Last active
December 1, 2020 06:05
-
-
Save Rijen/8c3c69a012fd76cccdd96e9d8e841dd8 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
namespace App\Http\Controllers\Auth; | |
use App\Http\Controllers\Controller; | |
use App\Providers\RouteServiceProvider; | |
use Illuminate\Foundation\Auth\AuthenticatesUsers; | |
use Illuminate\Http\Request; | |
class LoginController extends Controller { | |
/* | |
|-------------------------------------------------------------------------- | |
| Login Controller | |
|-------------------------------------------------------------------------- | |
| | |
| This controller handles authenticating users for the application and | |
| redirecting them to your home screen. The controller uses a trait | |
| to conveniently provide its functionality to your applications. | |
| | |
*/ | |
use AuthenticatesUsers; | |
/** | |
* Where to redirect users after login. | |
* | |
* @var string | |
*/ | |
protected $redirectTo = RouteServiceProvider::HOME; | |
/** | |
* Create a new controller instance. | |
* | |
* @return void | |
*/ | |
public function __construct() { | |
$this->middleware('guest')->except('logout'); | |
} | |
public function attemptLogin(Request $request) { | |
$credentials = $request->only('email', 'password'); | |
\Auth::guard('admin')->attempt($credentials); | |
if (\Auth::attempt($credentials)) | |
// Authentication passed... | |
return redirect()->intended('dashboard'); | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
namespace App\Models; | |
use App\Scopes\AdminUserScope; | |
class AdminUser extends User { | |
protected $table = 'users'; | |
protected $guard = 'admin'; | |
protected static function booted() { | |
static::addGlobalScope(new AdminUserScope); | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
namespace App\Providers; | |
use Illuminate\Cache\RateLimiting\Limit; | |
use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider; | |
use Illuminate\Http\Request; | |
use Illuminate\Support\Facades\RateLimiter; | |
use Illuminate\Support\Facades\Route; | |
class RouteServiceProvider extends ServiceProvider { | |
/** | |
* The path to the "home" route for your application. | |
* | |
* This is used by Laravel authentication to redirect users after login. | |
* | |
* @var string | |
*/ | |
public const HOME = '/home'; | |
/** | |
* The controller namespace for the application. | |
* | |
* When present, controller route declarations will automatically be prefixed with this namespace. | |
* | |
* @var string|null | |
*/ | |
// protected $namespace = 'App\\Http\\Controllers'; | |
/** | |
* Define your route model bindings, pattern filters, etc. | |
* | |
* @return void | |
*/ | |
public function boot() { | |
$this->configureRateLimiting(); | |
$this->routes(function () { | |
Route::prefix('api') | |
->middleware('api') | |
->namespace($this->namespace) | |
->group(base_path('routes/api.php')); | |
Route::middleware('web') | |
->namespace($this->namespace) | |
->group(base_path('routes/web.php')); | |
Route::prefix('admin') | |
->name('admin.') | |
->namespace('Admin') | |
->middleware(['web','auth:admin']) | |
->group(base_path('routes/web_admin.php')); | |
}); | |
} | |
/** | |
* Configure the rate limiters for the application. | |
* | |
* @return void | |
*/ | |
protected function configureRateLimiting() { | |
RateLimiter::for('api', function (Request $request) { | |
return Limit::perMinute(60)->by(optional($request->user())->id ?: $request->ip()); | |
}); | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
namespace App\Scopes; | |
use Illuminate\Database\Eloquent\Builder; | |
use Illuminate\Database\Eloquent\Model; | |
use Illuminate\Database\Eloquent\Scope; | |
class AdminUserScope implements Scope { | |
/** | |
* Apply the scope to a given Eloquent query builder. | |
* | |
* @param \Illuminate\Database\Eloquent\Builder $builder | |
* @param \Illuminate\Database\Eloquent\Model $model | |
* @return void | |
*/ | |
public function apply(Builder $builder, Model $model) { | |
$builder->where('is_admin', true); | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
return [ | |
/* | |
|-------------------------------------------------------------------------- | |
| Authentication Defaults | |
|-------------------------------------------------------------------------- | |
| | |
| This option controls the default authentication "guard" and password | |
| reset options for your application. You may change these defaults | |
| as required, but they're a perfect start for most applications. | |
| | |
*/ | |
'defaults' => [ | |
'guard' => 'web', | |
'passwords' => 'users', | |
], | |
/* | |
|-------------------------------------------------------------------------- | |
| Authentication Guards | |
|-------------------------------------------------------------------------- | |
| | |
| Next, you may define every authentication guard for your application. | |
| Of course, a great default configuration has been defined for you | |
| here which uses session storage and the Eloquent user provider. | |
| | |
| All authentication drivers have a user provider. This defines how the | |
| users are actually retrieved out of your database or other storage | |
| mechanisms used by this application to persist your user's data. | |
| | |
| Supported: "session", "token" | |
| | |
*/ | |
'guards' => [ | |
'web' => [ | |
'driver' => 'session', | |
'provider' => 'users', | |
], | |
'admin' => [ | |
'driver' => 'session', | |
'provider' => 'admins', | |
], | |
'api' => [ | |
'driver' => 'token', | |
'provider' => 'users', | |
'hash' => false, | |
], | |
], | |
/* | |
|-------------------------------------------------------------------------- | |
| User Providers | |
|-------------------------------------------------------------------------- | |
| | |
| All authentication drivers have a user provider. This defines how the | |
| users are actually retrieved out of your database or other storage | |
| mechanisms used by this application to persist your user's data. | |
| | |
| If you have multiple user tables or models you may configure multiple | |
| sources which represent each model / table. These sources may then | |
| be assigned to any extra authentication guards you have defined. | |
| | |
| Supported: "database", "eloquent" | |
| | |
*/ | |
'providers' => [ | |
'users' => [ | |
'driver' => 'eloquent', | |
'model' => App\Models\User::class, | |
], | |
'admins' => [ | |
'driver' => 'eloquent', | |
'model' => App\Models\AdminUser::class, | |
], | |
// 'users' => [ | |
// 'driver' => 'database', | |
// 'table' => 'users', | |
// ], | |
], | |
/* | |
|-------------------------------------------------------------------------- | |
| Resetting Passwords | |
|-------------------------------------------------------------------------- | |
| | |
| You may specify multiple password reset configurations if you have more | |
| than one user table or model in the application and you want to have | |
| separate password reset settings based on the specific user types. | |
| | |
| The expire time is the number of minutes that the reset token should be | |
| considered valid. This security feature keeps tokens short-lived so | |
| they have less time to be guessed. You may change this as needed. | |
| | |
*/ | |
'passwords' => [ | |
'users' => [ | |
'provider' => 'users', | |
'table' => 'password_resets', | |
'expire' => 60, | |
'throttle' => 60, | |
], | |
], | |
/* | |
|-------------------------------------------------------------------------- | |
| Password Confirmation Timeout | |
|-------------------------------------------------------------------------- | |
| | |
| Here you may define the amount of seconds before a password confirmation | |
| times out and the user is prompted to re-enter their password via the | |
| confirmation screen. By default, the timeout lasts for three hours. | |
| | |
*/ | |
'password_timeout' => 10800, | |
]; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment