Laravel authentication error message

Question

I'm using custom authentication. Added user status(enable/disable) check in retrieveByCredentials function of my custom provider. Now how can I differentiate the error, whether its coming because user enter wrong credentials or because user is disabled?

So far I looked at following function sendFailedLoginResponse, but there is no way to differentiate.

Any suggestions how can I achieve this?

Answer 1

I've approached this in the following way:

/*
   LoginController.php
 */

/**
 * Override default login username to be used by the controller.
 *
 * @return string
 */
public function username()
{
    return 'username';
}

/**
 * Override default validation of the user login request.
 *
 * @param \Illuminate\Http\Request $request
 *
 * @return void
 */
protected function validateLogin(Request $request)
{
    $this->validate($request, [
        $this->username() => [
            'required',
            'min:4',
            'max:30',
            'regex:/^[\S]*$/',
            Rule::exists('users')->where(function ($query)
            {
                $query->where('active', 1);
            })
        ],
        'password' => 'required|min:6|max:100'
    ]);
}

Substituting out whatever the name and expected value of your field is for "active" will enable you to validate depending on whether or not users are active/enabled. You mentioned you've already done this but in this case the validation error will also be the validation message for the "exists" rule. In my application I don't actually need to care why a user failed login but checking the validation message may, I suppose, be enough in your case?