I'm new to laravel framework and I used the laravel-5.2 out of the box user authentication feature for creating a user authentication system. It is working fine. But when I want my home page to be displayed not the login page as the root. That is I want to access the login via the home page not the login page first. How can I customize my routes.
Just make sure that your home page route is not protected by the auth middleware. The default auth scaffolding provided by Laravel generates the following "home" route:
Route::get('/home', 'HomeController#index');
Inside the HomeController, in the constructor, is the following statement:
public function __construct()
{
$this->middleware('auth');
}
This means that any route handled by this controller is subject to the auth middleware: if you're not logged in, you'll be redirected to the login page. So, if you don't want your "home" route to be protected by auth, you need to either remove the auth middleware from the HomeController, or create a new controller to handle your "home" route, one which does not use the auth middleware.
Related
I want to implement user authentication (require login to visit any page) for a Laravel project (Laravel 7.x/8.x) that is currently open to any visitor without login. With Auth::routes() in web.php, every thing works as expected with respect to login process if a user accesses or is redirected to the login page.
Now I'm wondering if there's a straight forward and simple mechanism that will redirect a user to the login page if the user is not logged in when accessing any page of the project without having to modify the controller or view of each page. Specifically what I'm looking for is something that I can set in a config file, e.g. config/auth.php, say, 'force_login' => true/false, so if 'force_login' is set to true, the system would automatically check whether or not a user is logged in when the user access any page and redirect to the login page if the user is not logged in, and if 'force_login' is set to false, the system would bypass the authentication process all together. Such kind of mechanism may already exist, but I found no mention of it when I searched around online. I appreciate any suggestions/hints. Thanks.
Yes, youu need to use the auth middleware on all the routes that you want to forced be logged, or tou could only group them in one.
// Auth is required to acces these routes
Route::middleware(['auth'])->group(function () {
Route::get('/home', 'HomeController#index');
Route::get('any_route', 'AnyController#index');
...
});
// Auth is not required
Route::get('/', function () {
return view('welcome');
});
This is my first laravel project. I am making a website with login user.I question is when i enter my url then open always home page.If user logged in then it show name in navbar and for guest always show as a guest.I don't want to change url for both case....Even when a guest after login it goes to same url but then that user show as a auth user. Please help me How can I do that. I take concept from ecommerce website.
Route::group(['middleware' => 'web'], function () {
Route::get('/', 'WebController#loadPage');
Route::get('/signin', 'WebController#login');
});
this is my route.I already change navbar using #auth and #guest.But how to check at first that the user r auth or not without changing url.
You can use middleware for authenticated routes.
if you using default auth of laravel then simply set route middleware for your authenticated routes like below
Route::group(['middleware' => 'auth'],function (){
//Your Protected routes goes here
});
or if you want to redirect your user to some custom route after login then simple you can edit this in LoginCOntroller inside Controller/Auth and set varibale protected $redirectTo = '/YourRedirectionPath';
I suggest you read the documentation it is well documented Authentication documentation
I am having a problem with Laravel 5.7 Email verification.
After using Laravel's email verification it is forcing me to the login page if I'm not logged in.
Here is what we need:
We enable the code for the email verification of users. So when someone signup we want to verify the user email. We want the user to signup on the website, the user is asked to verify the email address and they can't do anything further until verified - which is ok for me.
Our trouble is, if a new user comes (Not registered) to our website, our website will force all that user to the login page as well .
A normal user who is not signed up is also getting to login page and force to verify or log in.
While we want the only user who signed up needs to verify. Which is working.
All the normal users who are not subscribed can use site easy. Where currently they are going to login page
What I've done so far
Added the following code
class User extends Authenticatable implements MustVerifyEmail
Auth::routes(['verify' => true]);
Route::get('profile', function () { })->middleware('verified');
After Verifying Emails
protected $redirectTo = '/dashboard';
It is working fine but,
What I need is that I don't want to force users to verify email because this is blocking the user from accessing the home page of my website.
The problem is you need to specify what pages will use auth middleware. To exclude your welcome view.
In your controller file.
public function __construct()
{
$this->middleware('auth')->except('welcome');
}
public function home(){
return view('welcome');
}
Im using 'welcome' view, because I believe that you do not change the code of default Laravel installation, you must be careful, since the view 'home' is the default page that laravel shows after you logged in. If you remove the authentication layer of that page, any user can access your system. You must change the code of this page or create another view.
In your web.php file
Route::get('/', 'HomeController#home');
Laravel Docs - Controller Middleware
try to add except method and check for url home
public function __construct()
{
$this->middleware(['auth', 'verified'])->except('home');
}
I'm trying to understand how an authentication request is handled by laravel in order to be able to write my own authentication method that allows me to check data from multiple tables before authenticating (basically there are some columns that I need to check to understand if a user is able to login).
I'm actually quietly confused about the relation between guards, middleware, provider and driver.
Can someone please explain me the lifecycle of a login request?
Thank you
EDIT: i'm working with laravel 5.7, standard Auth scaffolding that is available using make:auth
To make a custom authentication follow this steps
1.go to routes/web.php and make a get route to handle login view and post login route to handle login logic
Route::get('login','LoginController#show')
Route::post('login','LoginController#login')
2. Make a controller called LoginController
php artisan make:controller LoginController
4.inside LoginController make a function called login to handle login logic like this
public function login(){
$input = $this->validate(request(),['username'=>'required','password'=>'required']);
$model = CustomUsersModel::where('username',$input['username'])
->where('password',bcrypt($input['password']))->first();
if($model){
//user exist and valid login information
auth()->login($model);//login user via model
//now user loggedin
}
//handle wrong login information
}
I am using Multiple Authentication in laravel 5.4. Here I have two controller for login. One is for normal user and other is for admin. Both controller is restricted by guest middleware. Because of using this guest controller is if a person is logged in as admin or user he must not to get any log in page. But this guest middleware only work when I log in using UserController. I mean if I log in using user controller then try to go to the log in page or admin page it redirect me to user dashboard page. That is ok. But when I log in using AdminLoginController then try to log in as user or log in again as admin it allow me to log in again.
I have used this construct function in both controller.
public function __construct()
{
$this->middleware('guest');
}
Help me please.
this question can't solved my problem. Because I have downloaded code from that solution and I still got this error. That logged in admin can visit user log in form. This error also have in this answer.
Restrict them with the auth middleware:
public function __construct()
{
$this->middleware('auth');
}
https://laravel.com/docs/5.5/authentication#protecting-routes