All geek questions in one place

Check user active state with laravel

This is a pretty standard login and validation feature that works well. But I also want to check that the user is active. I set a column in my user table with an “active” value of 0 or 1.

public function post_login() { $input = Input::all(); $rules = array( 'email' => 'required|email', 'password' => 'required', ); $validation = Validator::make($input, $rules); if ($validation->fails()) { return Redirect::to_route('login_user') ->with_errors($validation->errors)->with_input(); } $credentials = array( 'username' => $input['email'], 'password' => $input['password'], ); if (Auth::attempt($credentials)) { // Set remember me cookie if the user checks the box $remember = Input::get('remember'); if ( !empty($remember) ) { Auth::login(Auth::user()->id, true); } return Redirect::home(); } else { return Redirect::to_route('login_user') ->with('login_errors', true); } }

I already tried something like this:

 $is_active = Auth::user()->active; if (!$is_active == 1) { echo "Account not activated"; }

But this can only be used in the "auth try" if statement, and at that moment user credentials (email and pass) are already checked. Therefore, even if the user account, if it is not active at the moment, is already registered.

I need a way to return validation in order to tell them that they still need to activate their account and check if their account is set at the same time as checking their email and badges.

+4
source share
5 answers

A better solution would be to create an Auth driver that extends the already used Eloquent Auth driver and then overrides the attempted method.

Then change the auth configuration to use your driver.

Sort of:

 <?php class Myauth extends Laravel\Auth\Drivers\Eloquent { /** * Attempt to log a user into the application. * * @param array $arguments * @return void */ public function attempt($arguments = array()) { $user = $this->model()->where(function($query) use($arguments) { $username = Config::get('auth.username'); $query->where($username, '=', $arguments['username']); foreach(array_except($arguments, array('username', 'password', 'remember')) as $column => $val) { $query->where($column, '=', $val); } })->first(); // If the credentials match what is in the database we will just // log the user into the application and remember them if asked. $password = $arguments['password']; $password_field = Config::get('auth.password', 'password'); if ( ! is_null($user) and Hash::check($password, $user->{$password_field})) { if ($user->active){ return $this->login($user->get_key(), array_get($arguments, 'remember')); } else { Session::flash('authentication', array('message' => 'You must activate your account before you can log in')); } } return false; } } ?>

On the login screen, check for the presence of the :: get ('authentication') session and process it accordingly.

Alternatively, allow them to log in, but do not allow them to access pages other than those that offer a link to send activation email.

+2
source

Filters are the way to go. This is easy and understandable to solve this problem, see my example below.

 Route::filter('auth', function() { if (Auth::guest()) { if (Request::ajax()) { return Response::make('Unauthorized', 401); } else { return Redirect::guest('login'); } } else { // If the user is not active any more, immidiately log out. if(Auth::check() && !Auth::user()->active) { Auth::logout(); return Redirect::to('/'); } } });
+8
source

Can't you use something like this:

 if (Auth::once($credentials)) { if(!Auth::user()->active) { Auth::logout(); echo "Account not activated"; } }
+4
source

Just make the active field one of the confirmations. You can do it:

 $credentials = array( 'username' => $input['email'], 'password' => $input['password'], 'active' => 1 ); if (Auth::attempt($credentials)) { // User is active and password was correct }

If you want to tell the user that they are inactive, you can follow this:

  if (Auth::validate(['username' => $input['email'], 'password' => $input['password'], 'active' => 0])) { return echo ('you are not active'); }
+3
source

This is what I do:

 if (\Auth::attempt(['EmailWork' => $credentials['EmailWork'], 'password' => $credentials['Password']], $request->has('remember'))) { if (\Auth::once(['EmailWork' => $credentials['EmailWork'], 'password' => $credentials['Password']])) { if (!\Auth::user()->FlagActive == 'Active') { \Auth::logout(); return redirect($this->loginPath()) ->withInput($request->only('EmailWork', 'RememberToken')) ->withErrors([ 'Active' => 'You are not activated!', ]); } } return redirect('/'); } return redirect($this->loginPath()) ->withInput($request->only('EmailWork', 'RememberToken')) ->withErrors([ 'EmailWork' => $this->getFailedLoginMessage(), ]);
0
source

Source: https://habr.com/ru/post/1482720/

More articles:


All Articles