You can define dashboard and login routes. The dashboard route will be for when the user authenticates, and the login route will be for when the user logs off and will be redirected to it.
To do this, open the auth.yaml
file and edit the auth_dashboard_url
and auth_login_url
variables.
auth:
auth_dashboard_url: /dashboard
auth_login_url: /auth
For this, it is necessary to first define the name of the table in the login
method. In the columns
method, the database username and password. Then, in the values
method, the input values of the form. Finally, the register
method will perform the login as shown below.
$res = Auth::login('auth_users')
->columns('username', 'password')
->values('inputEmail', 'inputPassword')
->register();
You can also use the Model name in the login()
method. This way, the Auth
component will get the name of the table that is in the $table
property.
Solital uses the default Model AuthModel
. However, you can create a model and use it in the login()
method.
use Solital\Core\Kernel\Model\AuthModel;
$res = Auth::login(AuthModel::class)
->columns('username', 'password')
->values('inputEmail', 'inputPassword')
->register();
The $res
variable will return true
if authentication is true and will redirect the user to the route defined in the auth_dashboard_url
variable. But if it is false
, you can add a reply message after the above code if authentication fails.
if ($res == false) {
message('login', 'Invalid username and/or password!');
response()->redirect('your_login_url');
}
In some cases the user wants to remain logged into the system after closing the browser. When registering a user, you can first use the remember
method, passing the name of the form input as a parameter.
In the value
of the form input, use true
.
<input type="checkbox" name="inputRemember" value="true">
$res = Auth::login(AuthModel::class)
->columns('username', 'password')
->values('inputEmail', 'inputPassword')
->remember('inputRemember')
->register();
Below is an example method of authentication.
<input type="email" name="inputEmail">
<input type="password" name="inputPassword">
<input type="checkbox" name="inputRemember" value="true">
<?php
namespace Solital\Components\Controller;
use Solital\Core\Http\Controller\Controller;
use Solital\Core\Auth\Auth;
class UserController extends Controller
{
/**
* @return void
*/
public function authPost(): void
{
$res = Auth::login(AuthModel::class)
->columns('username', 'password')
->values('inputEmail', 'inputPassword')
->remember('inputRemember')
->register();
if ($res == false) {
message('login', 'Invalid username and/or password!');
response()->redirect(url('auth'));
}
}
}
If you need more routes for dashboards and logins, you can change the parameter in the register()
function:
# In routers.php
Course::get('/my-second-dashboard', 'SiteController@SecondDashboard')->name('second.dashboard');
# In Controller with `url()` helper
$res = Auth::login(AuthModel::class)
->columns('username', 'password')
->values('inputEmail', 'inputPassword')
->register(url('second.dashboard'));
# Or without `url()` helper
$res = Auth::login(AuthModel::class)
->columns('username', 'password')
->values('inputEmail', 'inputPassword')
->register('/my-second-dashboard');
To check if the user exists, you can create a middleware and add the Auth::check()
method.
class AuthMiddleware implements BaseMiddlewareInterface
{
public function handle(): void
{
Auth::check();
}
}
The Auth::check
method checks whether there is a user authenticating, but if you want to specify a user, you can pass the username in the first parameter.
If the user is not authenticated, he will be redirected to the route defined in the auth_login_url
variable. If you want to redirect to another route, you can define it using the second parameter.
Auth::check('solital@egmail.com');
// Redirect to another router
Auth::check('solital@egmail.com', '/redirect-to-another-router');
To logoff, use the Auth::logoff()
method.
Auth::logoff();
// Logoff an user
Auth::logoff('solital@egmail.com');
// Redirect to another router
Auth::logoff('solital@egmail.com', '/redirect-to-another-router');
To create a predefined login structure, use php vinci auth:skeleton --login
This command will create a LoginController
class, AuthMiddleware
middleware, templates for authentication, dashboard and predefined routes. Plus a standard user in the database.
If you want to remove this structure, use php vinci auth:skeleton --login --remove
.
You can create an authentication using Sodium encryption.
First, you need to generate a sodium key. This key is automatically renewed with each new request, so it can be stored in a database, in the session or in another type of storage.
use Solital\Core\Security\Hash;
$key = Hash::getSodiumKey();
Use Auth::sodium()
to encrypt your password. Remember to use it in conjunction with the generated key.
use Solital\Core\Auth\Auth;
use Solital\Core\Security\Hash;
$key = Hash::getSodiumKey();
$encoded = Auth::sodium('password', $key);
pre($encoded);
To verify the password generated using the Auth::sodium()
method, use Auth::sodiumVerify()
together with the generated key, password and hash.
use Solital\Core\Auth\Auth;
use Solital\Core\Security\Hash;
$key = Hash::getSodiumKey();
$encoded = Auth::sodium('password', $key);
$decoded = Auth::sodiumVerify($encoded, 'password', $key);
pre($decoded);