Support the ongoing development of Laravel.io →
lovepizza
posted 9 years ago
Authentication
Last updated 2 years ago.
0
jimgwhit
replied 9 years ago

Try to bypass it in a number of ways. Plus. https://www.owasp.org/index.php/Web_Application_Security_Testing_Cheat_Sheet

Last updated 9 years ago.
0
lovepizza
replied 9 years ago

My problem is that my login doesn't work and I can't understand because.

0
jimgwhit
replied 9 years ago

Here's my auth controller, that works, does your look something like this?

<?php namespace App\Http\Controllers\Auth;
use Illuminate\Http\Request;
use App\Http\Requests\RegisterRequest;

use App\Http\Controllers\Controller;
use Illuminate\Contracts\Auth\Guard;
use Illuminate\Contracts\Auth\Registrar;
use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;

class AuthController extends Controller {

	/*
	|--------------------------------------------------------------------------
	| Registration & Login Controller
	|--------------------------------------------------------------------------
	|
	| This controller handles the registration of new users, as well as the
	| authentication of existing users. By default, this controller uses
	| a simple trait to add these behaviors. Why don't you explore it?
	|
	*/

	use AuthenticatesAndRegistersUsers;

	/**
	 * Create a new authentication controller instance.
	 *
	 * @param  \Illuminate\Contracts\Auth\Guard  $auth
	 * @param  \Illuminate\Contracts\Auth\Registrar  $registrar
	 * @return void
	 */
	public function __construct(Guard $auth, Registrar $registrar)
	{
		$this->auth = $auth;
		$this->registrar = $registrar;

		$this->middleware('guest', ['except' => 'getLogout']);
	}
        
        
        public function getRegister()
	{
		//return view('auth.register');
                return \View::make('auth.register');
	}
        
        
        
        public function postRegister(RegisterRequest $request)
       	{
		// Registration form is valid, create user...
                
             //$user = \App\User::create($request->all());
            
            //$this->validate($request, [
			//'userid' => 'required', 'password' => 'required',
		//]);
                $user = new \App\User(); 
                $user->userid = $request->input('userid');
                $user->password = \Illuminate\Support\Facades\Hash::make($request->input('password'));
                $user->save();

                $this->auth->login($user);

		return redirect('pets');
	}


        
        
        
        
        
        
        
        
        public function getLogin()
	{
		//return view('auth.login');
                return view('auth.testview');
	}
        
        public function postLogin(Request $request)
	{
		$this->validate($request, [
			'userid' => 'required', 'password' => 'required',
		]);
                
                //added
                
                echo 'made it here====';
            $tvar = $request->input('userid');
            //echo $tvar;
            $pw = $request->input('password');
            if ($this->auth->attempt(['userid' => $tvar, 'password' => $pw]))
		{
                    //echo 'logged in========'.$request->user->userid;
                    //echo 'logged in========'.$request->user()->userid;
                    $yourvar = $request->user()->userid;
                    echo $yourvar;
                    echo "====loggin in now";
                    return redirect('pets');
		}
            else
                {
                    echo ' not logged in';
                }

                //added

		/*$credentials = $request->only('email', 'password');

		if ($this->auth->attempt($credentials, $request->has('remember')))
		{
			return redirect($this->redirectPath());
		}

		return redirect('/auth/login')
					->withInput($request->only('email'))
					->withErrors([
						'email' => 'These credentials do not match our records.',
					]);*/
	}
        
        public function getLogout()
	{
		$this->auth->logout();

		return redirect('/');
	}



}//end class

My RegisterRequest file

<?php namespace App\Http\Requests;

class RegisterRequest extends Request {

	/**
	 * Get the validation rules that apply to the request.
	 *
	 * @return array
	 */
	public function rules()
	{
		
            
            /*return [
			'email' => 'required|email|unique:users',
			'password' => 'required|confirmed|min:8',
		];*/
            
            
            return [
			'userid' => 'required',
			'password' => 'required',
		];
	/*$user =  [
			'email' => 'required|email|unique:users',
			'password' => 'required|confirmed|min:8',
		];
            
         return $user; */  
        }

	/**
	 * Determine if the user is authorized to make this request.
	 *
	 * @return bool
	 */
	public function authorize()
	{
		return true;
	}

}

You need all the use statements at top.

Last updated 9 years ago.
0
mightym
replied 9 years ago

lovePizza said:

How can I debug the authentication?

Make use of the Log facade (Illuminate\Support\Facades\Log).

use Illuminate\Support\Facades\Log;

function myAuthentication()
{
    // Doing some stuff
        
    Log::debug('Log something');
        
    // Doing some more stuff
}

You find your log in storage/logs folder. More about logging: http://laravel.com/docs/5.0/errors#logging

Regards MightyM

Last updated 9 years ago.
0

Sign in to participate in this thread!

Eventy

Your banner here too?

lovePizza lovepizza Joined 13 Mar 2014

Moderators

We'd like to thank these amazing companies for supporting us

Eventy
Fathom
Forge
Envoyer
Beyond Code
Skynet Technologies
BairesDev
Remotely Works
Dotcom-monitor
N-iX

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

Laravel.io

Forum Articles Pastebin

Socials

X Twitter GitHub

The community

Laravel Laravel Laravel News Laravel News
Laracasts Laracasts Laravel Podcast Laravel Podcast
© 2024 Laravel.io - All rights reserved.
Terms of service Privacy policy Advertise