Laravel | ask for a password for certain actions
My laravel 5.4 project has a checkout form on submit which I want to show a dialog box with the requested user password (for added security). ie I want the logged in user to enter their password when they want to perform some critical action and verify that password.
I can figure out the outside of this, but I don't know how to implement the controller logic for this
From the documentation I found Auth :: check (), but it only checks if the current user has been logged in or not.
How should I do it?
source to share
You can ask the logged in user to enter a password and then manually check it using a method check()
like:
if (Hash::check(request('password'), auth()->user()->password))
The first argument is the password entered by the user. The second argument is the hashed password from the database.
source to share
I am actually planning to implement this on one of my sites. I've been thinking about scheduling lately and this is what I ran into:
- When the user comes to the application, he / she logs in
- He adds part of the product to the cart. The user is already logged in, so this is not a problem.
- When he / she tries to check, check for a very specific session element (eg
REAUTH_SUCCESS
), and if it exists, continue. Otherwise, go back and print the login form with just the password. After that, it's just a matter of what @Alexey and @Robert suggested in their answers.
Hope it helps.
source to share