LARAVEL5 Custom login

Question

I'm working in application which requires a custom login.

I've to follow this flow.

1. User will enter login page.
2. User submit login page.
3. Application will check if the user is in database 3.1 (If user not in database | it will send a request to a third-party and check if login succeeded) 3.2 If user is in database verify password.

Now i've done class for the third-party and the code will work as this

$third = new Libraries\ThirdParty();
$third->login($username, $password);

$third->login will return true if login succeeded.

Now the question is how to link this logic. with the laravel pre-defined function Auth::check()

Answer 1

When you install laravel, it comes with a default login, that uses a trait:

class AuthController extends Controller {

    use AuthenticatesAndRegistersUsers;

    /**
     * Create a new authentication controller instance.
     *
     * @param  \Illuminate\Contracts\Auth\Guard  $auth
     * @param  \Illuminate\Contracts\Auth\Registrar  $registrar
     * @return void
     */
    public function __construct(Guard $auth, Registrar $registrar)
    {
        $this->auth = $auth;
        $this->registrar = $registrar;

        $this->middleware('guest', ['except' => 'getLogout']);
    }

}

this class use the trait for login stored in: vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Auth\\AuthenticatesAndRegistersUsers.php

you can overwrite the methods from this class to put your own logic, for example in the class AuthController you can define a new:

function postLogin(){
   //your new logic for login
}

and it gonna respect your function instead the trait funcion. anyway, the logic behind the postLogin from auth trait is:

public function postLogin(Request $request)
    {
        $this->validate($request, [
            'email' => 'required|email', 'password' => 'required',
        ]);

        $credentials = $request->only('email', 'password');

        if ($this->auth->attempt($credentials, $request->has('remember')))
        { //this if validate if the user is on the database line 1
            return redirect()->intended($this->redirectPath());
            //this redirect if user is the db line 2
        }

        return redirect($this->loginPath())
                    ->withInput($request->only('email', 'remember'))
                    ->withErrors([
                        'email' => $this->getFailedLoginMessage(),
                    ]);
          //redirect again to login view with some errors line 3
    }

you can do two things:

1. edit the trait itself (bad practice) to put your own logic
2. define your own postLogin function in AuthController and copy the logic but edit it with your own custom logic.

Edit to be more conrete with your points:

1. User will enter login page: you can use the default login page that laravel gives you, or you can overwrite getLogin function and redircet to your own view.

2. User submit login page: the form action needs to be: {{ url('/auth/login') }} or whatever route you put to postLogin()

3. Application will check if the user is in database: in the code line 1

   3.1 (If user not in database | it will send a request to a third-party and check if login succeeded): in the code line 3

3.2 If user is in database verify password: in the code line 2