Implemented Custom Auth Framework

Rebuilt member authorization and session handling within Laravel's envirnoment. Sticking with bcrypt encryption for passwords to make the transistion simple.
1 year ago · 14af284103
parent ba79c9924c
commit 14af284103
10 changed files with 173 additions and 21 deletions
--- a/app/Http/Controllers/AuthController.php
+++ b/app/Http/Controllers/AuthController.php
@ -0,0 +1,48 @@
 <?php
 namespace App\Http\Controllers;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Symfony\Component\HttpFoundation\Response;
 class AuthController extends Controller
 {
    public function showLogin(Request $request)
    {
        //$token = $request->session()->token();
        //$token = csrf_token();
        return view('front.login');
    }
    public function memberAuth(Request $request): Response
    {
        $token = csrf_token();
        $credentials = $request->validate([
            'handle'   => ['required'],
            'password' => ['required'],
        ]);
        if (Auth::attempt($credentials)) {
            $request->session()->regenerate();
            return redirect()->intended('den');
        }
        return back()->withErrors([
            'error' => 'Nope. Check your crendtials, champ',
        ]);
    }
    public function leave(Request $request): Response
    {
        Auth::logout();
        $request->session()->invalidate();
        $request->session()->regenerateToken();
        return redirect()->intended('login');
    }
 }
--- a/app/Http/Controllers/DenController.php
+++ b/app/Http/Controllers/DenController.php
@ -0,0 +1,16 @@
 <?php
 namespace App\Http\Controllers;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 class DenController extends Controller
 {
    //
    public function start(Request $request)
    {
        $member = Auth::user();
        return view('back.start', ['handle' => $member->handle]);
    }
 }
--- a/app/Http/Controllers/FrontIndexController.php
+++ b/app/Http/Controllers/FrontIndexController.php
@ -2,6 +2,7 @@
 namespace App\Http\Controllers;
 use Illuminate\Support\Facades\DB;
 use App\Models\Location;
 class FrontIndexController extends Controller
@ -11,6 +12,10 @@ class FrontIndexController extends Controller
        $locations = Location::all();
        $count     = count($locations);
        $terms = "no|agenda";
        //$result = DB::select("SELECT * FROM searchlocations('$terms')");
        return view('front.index', ['count' => $count]);
    }
 }
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@ -36,11 +36,12 @@ class Kernel extends HttpKernel
            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
            \App\Http\Middleware\VerifyCsrfToken::class,
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
        ],
        'api' => [
            // \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
-            \Illuminate\Routing\Middleware\ThrottleRequests::class.':api',
+            \Illuminate\Routing\Middleware\ThrottleRequests::class . ':api',
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
        ],
    ];
@ -53,16 +54,17 @@ class Kernel extends HttpKernel
     * @var array<string, class-string|string>
     */
    protected $middlewareAliases = [
-        'auth' => \App\Http\Middleware\Authenticate::class,
+        'auth'             => \App\Http\Middleware\Authenticate::class,
-        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
+        'auth.basic'       => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
-        'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class,
+        'auth.session'     => \Illuminate\Session\Middleware\AuthenticateSession::class,
-        'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
+        'cache.headers'    => \Illuminate\Http\Middleware\SetCacheHeaders::class,
-        'can' => \Illuminate\Auth\Middleware\Authorize::class,
+        'can'              => \Illuminate\Auth\Middleware\Authorize::class,
-        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
+        'guest'            => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
-        'precognitive' => \Illuminate\Foundation\Http\Middleware\HandlePrecognitiveRequests::class,
+        'precognitive'     => \Illuminate\Foundation\Http\Middleware\HandlePrecognitiveRequests::class,
-        'signed' => \App\Http\Middleware\ValidateSignature::class,
+        'signed'           => \App\Http\Middleware\ValidateSignature::class,
-        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
+        'throttle'         => \Illuminate\Routing\Middleware\ThrottleRequests::class,
-        'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
+        'verified'         => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
        'member.check'     => \App\Http\Middleware\MemberCheck::class,
    ];
 }
--- a/app/Http/Middleware/MemberCheck.php
+++ b/app/Http/Middleware/MemberCheck.php
@ -0,0 +1,24 @@
 <?php
 namespace App\Http\Middleware;
 use Closure;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 class MemberCheck
 {
    /**
     * Handle an incoming request.
