Laravel 5 - Manually logging in a user without password - laravel

I want to login users after authenticating them using OAuth and Google account without entering any password.
I know Auth::login functon can do such action but I don't know how to get the user instance while they haven't been authenticated yet.
Is there a way to do that?

You can 'manually' log a user in in two diefferent ways:
// log user in by ID
Auth::loginUsingId([id of user]);
Or
$user = User::find([id here]);
// or maybe
$user = User::whereUsername([username here])->first();
// and then
Auth::login($user);
See the documentation for authentication.

Related

How to display the session 'username' value of the logged-in User using the 'codeigniter4/shield' framework for CodeIgniter 4

I'm new to CodeIgniter and I installed the codeigniter4/shield authentication and authorization framework for CodeIgniter 4.
I need the session data of the logged-in User such as username, and email.
How can I get it?
What I've tried so far.
$item = $session->get('item');
$name = $_SESSION['name'];
Solution:
Get logged-in username:
auth()->user()->username;
Get logged-in User email:
auth()->user()->getEmail();
Get the 'date & time' when the logged-in User account was created:
auth()->user()->created_at->toDateTimeString();
Get all logged-in User data.
auth()->user()->toRawArray();
Reference:
Auth Helper
The auth functionality is designed to be used with the auth_helper
that comes with Shield. This helper method provides the auth()
command which returns a convenient interface to the most frequently
used functionality within the auth libraries. This must be loaded
before it can be used.
// get the current user
auth()->user();
// get the current user's id
auth()->id();
// or
user_id();

How to login a user at backend without CSRF in Laravel?

I'm trying to make a user logged in at back-end who is already a user of another website of mine. For now I'm able to fetch the user's data from previous website's database using an API and make user registration during the login process. Same time I want this user to be logged in when data is just inserted because now user is existing. I tried to reuse same method $this->processLogin(); but this method takes request function processLogin(Request $request) I can't feel passing email & pass to utilize this same method. I have tried guzzle self request with 3 parms 'email, password, _token' using POST request which didn't work. I don't want to exclude this route as well because it is being used for normal login. How can i make this user logged in right after inserting the required data? Please advise. Thanks in advance.
// if $id is your user that you want to login, then:
auth()->loginUsingId($id);

Laravel API login with username and token

I am developing a laravel API(MyAPI) with the 5.1 version.I am connecting to this API from a widget which hosted in another website.it has a separate API(hostAPI). I need to authenticate user when widget loaded.
following are my requirement.
" When the widget loads it will attempt to authenticate. It will send a request to the MyAPI with
{
username: username,
token: token
}
MyAPI will POST this information on to the hostAPI. This will return either success or a 401.
On sucess, we log the user in. We may need to create an account if an user with that name does not exist"
how can i auth a user with only username and a token key
Is not a good practice to login user by user interface.
But it is an option and maybe in your case you can use that.
So you know only the username, and token.
I think you can query the database based on you username and token . find the user and login the selected one :)
Example:
$user=User::where('username',$username)->where('token',$token)->first();
Auth::login($user);
return Auth::user();
In case you want to create the user if it does not exist:
$user=User::where('username',$username)->where('token',$token)->firstOrCreate(['username' => $username,'token'=>$token]);

Laravel 5 reset password for a logged in user

I want to use laravel's reset password functionality to reset password for a logged in user (I'll use that instead of enabling users to change their password).
My problem is, when I redirect to the password reset route (/password/email/) and the user is logged in, they will be automatically redirected to the home logged in screen.
My first try then.. was to implement a method at the User model called sendResetPasswordLink. But, as I looked more into the platform I would need to generate the token and add to the password_resets table..
I looked into DatabaseTokenRepository and PasswordResetServiceProvider classes, looking for a function I could call to generate the token, but there is no function I could call statically..
I'm really lost, can someone point me the way?
From the ResetsPasswords trait, the answer is:
Password::sendResetLink(['email' => Auth::user()->email], function (Illuminate\Mail\Message $message) {
$message->subject('Your Password Reset Link');
});
You'll need to create your own route and controller method that allows this to be called for logged-in users.

CakePHP: When I change User session i get logout

I need to add possibility of Admin to enter User account, but i stucked when i change session data, i got logout.
$_SESSION['Auth']['User']['username']=$user_data['User']['username'];
To come back into admin session I made new variable
$_SESSION['Auth']['Admin']['id']=$user_id
Please help me to change admin data into user, and add possibility to come back as admin when logout
To login as a user when your are admin you can do this:
In your controller:
$user = $this->User->findById($idOfUserYouWantToLoginAs);
... // handle case where $user is empty
$this->Auth->login($user['User']);
Or you could just change the variables in the session as needed. I did it yesterday just changing the id of the logged user, but you can also change the stored username or email address or anything on session:
$this->Session->write('Auth.User.id',$newLoggedUserId);
$this->Session->write('Auth.User.username',$newLoggedUserName);
$this->Session->write('Auth.User.email',$newLoggedUserEmail);

Resources