Using PyroCMS 2.2, how can I have a registration form assign a user to one of the new Groups I created. Within the admin panel, I have a created a user group called client. When my registration form within my module is sent, it creates the client, but sets the type for group to $config['default_group'] = 'user'; within the core module.
Is there a way for me to set the group to client for this specific registration form in this module?
I suggest this:
When you redirect the user to the costum registration form, set a session variable with value of your costume module name for example
Use PyroCMS events (Events::trigger('post_user_register', $id)) and build a events.php file for your module so that, after every user registration this event will be triggered and since you have set the session variable, you can decide to change the user group of newly created user to an appropriate one and be sure to unset the session variable after you are done.
Hope you get the idea.
It doesn't look like there is an inbuilt way to do this.
system/cms/modules/users/controllers/users.php:384
// We are registering with a null group_id so we just
// use the default user ID in the settings.
$id = $this->ion_auth->register($username, $password, $email, null, $profile_data);
It also appears it isn't possible to override the core modules.
Seems like you have 2 options:
Modify the core module
Try to port the user module into your own module
Related
I am new to laravel. I am trying to implement email verification on my laravel6 project.
On my project, there're three user types named 'user' 'vendor' and 'admin'. I have prepared separate directories for each user type in 'Controllers' and each of them has their own Auth files (e.g. Directory 'App/Http/Controllers/Vendor/Auth' has its own VerificationController.php, etc). So far, I've successfully implemented registration and login/logout function for each type with separate table in my DB.
A issue popped up when I tried to implement email verification. When I tried to access to a page where email verification is required, 'Auth\VerificationController#show' method seemed to be called regardless of the user type.
I went over laravel source code and learned that within the process, router calls Illuminate/Routing/Router->emailVerification() method. And the emailVerification() method routes to 'Auth\VerificationController#show' regardless of the user type.
What I wanted to do is to route depending on user type (e.g. if 'vendor' tries to login, I want to call 'Vendor\Auth\VerificationController#show').
I don't come up with any idea how to do for that. Can anyone please give me any advice?
Illuminate\Routing\Router class
public function emailVerification()
{
$this->get('email/verify', 'Auth\VerificationController#show')->name('verification.notice');
$this->get('email/verify/{id}/{hash}', 'Auth\VerificationController#verify')->name('verification.verify');
$this->post('email/resend', 'Auth\VerificationController#resend')->name('verification.resend');
}
Thank you in advance.
I'm migrating from codeignter 3 to codeigniter 4 and I'm having a hard time changing the database settings.
For example: I want the controller "Admin" to access with a configuration / database user and the controller "Site" to access with another.
I use this as a security issue, I want the "Site" controller to have access only with the query user ...
In codeigniter 3 I simply added the code at the beginning of the control to change the database as in the example below
$ this-> db = $ this-> load-> database ('admin', TRUE);
In codeigniter 4 how can I do this?
I don't want to change the database, I want to change the database user. And choose which user to use on the controller, not the model. For, when I use the admin controller I would like to use the user with access to "insert, delet, selec". When using the website controller, I would like to use the user who only has access to "select".
Thank you
If I may get you right this is what you are looking for
$db = \Config\Database::connect('admin', true);
you can have a better reference from the document Click Here to Read More
I have 2 laravel projects, 1 for the front end where i m using html css angularjs. The second for api controllers. I call using http post and get the api controllers functions using angularjs to get content data.
In the front end i have a menu this menu appears differently based on user role, if admin or no.
This is done. My problem is the access for views using the url in the browser.
So I have a query where I get for each user what modules in the menu can he see. Now I'm putting the result in Laravel session.
$menu = DB::select menu by user id ... //Getting menu query based on user if admin or no
session(["menu" => $menu);
return session('menu');
I'm getting the results and the menu is showing good in the website based on the logged user if he s admin or no.
Now, to solve the direct url access issue, I want to use this session and compare the url to this session, if the url exists in the session i will let him access, if no i will redirect him to somewhere.
any idea?
I would strongly suggest looking at the Laravel documentation on Authorization before going too far down a custom implementation:
https://laravel.com/docs/5.1/authorization
Without knowing more about how your front-end and back-end applications interact with each other, it is a little difficult to get into speciifics but i shall do my best.
Each page returned by Laravel has access to a Request object which contains information about the request which returned the page. You can access this Request and its assocaited Route using Laravels helper functions (if you are not passing it to the view already). The getPrefix() method will return the root relative url which you can then use as you see fit. For example:
// Return and store the URL as a string
$url = request()->route()->getPrefix();
// Check your session for the URL/s you want to allow and compare to the stored URL
if (session()->get('URL') == $url) {
// User is allowed access to the page
// Do something ...
} else {
// User is not allowed access to this page
// Redirect back or to a route of your choice
return redirect()->back();
}
I hope this gives you some ideas, good luck!
i have a Laravel 5.4 application where i do all Authentication based logic through PHP and then redirect the user to a catchAll route when they are authenticated, and let VueRouter take it from there...
I'd like to also use Entrust because my app will have several types of users and some elements (like an Edit User button) will only be visible to some user Roles.
I might also want to implement specific permissions, like some Admins can edit user Permissions, while others do not.
The issue is, alright i'm in Javascript territory now, so how do i know what my current Auth user is? Setting a global JS variable for Auth::user doesn't seem like a good idea to me.
Perhaps i would instead pass just an ID, but how exactly without making it globally visible as a window variable?
I think you may create an auth/check API call, like this:
protected function check()
{
if(Auth::guard('api')->check()) {
return Auth::guard('api')->user();
}
return ['success' => false];;
}
And then get current user with this call.
I am new to Laravel and learning just basic stuff. I am trying to create a new Route to create a user into database. So I created a Route like this -
Route::get('users/"create"', 'PagesController#create');
But I also have one Route for users trying to access their profile-
Route::get('users/{username}', 'PagesController#show');
Now when I try to access users/create it redirect me to show method instead of create method in controller. I am guessing this is because of generic nature of users/{username}. So my question is how to deal with such situation.
The order that you define routes is important. If you define your routes like this - in this order, it will work.
Route::get('users/create', 'PagesController#create');
Route::get('users/{username}', 'PagesController#show');
Note - I noticed you used 'users/"create"' - that is an error - it should be 'users/create' like in my example.
p.s. make sure you dont allow a user with the username called 'create' - or they will never be able to get to their profile page.