I'm trying to implement a login for Laravel 10 and I have all the scaffolding done, routes, controllers, and views. When I try to submit the registration form, I get a 400 Bad Request error. I've tried to insert a dd() in the store function of the controller and it doesn't seem to ever get there.
web.php
<?php
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\Auth\LoginRegisterController;
/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| contains the "web" middleware group. Now create something great!
|
*/
Route::get('/', function () {
return view('welcome');
});
Route::controller(LoginRegisterController::class)->group(function() {
Route::get('/register', 'register')->name('register');
Route::post('/store', 'store')->name('store');
Route::get('/login', 'login')->name('login');
Route::post('/authenticate', 'authenticate')->name('authenticate');
Route::get('/dashboard', 'dashboard')->name('dashboard');
Route::post('/logout', 'logout')->name('logout');
});
When I do artisan route:list I get:
GET|HEAD / .........................................................................
POST _ignition/execute-solution .............. ignition.executeSolution › Spatie\LaravelIgnition › ExecuteSolutionController
GET|HEAD _ignition/health-check ................ ignition.healthCheck › Spatie\LaravelIgnition › HealthCheckController
POST _ignition/update-config ................... ignition.updateConfig › Spatie\LaravelIgnition › UpdateConfigController
GET|HEAD api/user.............................................................................................................................
POST authenticate .......... authenticate › Auth\LoginRegisterController@authenticate
GET|HEAD dashboard......... dashboard › Auth\LoginRegisterController@dashboard
GET|HEAD login .................. login › Auth\LoginRegisterController@login
POST logout .................... logout › Auth\LoginRegisterController@logout
GET|HEAD register ............. register › Auth\LoginRegisterController@register
GET|HEAD sanctum/csrf-cookie ... sanctum.csrf-cookie › Laravel\Sanctum › CsrfCookieController@show
POST store ..................... store › Auth\LoginRegisterController@store
LoginRegisterController.php
<?php
namespace App\Http\Controllers\Auth;
use App\Models\User;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
class LoginRegisterController extends Controller
{
/**
* Instantiate a new LoginRegisterController instance.
*/
public function __construct()
{
$this->middleware('guest')->except([
'logout', 'dashboard'
]);
}
/**
* Display a registration form.
*
* @return \Illuminate\Http\Response
*/
public function register()
{
return view('auth.register');
}
/**
* Store a new user.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function store(Request $request)
{
dd($request);
$request->validate([
'name' => 'required|string|max:250',
'email' => 'required|email|max:250|unique:users',
'password' => 'required|min:8|confirmed'
]);
User::create([
'name' => $request->name,
'email' => $request->email,
'password' => Hash::make($request->password)
]);
$credentials = $request->only('email', 'password');
Auth::attempt($credentials);
$request->session()->regenerate();
return redirect()->route('dashboard')
->withSuccess('You have successfully registered & logged in!');
})
`
Hello @toddblackstar
Maybe you can show the form that you use to post the data.
The first question I have are:
Here you go.
<div class="row justify-content-center mt-5">
<div class="col-md-8">
<div class="card">
<div class="card-header">Register</div>
<div class="card-body">
<form action="http://www.fundmylawsuit.com/store" method="post">
<input type="hidden" name="_token" value="NQTFXYmgPbZkvUuLZ1udFr917BroLgfMqrkhT89Y"> <div class="mb-3 row">
<label for="name" class="col-md-4 col-form-label text-md-end text-start">Name</label>
<div class="col-md-6">
<input type="text" class="form-control " id="name" name="name" value="">
</div>
</div>
<div class="mb-3 row">
<label for="email" class="col-md-4 col-form-label text-md-end text-start">Email Address</label>
<div class="col-md-6">
<input type="email" class="form-control " id="email" name="email" value="">
</div>
</div>
<div class="mb-3 row">
<label for="password" class="col-md-4 col-form-label text-md-end text-start">Password</label>
<div class="col-md-6">
<input type="password" class="form-control " id="password" name="password">
</div>
</div>
<div class="mb-3 row">
<label for="password_confirmation" class="col-md-4 col-form-label text-md-end text-start">Confirm Password</label>
<div class="col-md-6">
<input type="password" class="form-control" id="password_confirmation" name="password_confirmation">
</div>
</div>
<div class="mb-3 row">
<input type="submit" class="col-md-3 offset-md-5 btn btn-primary" value="Register">
</div>
</form>
</div>
</div>
</div>
</div>
When I hit submit, it shows http://www.fundmylawsuit.com/store in the address bar so that would seem to me to be indicating that it's going to the right spot.
Do you have something in your log and/or some information in your response?
If I try the form I get the dd information and not the 400 response code. Maybe you have another problem?
Small tip: Using a public website as development environment increase the change that you create a security problem. I advice to take a look at the different options for local development.
access.log
70.165.xx.xxx - - [26/Jun/2023:18:51:11 +0000] "GET /register HTTP/1.1" 200 1342 "http://www.fundmylawsuit.com/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.51"
70.165.xx.xxx - - [26/Jun/2023:18:51:26 +0000] "_token=ENzaTTPHBwN9rqJQeJ7Mc3X84GW5gmZA0qP6wXPI&name=todd&email=todd%40[domain].com&password=G3JQcw%24Judpnkfz3&password_confirmation=G3JQcw%24Judpnkfz3" 400 166 "-" "-"
70.165.xx.xxx - - [26/Jun/2023:18:53:16 +0000] "GET /register HTTP/1.1" 200 1342 "http://www.fundmylawsuit.com/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.51"
70.165.xx.xxx - - [26/Jun/2023:18:53:30 +0000] "_token=ENzaTTPHBwN9rqJQeJ7Mc3X84GW5gmZA0qP6wXPI&name=todd&email=todd%40[domain].com&password=G3JQcw%24Judpnkfz3&password_confirmation=G3JQcw%24Judpnkfz3" 400 166 "-" "-"
Nothing is showing in my error.log file.
I'm not too worried about security as all I'm really trying to do is create a landing page.
Sign in to participate in this thread!
The Laravel portal for problem solving, knowledge sharing and community building.
The community