/** * Override login method * @param Request $request * @return \Illuminate\Http\RedirectResponse|\Illuminate\Http\Response */ public function login(Request $request) { $this->validate($request, [$this->loginUsername() => 'required', 'password' => 'required']); // If the class is using the ThrottlesLogins trait, we can automatically throttle // the login attempts for this application. We'll key this by the username and // the IP address of the client making these requests into this application. $throttles = $this->isUsingThrottlesLoginsTrait(); if ($throttles && $this->hasTooManyLoginAttempts($request)) { return $this->sendLockoutResponse($request); } $credentials = $this->getCredentials($request); if (Auth::guard($this->getGuard())->attempt($credentials, $request->has('remember'))) { //Find same user in db, kill the previous session and save current session id $user = User::where('email', $request->get('email'))->first(); if (!is_null($user->session_id)) { Session::getHandler()->destroy($user->session_id); } $user->session_id = Session::getId(); $user->save(); return $this->handleUserWasAuthenticated($request, $throttles); } // If the login attempt was unsuccessful we will increment the number of attempts // to login and redirect the user back to the login form. Of course, when this // user surpasses their maximum number of attempts they will get locked out. if ($throttles) { $this->incrementLoginAttempts($request); } return $this->sendFailedLoginResponse($request); }
protected function authenticated(Request $request, User $user) { $previousSessionID = $user->session; if (!$previousSessionID) { Session::getHandler()->destroy($previousSessionID); } $this->guard()->user()->session = Session::getId(); $this->guard()->user()->save(); return redirect()->intended($this->redirectPath()); }
/** * @group login * @return $this */ public function testLoginExample() { $user_1 = App\User::where('email', '*****@*****.**')->first(); if (is_null($user_1)) { $this->visit('http://laratest.app/register')->type('lingbo', 'name')->type('*****@*****.**', 'email')->type('123123', 'password')->type('123123', 'password_confirmation')->press('Register')->seePageIs('http://laratest.app/home'); } //Start another session(login another browser) $response = $this->call('POST', '/login', ['email' => '*****@*****.**', 'password' => '123123']); $user_2 = App\User::where('email', '*****@*****.**')->first(); var_dump($user_1->session_id); var_dump($user_2->session_id); $this->assertEquals("", Session::getHandler()->read($user_1->session_id)); $this->assertNotEquals("", Session::getHandler()->read($user_2->session_id)); }