How to access AuthController? - laravel

As I need to apply custom login to AuthController ( adding a public method that will be called to alter the protected $redirectTo )
I can alter the access scope for $redirectTo, however, I don't want to break the framework.
So, how can I access AuthController ? isn't it singletone class?

if you are not using Laravel default AuthController then In routes you can tell/specify about the custom controller for your login/logout and register. here is the example
Route::get('/user/login', ['as'=>'user-login','uses'=>'Login\LoginController#getLogin']);
Route::post('/user/login', 'Login\LoginController#postLogin');
Route::get('/user/logout', ['as'=>'user-logout', 'uses'=>'Login\LoginController#getLogout']);
// Registration routes...
Route::get('/user/register', 'Login\LoginController#getRegister');
Route::post('/user/register', 'Login\LoginController#postRegister');
Note
Login\LoginController, 1st Login is Login directory same as Auth directory while 2nd one is controller same is AuthController

Related

Customize Laravel auth Login

I need to customize the Login native code of the Laravel Authentication. I started by overrode some methods on LoginController such us credentials and validateLogin adding a field.
But I need to add some other checks, such us the possibility to join with an other table and other code, before to login the user but I didn't find solutions on internet.
I found some infos about the possibility to override the attemptLogin method or create a guard, but I didn't understand how do this.
In you LoginController you can just override the attemptLogin() any other method in AuthenticatesUsers trait depending on where your custom logic will make sense:
class LoginController extends Controller
{
use AuthenticatesUsers;
protected function attemptLogin(Request $request)
{
// add your logic here
}
}

Laravel sanctum custom model

I'm using Laravel sanctum to authenticate my API, and I wanted to customize personal access token model so I did the following:
I created new model named PersonalAccessToken in App namespace.
I override model used in sanctum to be my new model by adding this line to my AppServiceProvider boot() method.
Sanctum::usePersonalAccessTokenModel(PersonalAccessToken::class);
but when I create a token it works fine and insert it into DB but this line throw exception
return new NewAccessToken($token, $token->id.'|'.$plainTextToken);
and that's because it's type hinted to be an instance of Laravel\Sanctum\PersonalAccessToken
how can I fix that
If you are not extending the default PersonalAccessToken that maybe your issue.
Instead of extending Model extend use Laravel\Sanctum\PersonalAccessToken
use Laravel\Sanctum\PersonalAccessToken as Model;
class CustomPersonalAccessToken extends Model
{
// Add you customisation here
}

Laravel 5 Unable to access currently logged in user id from custom helper

In AppServiceProvider, I called a function from a custom helper as follows:
public function boot()
{
View::share('tree', customhelper::generateSiteTree(0));
}
The custom helper file is calling the database function as below:
$children = UserPermission::getLeftNavByUserId($startAt);
In the custom helper function, I want to pass the current logged in user ID however, dd(Auth::user()) is returning null.
How can I pass the Auth::user()->id with the method
getLeftNavByUserId($startAt, Auth::user()->id);
The variable (or Facade) isn't available yet. One way to solve this is by using a view composer.
View::composer('my.view.with.children', function(View $view){
$view->with('children', UserPermission::getLeftNavByUserId($startAt, Auth::id()));
});
Ofcourse you need to add a check if the user is logged in or not etc.
Custom helper function will be initialized in application instance before the Auth middleware therfore it will always be null, if you want to use the auth user bind it from middlware instead.

Checking for Roles & Permissions in zizaco/entrust laravel package

I'm using zizaco/entrust package in my laravel project beside multi Auth package name Hesto/multi-auth
Our project on laravel 5.4,
i get below error when i want to get current logged in users' role and permissions with this method:
Entrust::hasRole('role-name'); OR Auth::user()->hasRole('role-name');
But I can access users' Role with this method for example :
$user = User::find($userid);
dd($user->hasRole('admin')); // Return true
i followed exactly installation instruction but i get below error :
`Non-static method Zizaco\Entrust\Entrust::hasRole() should not be called statically`
How can i solve my problem,
Thanks in advance
In this error message you have answer to your problem:
Non-static method Zizaco\Entrust\Entrust::hasRole() should not be called statically
You called this method hasRole() statically, but this method is non static. It means that you need to create object of this class, but you instead that used a class.
In the example that you gave:
$user = User::find($userid);
dd($user->hasRole('admin')); // Return true
you create an object of class User, and class User (I think) implements class Entrust:
$user = User::find($userid);
$user is an object and it`s not static, you can use hasRole().
In other words, to use method hasRole() (literally - is someone has a role?) you need this someone:
$user->hasRole('admin') // Is this user has role `admin`?
Hope, I explained it. Sorry about my English (I'm just studying).
In your User.php file add EntrustUserTrait like
<?php
namespace App;
//...
use Zizaco\Entrust\Traits\EntrustUserTrait;
class User extends Authenticatable
{
use Notifiable, EntrustUserTrait;
//...

Laravel get Auth variable for both - api token and session based authentication

I am using laravel 5.2.
Recently, I've updated Auth module to have session based authentication for web and api_token based authentication for external api calls.
Now, I am finding error in using Auth::id() and Auth::user() where I've used api_token based authentication. So that I am forced to use Auth::guard('api')->id() and Auth::guard('api')->user() methods instead.
Now, my question is, is there any common method that I can use for both irrespective of api_token based authentication or session based? What about auth()->user() and auth()->id()?
What if am I using the any method for both of the authentication? For example, methodA() is used within api_token based authentication as well as in session based too, how can I handle that case if I required to use Auth variable?
I think that controllers, that handle regular requests (through session-based authentication), should be separate from api controllers (token-based authentication). So, each controller would have responsibility over a single part of the functionality. Also, changes in api controller will not have side effect in session controller. Therefore, you can specify auth guard explicitly in each controller. Laravel requires specifying guard explicitly, otherwise default guard will be used. There is no way to make intelligent guess about what guard to use natively. Of course, you can make something like this:
public function action(Request $request)
{
$guard = $request->has('api_token') ? 'api' : 'session';
$authUser = Auth::guard($guard)->user();
//your code next
}
If you will go with separate controllers you can generalize common functionality into parent abstract controller. Note, in example below ChildControllers differs only by namespace.
Parent:
<?php
namespace App\Http\Controllers\Api
use App\Http\Controllers\Controller;
abstract class ParentController extends Controller
{
public function action(Request $request)
{
$authUser = Auth::guard($this->guard)->user();
//your code...
}
}
API controller:
<?php
namespace App\Http\Controllers\Api
use App\Http\Controllers\ParentController
class ChildController extends ParentController
{
protected $guard = 'api';
//your code...
}
Session Controller:
<?php
namespace App\Http\Controllers\Session
use App\Http\Controllers\ParentController
class ChildController extends ParentController
{
protected $guard = 'session';
//your code...
}

Resources