0

I'm working in a web project using Laravel 5.2

My use case is very simple: Before rendering any page, verify if the user is authenticated. If not, provide a login form with custom authentication (not the Eloquent's default stuff)

After reading about this scenario I have:

// routes.php Route::get('/', 'HomeController@index');

Then if I want all my pages secured, I require the middleware auth in controller's constructor. All my controllers should follow the same pattern if I want to request a logged in user before serving any page.

// app/Http/Controllers/HomeController.php <?php namespace App\Http\Controllers; use Illuminate\Http\Request; use App\Http\Requests; class HomeController extends Controller { public function __construct() { $this->middleware('auth'); } public function index() { return view('home'); } }

So far, so good. If I visit my app at '/' I'm redirected to a /login page.

I created the login page:

// views/auth/login.blade.php @extends('layouts.app') @section('content') <form class="form-signin" method="post" action="{{ url ('/login') }}"> {!! csrf_field() !!} <h2 class="form-signin-heading">Please sign in</h2> <label for="inputUsername" class="sr-only">Username</label> <input type="text" id="inputUsername" class="form-control" placeholder="Username" name="username" required autofocus> <label for="inputPassword" class="sr-only">Password</label> <input type="password" id="inputPassword" class="form-control" placeholder="Password" name="password" required> <button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button> </form> @endsection

Please notice the action of the form that redirects to /login. Then I update the routes.php by providing the new following routes:

// Authentication Routes... Route::get('login', 'Auth\AuthController@showLoginForm'); Route::post('login', 'Auth\AuthController@login'); Route::get('logout', 'Auth\AuthController@logout'); Route::get('/', 'HomeController@index');

With these new routes I'm catching login/logout scenarios and assigning AuthController's methods to handle them.

On the already implemented AuthController, I guess I need to define these methods.

I was not able to make this to work or maybe I'm doing this custom authentication in a wrong way.

I have:

// app/Http/Auth/AuthController.php <?php namespace App\Http\Controllers\Auth; use App\User; use Validator; use App\Http\Controllers\Controller; use Illuminate\Foundation\Auth\ThrottlesLogins; use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers; class AuthController extends Controller { use AuthenticatesAndRegistersUsers, ThrottlesLogins; protected $redirectTo = '/'; public function __construct() { $this->middleware($this->guestMiddleware(), ['except' => 'logout']); } // ... lot of default stuff .. protected function login($data) { // // do custom login authentication with $data // ie: validate thru a web service or something // return redirect()->intended('/'); } }

Any suggestions on how to implement this?

Improve this question
2
  • You don't have to write anything....those methods (login and register are already there...they are not visible in AuthController, but AuthController is extending the Auth Class.if you write custom methods for login and register you will override them! Commented May 18, 2016 at 21:29
  • Maybe I was not clear. I want to implement a custom authentication against my own service. My question is WHERE I implement this? Also, If you check the example above the AuthController class doesn't extend Auth class Commented May 18, 2016 at 22:38

2 Answers 2

Reset to default
1

Change your login function to

protected function login(Request $data) { // // do custom login authentication with $data // ie: validate thru a web service or something // return redirect()->intended('/'); }

This overrides the function from Illuminate\Foundation\Auth\AuthenticatesUsers that originally used by Laravel Auth

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Well, now I'm able to receive the request and process it with my own service, but what should I return? Do I need to set something on session to make this to work? After implementing the login method as described, I'm routed to /login again.
@aldoforce that is out of scope from your original question, since you decided to abandon laravel default auth and create your custom you better have a game plan
@lewis4u after I changed the login method to process a Request, I'm able to get the username and password so I can validate it with my own services. The problem is with the redirect()->intended('/'). I'm always redirected to the /login page so no matter where I redirect, it seems like I need to set some variable on session or on Auth class to explicitly declare that the user authentication was valid and he can keep browsing the app as a logged in user.
@sef4eg my plan is to authenticate the user with my own mechanism. After I validate the user credentials, I want to tell laravel that the user is ok to go and interact with the app as a logged user but the redirect()->intended('/') is always prompting the /login page. It seems like I need to set something to explicitly declare the user was correctly authenticated and I don't know what it is.
0

Thanks to everyone who responded to this question. I ended rolling out a custom integration where users are duplicated on the Eloquent's User model and my external service.

Unfortunately the lack of documentation around Laravel 5.2 and custom authentication methods makes this as a patch solution until something more stable comes out.

Thanks and happy coding!

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.