);
Auth::guard('admin')->attempt($credentials);
but still cannot login.
For getting logged in you should use
auth('admin')->attempt($credentials))
After login you can get authenticated user's info like this for admin guard
Auth::guard('admin')->user()
I'm trying to make authentication using guard in Laravel 5.8. Authentication is passed but somehow it's not logging in the user.
public function login(Request $request)
{
$email = $request->email;
$password = $request->password;
$credentials = $request->only('email','password');
if (Auth::guard('owner')->attempt($credentials,$request->remember)){
//echo "Authentication is passed";
return redirect()->intended('/owner/dashboard');
}
return redirect('/owner')->with('error','Login failed.');
}
When redirected to route /owner/dashboard which is filtered with $this->middleware('owner'), the user will be redirected to login form and get notification that login failed. Is Auth::guard('owner')->attempt($credentials) only authenticating without logging in user?
in config/auth.php add this
add new guard and the provider for this guard
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'owner' => [
'driver' => 'session',
'provider' => 'owner',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
],
],
```
```
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'owner' => [
'driver' => 'eloquent',
'model' => App\Owner::class,
],
],
```
```
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
],
'owner' => [
'provider' => 'owner',
'table' => 'password_resets',
'expire' => 60,
],
],
```
Follow this article
https://medium.com/#sagarmaheshwary31/laravel-multiple-guards-authentication-setup-and-login-2761564da986
i want to prevent the login after register in Laravel 5.5, I already did this by commenting a line:
public function register(Request $request)
{
$this->validator($request->all())->validate();
event(new Registered($user = $this->create($request->all())));
// $this->guard()->login($user);
return $this->registered($request, $user)
?: redirect($this->redirectPath());
}
i override it in RegisterController.php
i got this error:
Call to undefined method Illuminate\Auth\AuthenticationException::guard()
$guard = array_get($exception->guard(),0);
switch ($guard) {
case 'admin':
return redirect()->guest(route('admin.login'));
break;
default:
return redirect()->guest(route('login'));
break;
}
Here is the content of my config/auth:
<?php
return [
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Admin::class,
],
],
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
],
'admins' => [
'provider' => 'admins',
'table' => 'password_resets',
'expire' => 60,
],
],
];
i have enabled multi-auth system which is i have an admin login and a user login, what i wan't is to disable the login after register in my user page.
To check guard in the exception can do something like this:
return redirect(route(auth()->guard('admin')->check() ? 'admin.login' : 'login'));
Also, use auth() helper or Auth:: facade in the RegisterController#register if you're trying to override the method:
auth()->guard('admin')->login($user);