I am using steam auth. Once a user authenticates in steam, he is redirected back to my form where I ask him for his username(my and steam username rules differ) and email(steam does not provide it).
The problem is that if input is invalid he is redirected back(via laravel request) but at that point all GET parameters from steam are lost and he needs to visit steam login page again.
Controller method that decides whether to redirect to steam or show my login form
public function steamLogin()
{
if ($this->steam->validate()) {
$info = $this->steam->getUserInfo();
if (!is_null($info)) {
$user = User::where('steam', $info->getSteamID64())->first();
if (is_null($user)) {
if (!Cache::has('steam_' . $info->getSteamID64())) {
Cache::put('steam_' . $info->getSteamID64(), $info, Carbon::now()->addMinutes(5));
}
return view('auth.steam', ['info' => $info]);
}
Auth::login($user, true);
return redirect('/');
}
}
return $this->steam->redirect();
}
It is taken off an example here
Related
I have already configured with permissions the menu that starts and accesses the user, the problem is when I log in, it automatically redirects me to the home page, which is something I want that not all users have access to the home page, but for example a salesman who redirects him to the home page automatically exits.
I've read examples on the internet that create middleware but I don't know how they work, then if you have to invoke it in the paths.
The login I am using is the default one with Laravel
use AuthenticatesUsers;
protected function authenticated($request, $user){
if($user->hasRole('SuperAdmin')){
return redirect('/dashboard');
}
elseif($user->hasRole('Admin')){
return redirect('/dashboard');
}
elseif($user->hasRole('Management')){
return redirect('/managment_panel');
}
elseif($user->hasRole('FrontDesk')){
return redirect('/fdo_panel');
}
elseif($user->hasRole('DataEntry')){
return redirect('/data_panel');
}
elseif($user->hasRole('SalesMarketing')){
return redirect('/sales_panel');
}
elseif($user->hasRole('Accounts')){
return redirect('/accounts_panel');
}
elseif($user->hasRole('Dealer')){
return redirect('/dealer_panel');
}
elseif($user->hasRole('Member')){
return redirect('/user_panel');
}
else {
return redirect('/dashboard');
}
}
I am tired with Google login, when single Gmail account logged in browser everything fine, but when two or more Gmail account logged in browser then login successfully but redirect in the google account setting (url:https://myaccount.google.com), here is my controller code. I want to redirect to back page.
public function redirect()
{
return Socialite::driver('google')->redirect();
}
public function callback()
{
$googleUser = Socialite::driver('google')->user();
$existUser = User::where('email',$googleUser->email)->first();
if($existUser) {
Auth::loginUsingId($existUser->id);
}
else {
$user = new User;
$user->first_name = $googleUser->name;
$user->email = $googleUser->email;
$user->google_id = $googleUser->id;
$user->password = bcrypt(rand(1,10));
$user->save();
Auth::loginUsingId($user->id);
}
return back();
}
Redirect to this page, I want to redirect back page
This happens because of return back(); since your server is redirecting back to Google through the HTTP Referer header. This header is unreliable, please do not use it.
Instead, before login with google, save the current URL in the user session and after the login callback, redirect to that URL. In this way, you will be able to bring the user back to the original page.
I have created a few forms in laravel. I want to restrict access to one of them only to a specific user.
I want to create a user and password myself.
This is my routes excerpt. This is the route I want to protect from access
Route::get('/tabledata_id_title', 'KedivimController#appearanceiddata');
This is my controller excerpt:
public function appearanceiddata()
{
//$magic = DB::table('prog_title')->select('pr_id', 'pr_title')->get();
$magic = DB::table('prog_title')->select('pr_id', 'pr_title')-> where('pr_index', '=', 1)->get();
return view ('takealook', ['magical' => $magic]);
}
This is a short fix for your problem.
public function appearanceiddata()
{
if (!Auth::guard('web')->check()) //check if someone is logged in
{
//redirect to login page.
}
else {
/*Check if the logged in user is your desired user.
Maybe try matching the logged in id with your desired id.
If you find that a user is logged in but they are not your desired user
then you may redirect them in some other place or show them a message. */
}
//$magic = DB::table('prog_title')->select('pr_id', 'pr_title')->get();
$magic = DB::table('prog_title')->select('pr_id', 'pr_title')-> where('pr_index', '=', 1)->get();
return view ('takealook', ['magical' => $magic]);
}
However, this practice is ok if you have one or two restricted field. But if you have more than that then you should read about middleware.
Im a bit of a newbie when it comes to Laravel so i was hoping someone could help out.
Im using the standard authentication and login stuff that ships with Laravel so theres nothing fancy going on, but what i want to do is check in the DB to see if a few fields are completed ( name, address, postcode ) .... If they are, then the user gets redirected to the dashboard, but if they aren't, the user will get redirected to the profile page to fill out the rest of their information.
Im guessing i should put something in my routes.php file in the
Route::post('login', function
part, but how do i check for the fields?
Any help would be greatly appreciated.
Cheers,
Once you have authenticated the user using Auth::check you'll be able to grab the authenticated user with Auth::user.
if (Auth::attempt($credentials))
{
$user = Auth::user();
if ($user->email == '' || $user->address == '')
{
return Redirect::to('user/profile');
}
return Redirect::to('home');
}
You just need to check the fields you want on the user to make sure they are there. If they're not then redirect them to the profile page. If they are redirect them to the home page or somewhere else.
You can also do it this way
if (Auth::attempt(array('email'=>Input::get('email'), 'password'=>Input::get('password')))) {
return Redirect::to('users/dashboard');
} else {
return Redirect::to('users/profile');
}
You can use this code
if (Auth::guest())
{
//user is not authenticated or logged in;
return Redirect::to('login');
}else{
//user is authenticated and logged in;
return Redirect::to('profile');
}
I'm using AJAX in my web-app stuffs like search but if the user has been logged out, the ajax function return nothing because the redirection (from the action 'search' to the action 'login') has not been handled correctly.
Is it possible to redeclare the method 'redirect' in AppController to render the right action when a redirect hapend in an AJAX call ?
Thank you,
Sébastien
I think your best bet would be to setup you ajax to call to respond correctly to an invalid response. As it seems to be an important part of your app I would pass a 'loggedin' variable with every ajax request, so the client can tell as soon as the user has been logged out.
Update
In the case you want to keep a user logged in, you simply have to put the logged in/cookie check in something like your AppController::beforeFilter() that gets run with every request. for example:
public function beforeFilter() {
if($this->Auth->user() {
// USer is logged in, it's all gravy
} else {
// User is not logged in, try to log them in
$userData = $this->Cookie->read('User');
if(!empty($userData)) {
// Function that grabs info from cookie and logs in user
}
}
}
This way there will be no redirect as the user will be logged in as long as they have a cookie.
Another approach would be to allow everyone access to the Ajax function:
public function beforeFilter() {
$this->Auth->allow(array('my_ajax_method'));
}
And then check the user is authenticated in the method itself:
public function my_ajax_method() {
if (!$this->Auth->user()) {
//user not authenticated
$result = "requires auth";
}
else {
// use is authenticated
// do stuff
$result = 'result of stuff';
}
$this->set(compact('result'));
}
You will need to check the result of the ajax call in your javascript and act accordingly.