Support the ongoing development of Laravel.io →
posted 2 years ago
Forms

I'm trying to implement a login for Laravel 10 and I have all the scaffolding done, routes, controllers, and views. When I try to submit the registration form, I get a 400 Bad Request error. I've tried to insert a dd() in the store function of the controller and it doesn't seem to ever get there.

web.php

<?php
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\Auth\LoginRegisterController;

/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| contains the "web" middleware group. Now create something great!
|
*/

Route::get('/', function () {
    return view('welcome');
});

Route::controller(LoginRegisterController::class)->group(function() {
    Route::get('/register', 'register')->name('register');
    Route::post('/store', 'store')->name('store');
    Route::get('/login', 'login')->name('login');
    Route::post('/authenticate', 'authenticate')->name('authenticate');
    Route::get('/dashboard', 'dashboard')->name('dashboard');
    Route::post('/logout', 'logout')->name('logout');
});

When I do artisan route:list I get:

GET|HEAD   / .........................................................................
 POST       _ignition/execute-solution .............. ignition.executeSolution › Spatie\LaravelIgnition › ExecuteSolutionController
 GET|HEAD   _ignition/health-check ................ ignition.healthCheck › Spatie\LaravelIgnition › HealthCheckController
 POST       _ignition/update-config ................... ignition.updateConfig › Spatie\LaravelIgnition › UpdateConfigController
 GET|HEAD   api/user.............................................................................................................................
 POST       authenticate .......... authenticate › Auth\LoginRegisterController@authenticate
 GET|HEAD   dashboard......... dashboard › Auth\LoginRegisterController@dashboard
 GET|HEAD   login .................. login › Auth\LoginRegisterController@login
 POST       logout .................... logout › Auth\LoginRegisterController@logout
 GET|HEAD   register ............. register › Auth\LoginRegisterController@register
 GET|HEAD   sanctum/csrf-cookie ... sanctum.csrf-cookie › Laravel\Sanctum › CsrfCookieController@show
 POST       store ..................... store › Auth\LoginRegisterController@store

LoginRegisterController.php

<?php

namespace App\Http\Controllers\Auth;

use App\Models\User;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;

class LoginRegisterController extends Controller
{
    /**
     * Instantiate a new LoginRegisterController instance.
     */
    public function __construct()
    {
        $this->middleware('guest')->except([
            'logout', 'dashboard'
        ]);
    }

    /**
     * Display a registration form.
     *
     * @return \Illuminate\Http\Response
     */
    public function register()
    {
        return view('auth.register');
    }

    /**
     * Store a new user.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return \Illuminate\Http\Response
     */
    public function store(Request $request)
    {
        dd($request);
        $request->validate([
            'name' => 'required|string|max:250',
            'email' => 'required|email|max:250|unique:users',
            'password' => 'required|min:8|confirmed'
        ]);

        User::create([
            'name' => $request->name,
            'email' => $request->email,
            'password' => Hash::make($request->password)
        ]);

        $credentials = $request->only('email', 'password');
        Auth::attempt($credentials);
        $request->session()->regenerate();
        return redirect()->route('dashboard')
        ->withSuccess('You have successfully registered & logged in!');
    })

`

Last updated by @toddblackstar 2 years ago.
0
moderator

Hello @toddblackstar

Maybe you can show the form that you use to post the data.

The first question I have are:

  1. Do your form use a POST request?
  2. Does it POST to /store?
  3. Did you verify that you didn't get a redirect?
0

Here you go.

<div class="row justify-content-center mt-5">
    <div class="col-md-8">

        <div class="card">
            <div class="card-header">Register</div>
            <div class="card-body">
                <form action="http://www.fundmylawsuit.com/store" method="post">
                    <input type="hidden" name="_token" value="NQTFXYmgPbZkvUuLZ1udFr917BroLgfMqrkhT89Y">                    <div class="mb-3 row">
                        <label for="name" class="col-md-4 col-form-label text-md-end text-start">Name</label>
                        <div class="col-md-6">
                          <input type="text" class="form-control " id="name" name="name" value="">
                                                    </div>
                    </div>
                    <div class="mb-3 row">
                        <label for="email" class="col-md-4 col-form-label text-md-end text-start">Email Address</label>
                        <div class="col-md-6">
                          <input type="email" class="form-control " id="email" name="email" value="">
                                                    </div>
                    </div>
                    <div class="mb-3 row">
                        <label for="password" class="col-md-4 col-form-label text-md-end text-start">Password</label>
                        <div class="col-md-6">
                          <input type="password" class="form-control " id="password" name="password">
                                                    </div>
                    </div>
                    <div class="mb-3 row">
                        <label for="password_confirmation" class="col-md-4 col-form-label text-md-end text-start">Confirm Password</label>
                        <div class="col-md-6">
                          <input type="password" class="form-control" id="password_confirmation" name="password_confirmation">
                        </div>
                    </div>
                    <div class="mb-3 row">
                        <input type="submit" class="col-md-3 offset-md-5 btn btn-primary" value="Register">
                    </div>
                    
                </form>
            </div>
        </div>
    </div>    
</div>
0

When I hit submit, it shows http://www.fundmylawsuit.com/store in the address bar so that would seem to me to be indicating that it's going to the right spot.

0
moderator

Do you have something in your log and/or some information in your response?

If I try the form I get the dd information and not the 400 response code. Maybe you have another problem?

Small tip: Using a public website as development environment increase the change that you create a security problem. I advice to take a look at the different options for local development.

0

access.log

70.165.xx.xxx - - [26/Jun/2023:18:51:11 +0000] "GET /register HTTP/1.1" 200 1342 "http://www.fundmylawsuit.com/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.51"
70.165.xx.xxx - - [26/Jun/2023:18:51:26 +0000] "_token=ENzaTTPHBwN9rqJQeJ7Mc3X84GW5gmZA0qP6wXPI&name=todd&email=todd%40[domain].com&password=G3JQcw%24Judpnkfz3&password_confirmation=G3JQcw%24Judpnkfz3" 400 166 "-" "-"
70.165.xx.xxx - - [26/Jun/2023:18:53:16 +0000] "GET /register HTTP/1.1" 200 1342 "http://www.fundmylawsuit.com/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.51"
70.165.xx.xxx - - [26/Jun/2023:18:53:30 +0000] "_token=ENzaTTPHBwN9rqJQeJ7Mc3X84GW5gmZA0qP6wXPI&name=todd&email=todd%40[domain].com&password=G3JQcw%24Judpnkfz3&password_confirmation=G3JQcw%24Judpnkfz3" 400 166 "-" "-"

Nothing is showing in my error.log file.

I'm not too worried about security as all I'm really trying to do is create a landing page.

0

Sign in to participate in this thread!

Eventy

Your banner here too?

Todd toddblackstar Joined 9 Jun 2023

Moderators

We'd like to thank these amazing companies for supporting us

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

© 2025 Laravel.io - All rights reserved.