Checking, querying the database during authorization in laravel?

P

Pavel2020-05-06 21:43:32

Laravel

Pavel, 2020-05-06 21:43:32

Hello!

I'm trying to deal with authorization

The task immediately after entering the login and password and directly "poke" on the "login" button in the logic is to do a check (send a request to the database, check which site the user is visiting, switch it to the right one - in case he has several domains)

The problem is that I can’t find the same file where I’ll enter all these checks, I

tried to put it in:

namespace App\Http\Controllers\Auth;
... 
class LoginController extends Controller
... 
public function __construct()
    {
       /// вставлял, не работает
        $this->middleware('guest')->except('logout');
    }

namespace App\Http\Middleware;
class Authenticate extends Middleware
protected function redirectTo($request)
    {
// тоже не але
}

namespace App\Providers;
class AuthServiceProvider extends ServiceProvider
 public function boot()
    {
        $this->registerPolicies();

       // и сюда тоже пытался
    }

Tell me, where is the same file or maybe something needs to be added in the method so that my checks are performed during authorization?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

B

bubaley, 2020-05-07
@yatort

Hello, you can override the authorization mechanism itself, using the login method
Or already work out a successful authorization.
This needs to be added to Auth/LoginController
Of course, it's better to go into the controller itself from which LoginController is inherited and copy from there to be tied to your version of Lara.

public function login(Request $request)
    {
        if (isset($request->next)) $this->redirectTo = $request->next;

        $this->validateLogin($request);

        // If the class is using the ThrottlesLogins trait, we can automatically throttle
        // the login attempts for this application. We'll key this by the username and
        // the IP address of the client making these requests into this application.
        if (method_exists($this, 'hasTooManyLoginAttempts') &&
            $this->hasTooManyLoginAttempts($request)) {
            $this->fireLockoutEvent($request);

            return $this->sendLockoutResponse($request);
        }

        if ($this->attemptLogin($request)) {
            return $this->sendLoginResponse($request);
        }

        // If the login attempt was unsuccessful we will increment the number of attempts
        // to login and redirect the user back to the login form. Of course, when this
        // user surpasses their maximum number of attempts they will get locked out.
        $this->incrementLoginAttempts($request);

        return $this->sendFailedLoginResponse($request);
    }

    /**
     * The user has been authenticated.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  mixed  $user
     * @return mixed
     */
    protected function authenticated(Request $request, $user)
    {
        return response([
            'result' => 'success',
            'value' => $user
        ]);
    }

    /**
     * Get the failed login response instance.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return \Symfony\Component\HttpFoundation\Response
     *
     * @throws \Illuminate\Validation\ValidationException
     */
    protected function sendFailedLoginResponse(Request $request)
    {
        return response([
            'result' => 'fail',
            'value' => 'Неверный логин или пароль'
        ]);
    }