Reputation: 883
Laravel 5.1 Middleware to check the creation date from a user to change password
I'm developing a webapp with Laravel 5.1 and I'm building the authentication system and I have to check if the user has not changed his password in six months or more and I would use a middleware to check this but I didn't find how I can do it properly. I created a global middleware but it is not working because I can't get the authenticated user.
It is possible that I have to use an AfterMiddleware to check the password?
Upvotes: 1
Views: 439
Answers (2)
Reputation: 1687
then You need to overwrite the method postLogin in AuthController
public function postLogin(Request $request){
$credentials = ['email' => $request->email, 'password' => $request->password];
if (Auth::attempt($credentials, $request->has('remember'))) {
if((strtotime(Auth::user()->created_at) < strtotime('6 month ago'))){
return redirect('your-reset-path);//redirect to password reset page
}else{
return redirect()->intended('/');
}
}
return redirect($this->loginPath())
->withInput($request->only('email', 'remember'))
->withErrors([
'email' => $this->getFailedLoginMessage(),
]);
}
this will do the job if you want to check on created_at but you rather use another field with time-stamp(last_password_updated) that will only updated when password is changed and when it is first created,it will be more efficient.
Upvotes: 0
Reputation: 1687
First explain/state when you want the user to force to change the password? While authenticating or after success authentication? then i can give you a solution
Upvotes: 0
Related Questions
- Using Laravel Auth middleware
- check authenticate user in middleware using laravel 5.6
- Customise Laravel auth middleware
- Check Auth::user() from middleware
- How to give auth condition in laravel 5 middleware
- Auth middleware in Laravel 5.4
- Laravel 5.4: Create password on first login
- Laravel 5.2 - middleware auth
- Middleware and user - laravel 5
- Laravel 5.2: How to use auth in middleware