jeudi 12 novembre 2020

Laravel login broke after upgrading from 5.8 to 6.20.3

I have a custom login controller that follows the code from here:

https://laravel.com/docs/6.x/authentication#remembering-users

if I were to do var_dump( Auth::check() ); right after the Auth::attempt it will return true and if I also try to fetch the user object it returns it perfectly inside the controller.

But the problem is when I redirect, once it gets to app/Http/Middleware/RedirectIfAuthenticated.php and app/Http/Middleware/Authenticate.php the var_dump( Auth::check() ); is returning false. So somewhere in between, it's logging out my user.

I've been stuck with this for a while now since everything works just fine in my 5.8 version.

everything in the login controller

<?php

namespace App\Http\Controllers;

//some models here
use Illuminate\Contracts\Auth\Guard;
use Illuminate\Http\Request;
use Redirect;
use View;
use Illuminate\Support\Facades\Session;
use Cache;
use Jenssegers\Agent\Agent;
use Validator;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Support\Facades\Auth;

class UserLoginController extends Controller
{
    use AuthenticatesUsers;
    protected $auth;

    public function __construct(Guard $auth)
    {
        $this->auth = $auth;
        $this->middleware('auth');
    }

public function postLogin(Request $request)
    {
        $email    = $request->get('email');
        $password = $request->get('password');

        $rules = [
            'password' => ['required'],
            'email'    => ['required', 'email'],
        ];
        $messages = [
            'email.required'    => 'Email is required',
            'email.email'       => 'Invalid Email',
            'password.required' => 'Password is required',
        ];

        $validator = Validator::make($request->all(), $rules, $messages);

        if ($validator->fails()) {
            return redirect()->back()->withErrors($validator);
        }


        if ($this->hasTooManyLoginAttempts($request)) {
            return redirect()->route('showHome');
        }

        $this->incrementLoginAttempts($request);


        if (Auth::attempt(['email' => $email, 'password' => $password], true) === false) {
            return redirect()->back()
                ->with(['message' => 'Your username/password combination was incorrect', 'failed' => true])
                ->withInput();
        }
   }
}

Auth config

<?php

return [

    /*
    |--------------------------------------------------------------------------
    | Authentication Defaults
    |--------------------------------------------------------------------------
    |
    | This option controls the default authentication "guard" and password
    | reset options for your application. You may change these defaults
    | as required, but they're a perfect start for most applications.
    |
    */

    'defaults' => [
        'guard' => 'web',
        'passwords' => 'users',
    ],

    /*
    |--------------------------------------------------------------------------
    | Authentication Guards
    |--------------------------------------------------------------------------
    |
    | Next, you may define every authentication guard for your application.
    | Of course, a great default configuration has been defined for you
    | here which uses session storage and the Eloquent user provider.
    |
    | All authentication drivers have a user provider. This defines how the
    | users are actually retrieved out of your database or other storage
    | mechanisms used by this application to persist your user's data.
    |
    | Supported: "session", "token"
    |
    */

    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],

        'api' => [
            'driver' => 'token',
            'provider' => 'users',
            'hash' => false,
        ],
    ],


via Chebli Mohamed

Aucun commentaire:

Enregistrer un commentaire