I need to allow login only for allowed users, this is my controller:
class LoginController extends Controller
{
public function index()
{
return view('login');
}
public function login(Request $request)
{
$credentials = $request->only('user', 'password');
if (!Auth::attempt($credentials)) {
return back()->with('error', 'Usuario o Contraseña Invalidos!');
} else if (Auth::user()->status != 1) {
return back()->with('error', 'Usuario no autorizado');
}
$request->session()->regenerate();
return redirect('home');
}
public function logout(Request $request)
{
Auth::logout();
$request->session()->regenerate();
return redirect('/login');
}
}
it works but it is allowing all the users, even those with status = 0, what am i doing wrong?
thanks for your help...
Auth::attempt
accept extra query conditions to the authentication query in addition to the user's email and password.
if (Auth::attempt(['email' => $email, 'password' => $password, 'status' => 1])) {
// Authentication was successful...
}
In your LoginControllere add this:
protected function credentials(\Illuminate\Http\Request $request)
{
//return $request->only($this->username(), 'password');
return [$this->username() => $request->{$this->username()}, 'password' => $request->password, 'status' => 1];
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.