Taha
Reputation: 59
Laravel Authentication Middleware Auth::check() return false
I try to implement ldap user authentication using the ldaprecord package with Laravel 8. Although user authentication is successful, I cannot access the session when I check it through the middleware.
After Auth::login($user), Auth::check() method returns true, somehow on Auth Middleware it return false. I use file for session_driver. The file is created at storage/framework/sessions successfully, so permissions look okay to me. What should I pay attention to for the session to be permanent?
AuthController.php
class AuthController extends Controller
{
public function getLogin(){
return view('login');
}
public function postLoginForm(Request $request){
$request->validate([
'username' => 'required',
'password' => 'required',
]);
$username = $request->username . "@iegm.local";
$connection = Container::getConnection('default');
if ($connection->auth()->attempt($username, $request->password)) {
$user = User::firstOrCreate(['username' => $request->username], [
'is_admin' => 0,
'is_active' => 1
]);
Auth::login($user);
dd(Auth::check()); // --> return true
return redirect()->route('get.anasayfa');
}
return back()->with('fail', 'basarisiz');
}
public function logout() {
Session::flush();
Auth::logout();
return redirect('login');
}
}
auth.php
<?php
return [
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'ldap',
],
],
'providers' => [
'ldap' => [
'driver' => 'ldap',
'model' => App\Models\LdapUser::class,
],
],
];
Kernel.php
<?php
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\Session\Middleware\AuthenticateSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'api' => [
// \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
'throttle:api',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
]
];
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'log' => \App\Http\Middleware\LogMiddleware::class,
];
}
web.php
Route::middleware(['auth'])->group(function () {
Route::get('/', [AnasayfaController::class, 'index'])->name('get.anasayfa');
});
Authenticate.php
<?php
namespace App\Http\Middleware;
use Illuminate\Auth\Middleware\Authenticate as Middleware;
class Authenticate extends Middleware
{
protected function redirectTo($request)
{
dd(Auth::check()) // --> return false
if (! $request->expectsJson()) {
return route('get.login');
}
}
}
RouteServiceProvider.php
<?php
namespace App\Providers;
use Illuminate\Cache\RateLimiting\Limit;
use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\RateLimiter;
use Illuminate\Support\Facades\Route;
class RouteServiceProvider extends ServiceProvider
{
public const HOME = '/home';
protected $namespace = 'App\Http\Controllers';
public function boot()
{
$this->configureRateLimiting();
$this->routes(function () {
Route::prefix('api')
->middleware('api')
->namespace($this->namespace)
->group(base_path('routes/api.php'));
Route::middleware('web')
->namespace($this->namespace)
->group(base_path('routes/web.php'));
});
}
protected function configureRateLimiting()
{
RateLimiter::for('api', function (Request $request) {
return Limit::perMinute(60)->by(optional($request->user())->id ?: $request->ip());
});
}
}
Upvotes: 1
Views: 255
Answers (1)
Taha
Reputation: 59
I'm not sure this is the best approach, but when I used two different models and edited the auth.php file as follows, the Authenticaion middleware worked as I expected.
LdapUser.php
<?php
namespace App\Models;
use LdapRecord\Models\Model;
class LdapUser extends Model
{
public static array $objectClasses = ['top', 'person', 'organizationalPerson', 'user'];
}
User.php
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Laravel\Sanctum\HasApiTokens;
class User extends Authenticatable
{
use HasApiTokens, HasFactory, Notifiable;
protected $fillable = [
'username',
'is_admin',
'is_active'
];
protected $table = 'users';
}
auth.php
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
]
],
Upvotes: 1
Related Questions
- Auth::user() returns null
- Laravel - I Auth::user() in Authenticate.php Middleware return null
- Error Class 'Illuminate\Support\Facades\RateLimiter' not found
- Laravel Auth simple API always returning Unauthorized 401 error
- form doesn't work in laravel 7, nothing happened
- Laravel 5 middleware executes even after restriction
- Laravel 5.2 - Method auth does not exist
- How can I establish a relationship a Model class with another model class of folder in laravel eloquent??
- Laravel 5.1: Auth::attemp() success but Auth::check() return false