How to check user status while login in Laravel 5?

Question

I have used Laravel Authentication (Quickstart). But I need to check the status of the user (approved/pending). If not approved, then an error will be shown in the login page. I need to know in which file I have to make the change and what is the change. Currently I am working on Laravel 5.3.

Answer 1

You can create a Laravel Middleware check the link for additional info

php artisan make:middleware CheckStatus

modify your middleware to get

<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\Auth;
class CheckStatus
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        $response = $next($request);
        //If the status is not approved redirect to login 
        if(Auth::check() && Auth::user()->status_field != 'approved'){
            Auth::logout();
            return redirect('/login')->with('erro_login', 'Your error text');
        }
        return $response;
    }
}

then add your middleware to your Kernel.php

'checkstatus' => \App\Http\Middleware\CheckStatus::class,

and finally add the middleware to your route

Route::post('/login', [
    'uses'          => 'Auth\AuthController@login',
    'middleware'    => 'checkstatus',
]);

I hope it helps

Answer 2

I found a simple solution for this. Artisan create App\\Http\\Controllers\\Auth\\LoginController , in this default controller just add this code if you have some conditions to login, for example I have a field state , you posibbly have status, email_status or other.

// Custom code for Auth process
protected function credentials( Request $request )
{
    $credentials = $request->only($this->username(), 'password');

    $credentials['state'] = 1;

    return $credentials;

}

Answer 3

Just Add following method in my LoginController works like charm

protected function authenticated(Request $request, $user)
    {
        if ($user->yourFirldName != "Active") {
            Auth::logout();
            return redirect('/login')->with('error', 'Looks Like Your status is InActive');
        }
    }

Answer 4

upper answer saves me

  if (Auth::attempt(['email'=>$input['email'],'password'=>$input['password'], 'user_status'=>1 ]))

this will check the status

Answer 5

I don't agree with upper answer, which will lead to your application performance is very low, and also don't recommend to modify the Laravel's source code.

So you can rewrite getCredentials function to your app\\Http\\Controllers\\Auth\\AuthController.php file like this:

<?php
//app\Http\Controllers\Auth\AuthController.php
namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ThrottlesLogins;
use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;
use Illuminate\Http\Request;

class AuthController extends Controller
{
use AuthenticatesAndRegistersUsers, ThrottlesLogins;

    //you need add this function
    protected function getCredentials(Request $request)
    {
        $data = $request->only($this->loginUsername(), 'password');
        $data['is_approved'] = 1;
        return $data;
    }
}

then you can use Laravel Authentication (Quickstart) directly.

Hope this will help.

Answer 6

The pinned answer is the best approach.

Just a note: if you are using Laravel 5.8+ you need use:

//Default Auth routes
Auth::routes();

//Override and add middleware 
Route::post('/login', [
'uses'          => 'Auth\LoginController@login',
'middleware'    => 'checkstatus',
]);

Answer 7

Follow the steps...

First add a column in your user table (suppose is_approved)

In App/Http/Controllers/Auth/LoginController file

public function authenticate()
{
    if (Auth::attempt(['email' => $email, 'password' => $password, 'is_approved'=>1])) {
        // Authentication passed...
        return redirect()->intended('dashboard');
    }
}

Hope this will help

Answer 8

Auth/LoginController

Though it is a long time from the question created date. You can go this way.

Go to Auth/LoginController and add this line.

    protected function credentials(Request $request)
    {
        return [
            'email' => $request->email,
            'password' => $request->password,
            'status' => 1,
        ];
    }

For this to work you have to have a column named 'status' in users table. 1 is for active and 0/2 is for inactive user.

Hope this will work for you.

Answer 9

public function login(Request $request){
    if ($request->isMethod('post')) {
        $data= $request->all();
        $roles=[
            'email' => 'required|email|max:255',
            'password' => 'required',
        ];
        $customessage=[
                'email.required' =>'Email is required',
                'email.email' => 'Email is not vaild',
            'password.required' => 'Password is required',
        ];
        $this->validate($request,$roles,$customessage);
        
        if(Auth::guard('admin')->attempt(['email'=>$data['email'],'password'=>$data['password'],'status'=>1])) {
            return redirect('admin/dashboard');
        } else {
            Session::flash('error_message','You are not Active by Admin');
            return redirect()->back();
        }
    }
    return view('admin.admin_login');
}