Hi,
for a very small project, I am asked to create a custom authentication layer which works in this way:
- User navigate to a page for the first time
- The authentication layer intercepts the request and understands that the user is not logged in
- Retrieves user's ip address, and execute a shell command (to a custom application) with such ip address which returns an id
- Checks such id on a UserTable (id, name, ecc)
- If it exists, the user is logged in, his information (like name) are retrieved, the login information are stored to a session cookie, and the page is loaded.
- Every page he navigates, checks if the session cookie is valid, otherwise goes back to step 2.
So basically it is an ip-based authentication, and the user doesn't need to insert any kind of other information (don't worry about security, ip spoofing and so on, it is not relevant here)
How can I do this in laravel?
Thank you
hmm doesn't sound that bad. Here are my quick thoughts.
First create your own "AuthController". This is going to be your main item here. You will want this to do the heavy lifting. All you really need is the one function, and you can refactor it as you please.
public function login()
{
$ip = $_SERVER['REMOTE_ADDR'];
$result = shell_exec('something');
$user = User::where('id', $result)->first();
if(! $user) {
return 'user not found in usertable';
}
auth()->login($user); // or \Auth::login($user);
return redirect()->route('home');
}
Anyway first thoughts, so the login goes to that "route" and it would handle the informtion.
Thank you, it was not so hard as I thought, I created an AuthController based on your sketch, and it works perfectly.
Sign in to participate in this thread!
Laravel
Laravel News
Laracasts
Laravel Podcast