/** * Send the response after the user was authenticated. * * @param \Illuminate\Http\Request $request * @param bool $throttles * @return \Illuminate\Http\Response */ protected function handleUserWasAuthenticated(Request $request, $throttles) { if ($throttles) { $this->clearLoginAttempts($request); } // if (method_exists($this, 'authenticated')) { // return $this->authenticated($request, Auth::user()); // } $user = Auth::getLastAttempted(); $previous_session = $user->session_id; if ($previous_session) { \Session::getHandler()->destroy($previous_session); Auth::setUser($user); Auth::logout(); } Auth::login($user, $request->has('remember')); $user->session_id = \Session::getId(); $user->save(); return redirect()->intended($this->redirectPath()); }
public function login(Request $request) { $this->validate($request, [$this->loginUsername() => 'required', 'password' => 'required']); // If the class is using the ThrottlesLogins trait, we can automatically throttle // the login attempts for this application. We'll key this by the username and // the IP address of the client making these requests into this application. $throttles = $this->isUsingThrottlesLoginsTrait(); if ($throttles && $this->hasTooManyLoginAttempts($request)) { return $this->sendLockoutResponse($request); } $credentials = $this->getCredentials($request); // if (Auth::attempt($credentials, $request->has('remember'))) { // $this->swapUserSession(Auth::user()); // return $this->handleUserWasAuthenticated($request, $throttles); // } if (Auth::validate($credentials)) { $user = Auth::getLastAttempted(); $previous_session = $user->last_session_id; if ($previous_session) { \Session::getHandler()->destroy($previous_session); Auth::setUser($user); Auth::logout(); } Auth::login($user, $request->has('remember')); $user->last_session_id = \Session::getId(); $user->save(); return redirect()->intended($this->redirectPath()); } // If the login attempt was unsuccessful we will increment the number of attempts // to login and redirect the user back to the login form. Of course, when this // user surpasses their maximum number of attempts they will get locked out. if ($throttles) { $this->incrementLoginAttempts($request); } return redirect()->back()->withInput($request->only($this->loginUsername(), 'remember'))->withErrors([$this->loginUsername() => $this->getFailedLoginMessage()]); }
public function postLogin(Request $request) { $this->validate($request, [$this->loginUsername() => 'required', 'password' => 'required']); // If the class is using the ThrottlesLogins trait, we can automatically throttle // the login attempts for this application. We'll key this by the username and // the IP address of the client making these requests into this application. $throttles = $this->isUsingThrottlesLoginsTrait(); if ($throttles && $this->hasTooManyLoginAttempts($request)) { return $this->sendLockoutResponse($request); } $credentials = $this->getCredentials($request); $remember = $request->has('remember'); if (Auth::attempt($credentials, $remember, false)) { $user = Auth::getLastAttempted(); if ((int) $user->active === 1) { Auth::login($user, $remember); return $this->handleUserWasAuthenticated($request, $throttles); } } // If the login attempt was unsuccessful we will increment the number of attempts // to login and redirect the user back to the login form. Of course, when this // user surpasses their maximum number of attempts they will get locked out. if ($throttles) { $this->incrementLoginAttempts($request); } return redirect($this->loginPath())->withInput($request->only($this->loginUsername(), 'remember'))->withErrors([$this->loginUsername() => $this->getFailedLoginMessage()]); }