Authentication System

Middleware: Only allow authenticated users to access a given route. For protecting/restricting routes, we need to use Middleware.

Middleware Steps:

1. Creating

2. Registering

3. Uses

#01 Creating:

php artisan make:middleware AuthenticationMiddleware

if(Auth::check){

return $next($request);

}else{

return redirect('/login');

}

#02 Registering:

got to http/kernel.php and find out $routeMiddleware for register newly created middleware and of course we will see auth and guest default basic middlewares already for us.

Add the following at the end of the $routeMiddleware array: 

'authenticated' => \App\Http\Middleware\ AuthenticationMiddleware::class

 

#03 Uses:

Go to the web.php and add as follows:

Route::get('/home', 'AdminUserController@index')->middleware('authenticated');

We can use the default auth as well as:

Route::get('/home', 'AdminUserController@index')->middleware('auth');

 

Route Groups:

If we want to authenticate 100 routes every single time we have to add middleware it’s more costly. Hence we have to use route group as follows:

 

Route::group(['middleware'=>'authenticated'], function(){

Route::get('/home', 'AdminUserController@index');

Route::get('/about', 'AdminUserController@about');

});

 

We can use another middleware as follows:

Route::group(['middleware'=> ['authenticated', 'anotherMiddleware']], function(){

Route::get('/home', 'AdminUserController@index');

Route::get('/about', 'AdminUserController@about');

});

 

We can check rout list as follows:

php artisan route:list

 

Basic Authentication for login, logout, register, forget/change password:

php artisan make:auth

Login url:

localhost:8000/login

After login url:

localhost:8000/home

But we can customize the redirect location by defining a redirectTo property on the LoginController, RegisterController, and ResetPasswordController as follows:

protected $redirectTo = '/';

Logout url:

localhost:8000/logout

Register url:

localhost:8000/register

Forget/reset password url:

localhost:8000/password/reset

If we want to rename default url like localhost:8000/login to localhost:8000/alogin.

In routes\web.php file, replace the Auth::routes(); with the following and change like you do:

// Authentication Routes...

$this->get('login', 'Auth\LoginController@showLoginForm')->name('login');

$this->post('login', 'Auth\LoginController@login');

$this->post('logout', 'Auth\LoginController@logout')->name('logout');

// Registration Routes...

$this->get('register','Auth\RegisterController@showRegistrationForm')->name('register');

$this->post('register', 'Auth\RegisterController@register');

// Password Reset Routes...

$this->get('password/reset','Auth\ForgotPasswordController@showLinkRequestForm')->name('password.request');

$this->post('password/email','Auth\ForgotPasswordController@sendResetLinkEmail')->name('password.email');

$this->get('password/reset/{token}','Auth\ResetPasswordController@showResetForm')->name('password.reset');

$this->post('password/reset', 'Auth\ResetPasswordController@reset');

 

Retrieving The Authenticated User:

// Get the currently authenticated user...

$user = Auth::user();

// Get the currently authenticated user's ID...

$id = Auth::id();

 

If The Current User Is Authenticated:

if (Auth::check()) {

// The user is logged in...

}

 

Manually Authenticating Users:

$credentials = $request->only('email', 'password');

if (Auth::attempt($credentials)) {

// Authentication passed...

return redirect()->intended('dashboard');

}

The attempt method takes an array and check it manually if valid then return true else false.

if (Auth::attempt(['email' => $email, 'password' => $password, 'active' => 1])) {

   // The user is active, and exists.

}

 

Forgot Password:

Artisan command:

php artisan vendor:publish --tag=laravel-notifications

The above command will publish the below file where you can change your mail text.

views/vendor/notifications/email.blade.php

Artisan command:

php artisan vendor:publish --tag=laravel-mail

The above command will publish views/vendor/mail/somefiles where you can style your mail.

Default App name (Laravel) Change:

First of all Laravel checks .env file and then config/mail.php

So, go to .env file and change APP_NAME=Your_app_name and you can also change APP_ENV=production, APP_URL=w3public.com

And then, in the mail body text, the Laravel text will be replaced by Your_app_name, the Reset password’s button link will be w3public.com

  • 249
  • 308
  • By Bablu Ahmed
  • Posted 1 year ago