Clever Geek Handbook

Laravel Auth Login Solution

I am creating a postSignIn method and want to check: Email, Password, ConfirmedFlag At first there was no problem to create a postSignIn method, e.g .:

public function postSignIn(){
    if(Auth::attempt(array('email' => Input::get('email'),'password' => Input::get('password'),'verifiedFlag'=>1))){
            return Redirect::route('home-view');
    }
    else{
        return "Email/Password wrong or Your Account not verified by Admin";
    }
}

But now I am trying to make it more user friendly with the "Separate Alert" option for

  • Account not verified and
  • Invalid email / password

and now I am trying to do it like this:

    if(Auth::attempt(array('nim' => Input::get('nim'),'password' => Input::get('password')))){
        Auth::logout();
        if(Auth::attempt(array('nim' => Input::get('nim'),'password' => Input::get('password'),'verified' => 1))){
            return Redirect::route('home-view');
        }
        else{
            return "Your Account not verfied. Please wait until admin verified your account or contact your admin";

        }
    }
    else{
        return "NIM/Password wrong";
    }

there were no problems, but I think I need a different solution, so Auth doesn't need to login (try) twice

+3


source to share


2 answers


You can use the method validate

. This will work:



public function postSignIn(){
    if(Auth::attempt(array('email' => Input::get('email'),'password' => Input::get('password'),'verifiedFlag'=>1))){
            return Redirect::route('home-view');
    }
    elseif(Auth::validate(array('email' => Input::get('email'),'password' => Input::get('password')))){
           return "Your Account not verified by Admin";
    }
    else
    {
        return "Email/Password wrong";
    }
}
+3


source


Filters are the way to go. It is easy and simple to fix this problem, see my example below.

if the user is inactive at any time, he will be logged out, you can redirect the user with a flash message Session, your login code works as it is.



Route::filter('auth', function()
{
    if (Auth::guest())
    {
         if (Request::ajax())
         {
             return Response::make('Unauthorized', 401);
         }
         else
         {
            return Redirect::guest('login');
         }
 }
else
{
    // If the user is not active any more, immidiately log out.
    if(Auth::check() && !Auth::user()->verifiedFlag)
    {
        Auth::logout();
        Session::flash('message','Your account is not active, please contact your administrator             to active your account');

        // redirect to login page
        return Redirect::to('/');
    }
}
});
0


source






More articles:


All Articles