     *
     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
     */
    public function handle(Request $request, Closure $next)
    {
        if (Auth::check()) {
            return $next($request);
        } else {
            return redirect('login');
        }
    }
 }
--- a/app/Models/Member.php
+++ b/app/Models/Member.php
@ -0,0 +1,14 @@
 <?php
 namespace App\Models;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use App\Models\User as Authenticatable;
 class Member extends Authenticatable
 {
    use HasFactory;
    protected $table    = "member";
    protected $fillable = ["uuid", "handle", "email", "password", "active", "role", "avatar", "pronoun", "gender"];
 }
--- a/config/auth.php
+++ b/config/auth.php
@ -14,8 +14,8 @@ return [
    */
    'defaults' => [
-        'guard' => 'web',
+        'guard'     => 'web',
-        'passwords' => 'users',
+        'passwords' => 'member',
    ],
    /*
@ -37,8 +37,8 @@ return [
    'guards' => [
        'web' => [
-            'driver' => 'session',
+            'driver'   => 'session',
-            'provider' => 'users',
+            'provider' => 'member',
        ],
    ],
@ -60,9 +60,9 @@ return [
    */
    'providers' => [
-        'users' => [
+        'member' => [
            'driver' => 'eloquent',
-            'model' => App\Models\User::class,
+            'model'  => App\Models\Member::class,
        ],
        // 'users' => [
@ -91,10 +91,10 @@ return [
    */
    'passwords' => [
-        'users' => [
+        'member' => [
-            'provider' => 'users',
+            'provider' => 'member',
-            'table' => 'password_reset_tokens',
+            'table'    => 'password_reset_tokens',
-            'expire' => 60,
+            'expire'   => 60,
            'throttle' => 60,
        ],
    ],
--- a/resources/views/back/start.blade.php
+++ b/resources/views/back/start.blade.php
@ -0,0 +1,11 @@
@extends('frame') 
@section('title', 'Den|Start')
  @section('main-content')
    <div>
      <h1>The Den</h1>
      Hey {{$handle}}
    </div>
  @endsection
--- a/resources/views/front/login.blade.php
+++ b/resources/views/front/login.blade.php
@ -0,0 +1,21 @@
@extends('frame') 
@section('title', 'Login')
  @section('main-content')
    @parent
    @if($errors->any())
      <h4>{{$errors->first()}}</h4>
    @endif
    <div>
      <form action="/login" method="post" enctype="multipart/form-data">
        @csrf
        <label>Handle</label><br />
        <input type="text" name="handle" value="" />
        <br />
        <label>Password</label><br />
        <input type="password" name="password" value="" />
        <input type="submit" value="Knock Knock" name="submit_button">
      </form>
    </div>
  @endsection
--- a/routes/web.php
+++ b/routes/web.php
@ -2,6 +2,8 @@
 use Illuminate\Support\Facades\Route;
 use App\Http\Controllers\FrontIndexController;
 use App\Http\Controllers\AuthController;
 use App\Http\Controllers\DenController;
 /*
 |--------------------------------------------------------------------------
@ -14,4 +16,13 @@ use App\Http\Controllers\FrontIndexController;
 |
 */
 //index
 Route::get("/", [FrontIndexController::class, 'start']);
 //auth
 Route::get("/login", [AuthController::class, 'showLogin']);
 Route::post("/login", [AuthController::class, 'memberAuth']);
 //den
 Route::get("/den", [DenController::class, 'start'])->middleware('member.check');
 Route::get("/logout", [AuthController::class, 'leave']);