The auth scaffolding Laravel comes with gives you a very nice login/registration/password reset system for your application to get started. You get a fully functioning example of how to use the Authentication system. The traits that the auth controllers use were designed with the ability to be able to change some of the functionality/defaults easily. There are many changes you can make by overriding methods that don't require you to repeat the actual logic.
Some of this is in the docs Laravel 5-4 - Authentication so make sure to take a look.
Login
The trait AuthenticatesUsers
, that the LoginController
uses, calls other methods so you can override smaller pieces of the functionality easier; which is common across the traits used by the Auth controllers.
Fields
You can customize the fields used as the credentials from the form and what credentials end up being used to attempt to login the user.
Username
Adjusting the field used for username/email is as simple as overriding the username
method.
public function username()
{
return 'email';
}
Password
To validate the credentials it is required that there is a field named password
passed to the authentication system by default. This particular field has to be named password
and does not have to directly correlate to the name of the field in the database. As the credentials are where
conditions we need to know which field is the password to exclude it from the query and to run a hash_check
against.
Form Password
For adjusting the field used in the form for password
you can override these methods:
protected function credentials(Request $request)
{
return $request->only($this->username()) +
['password' => $request->input($this->password())];
}
protected function validateLogin(Request $request)
{
$this->validate($request, [
$this->username() => 'required|string',
$this->password() => 'required|string',
]);
}
and add this new method:
public function password()
{
return 'your_password_form_field';
}
Keep in mind the credentials used to login the user are
where
conditions on a query, exceptpassword
. This means you can adjust the credentials passed to use as additionalwhere
conditons. Ex: have thecredentials
method return an additional values in the array,active => true
Database Password
Your models used for authentication implement a nice contract and implement a method to return the password fields value, Illuminate\Contracts\Auth\Authenticatable@getAuthPassword
. You can override this on your model.
public function getAuthPassword()
{
return $this->password;
}
After Login
To alter the response that is returned after a user has been authenticated you can override the authenticated
method. This method by default does nothing and returns nothing.
protected function authenticated(Request $request, $user)
{
//
}
sendLoginResponse
will call authenticated
and return a response if authenticated
returns something truthy. If not there will be a redirect()->intended($this->redirectPath())
response returned.
protected function sendLoginResponse(Request $request)
{
...
return $this->authenticated($request, $this->guard()->user())
?: redirect()->intended($this->redirectPath());
}
See about RedirectsUsers@redirectPath
below.
After Logout
If you want to adjust where someone is redirected to after logout you would have to override the logout
method. Instead of having to define everything in that method we can just rename that method when we use
the trait.
class LoginController ...
{
use AuthenticatesUsers {
logout as traitLogout;
}
public function logout(Request $request)
{
// call the logout method from the trait
// we don't need the response returned from it
$this->traitLogout($request);
// return our new redirect
return redirect(...);
}
}
Register
After Register
Similar to LoginController@authenticated
there is a RegisterController@registered
from RegistersUsers
.
protected function registered(Request $request, $user)
{
//
}
The register
method will call registered
and if it returns a truthy response, use it, if not return a redirect to the redirect path.
public function register(Request $request)
{
...
return $this->registered($request, $user)
?: redirect($this->redirectPath());
}
RedirectsUsers Trait
There is a RedirectsUsers
trait being used by the traits these controllers use. The redirectPath
method is used so we can define the redirect in different ways. The property redirectTo
can be used or a method redirectTo
can be defined to return the redirect path. (redirectTo() > $redirectTo
)
protected $redirectTo = '/home';
protected function redirectTo()
{
return route('home');
}
Cake
This is a small list of some common things people will want to customize with this scaffolding and some things that may not seem so obvious. Since the functionality for these controllers comes from traits you are free to override what you would like. All the changes you would need to make are in your application space.