Laravel Auth - Not set the Auth::user yet - laravel

I manage to update a secret_key column after the laravel login using Auth. However, what I want is to not set the Auth::user yet because I want to verify the user first by adding a verification that I send via email. The problem is that after I login the Auth::user already have a value and the other URLs are already accessible. Can anyone help me?
Cheers!

Related

How to login a user at backend without CSRF in Laravel?

I'm trying to make a user logged in at back-end who is already a user of another website of mine. For now I'm able to fetch the user's data from previous website's database using an API and make user registration during the login process. Same time I want this user to be logged in when data is just inserted because now user is existing. I tried to reuse same method $this->processLogin(); but this method takes request function processLogin(Request $request) I can't feel passing email & pass to utilize this same method. I have tried guzzle self request with 3 parms 'email, password, _token' using POST request which didn't work. I don't want to exclude this route as well because it is being used for normal login. How can i make this user logged in right after inserting the required data? Please advise. Thanks in advance.
// if $id is your user that you want to login, then:
auth()->loginUsingId($id);

Retrieving session in another domain using nuxtjs and laravel sanctum

Good morning!
Here is the problem i'm facing: (i'm using NuxtJs and Laravel Sanctum)
I have a domain : 'testingdomain.com'
And with this main domain i have subdomains such as :
myfirstdomain.testingdomain.com
myotherdomain.testingdomain.com
connexion.testingdomain.com
my application work this way: i have the connexion.testingdomain.com that help my users getting redirected to the corresponding url for example:
A user 'john.doe#gmail.com' is registered in a company that use the url 'myotherdomain.testingdomain.com' so whenever he write his mail in the input displayed in connexion.testingdomain.com, he will be redirect to the corresponding url which for this example is -> 'myotherdomain.testingdomain.com'.
However if the user is logged in 'myotherdomain.testingdomain.com' and re-enter the 'connexion.testingdomain.com' i would like him to be redirected to the subdomain where he is authentified but i do not know how to achieve this because i can't access the $auth state from the 'myotherdomain.testingdomain.com' (he is logged so this.$auth.loggedIn is true) in 'connexion.testingdomain.com' (this.$auth.loggedIn is set to false)
Has anyone faced a similar problem and could help me ?
Thanks

Laravel: Login form "Remember Me" functionality not working

One of my website is developed in Laravel, it was working fine before. What does is I want to move website from beta.example.com to example.com so I have pointed to beta with original domain name(example.com).
The Website is working fine but all remember me functionality is not working. Now Users have to enter the password and also if they check the check box (remember me) still it does not store the password in cookies or session.
Please help me.
Thank you
You have two options:
1) Add remember_token column in your users table - this is where the token will be stored.
2) Pass true as a second parameter of Auth::attempt() to enable remember me behaviour.
If you do this, Laravel will generate a token that will be saved in users table and in a cookie.
On subsequent requests, even if session cookie is not available, user will be authenticated automatically as long as remember-me cookie is there.

How to verify if the password reset token exists in table and display a message if not

Got laravel's password reset setuped correctly and working, now whats left is how to verify if the reset token exists in the password_resets table and proceed if valid. At the moment if I type in my url example.com/password/reset/somestuff it redirects me to the page where it asks for email and password, so there's no security :)
Thanks and I hope you understood my question.
You can use the laravel query builder to make this check. For example:
if(DB::table('table_name')
->where('user', $user)
->whereNotNull('token')
->exists()){
do something
}
https://laravel.com/docs/5.6/queries

Laravel passport returning same user details though different users logged in

I am using Laravel passport for API authentication using password grant type.
Api is running at : localhost:80 ( laravel 5.4)
UI is running at: localhost: 8080 (using axios & vuejs)
I have 4 users in my system. so based on who logged-in, i need to return logged-in user abilities
I am able to generate access_token using email & password
but Auth::user() is always returning 1st user though i logged-in with other users???
Any help please?
Sorry the problem was incorrect role was assigned to all users, that was the problem.

Resources