11

This is my first attempt at a laravel package and have run into an issue where Auth::attempt($credentials) works within my login controller, but upon redirection to a protected route or controller, the user is no longer authenticated. Below is my login controller method with the redirect to dashboard commented out.

public function attempt(Request $request){

    $email =  strtolower(strip_tags(htmlspecialchars($request->input('email'))));
    $password = strip_tags(htmlspecialchars($request->input('password')));

    if (Auth::attempt(array('email' => $email, 'password' => $password)))
    {
        // Redirect to dashboard route
        //return redirect()->intended('/admin');
        if(Auth::check())
            print_r(Auth::user());
    }
}

A response to valid credentials prints out the correct user record and Auth::check returns true. But, when redirected to the admin controller, the user is not authenticated. Below is the admin controller method that should output the authenticated user, but only returns "not logged".

public function index()
{
    if(Auth::check()) print_r(Auth::user());
    else echo "not logged";
}

Both controllers use Auth;, their namespaces are consistent with vendor/package/pathToDir, db is setup correctly, and the encryption key has been set. Any ideas on what's going wrong? Thanks

Improve this question

2 Answers 2

Reset to default
27

Turns out the issue was with the new web middleware, moved all my routes that require session data in to the route group and everything works as normal. 

Route::group(['middleware' => ['web']], function () {

    Route::get("/login", ['uses'=>'SiteLogin@index']);
    Route::post("/login", ['uses'=>'SiteLogin@attempt']);
    Route::get("/logout", ['uses'=>'SiteLogin@logout']);

    Route::group(['prefix' => 'admin', 'middleware' => 'auth'], function () {
        Route::get('/', ['uses'=>'Admin@index']);
    });
});
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

You saved my day! It turns out, for default routes within routes/web.php Laravel applies whole middleware group called "web". And doesn't apply this group to external package routes loaded via service provider's method $this->loadRoutesFrom(__DIR__.'/routes.php');
Saved me a lot of time as I was trying to achieve somthing similar with my package, thanks :) How did you end up figuring this out/troubleshooting it? @Will
0

The default behavior of the method attempt is to not keep the user logged.

You should change it to:

if (Auth::attempt(array('email' => $email, 'password' => $password), false, true))

This way you will set remember as false and login as true.

Check more about this here: https://laravel.com/docs/5.2/authentication

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.