My Blog Posts

New Password Verification System for Users Logged on to Laravel 6.2

New Password Verification System for Users Logged on to Laravel 6.2


With a new password confirmation feature works like the GitHub confirmation screen when you perform sensitive actions. Let's take the new feature so you can see how you're back in Set Laravel:

Setup

First, let's create a new Laravel app to work so you can visualize how this new feature works:

laravel new confirm-app
cd confirm-app
composer require laravel/ui --giant
 Let's create the authorization code for our application:
php artisan ui vue --auth
install tomorrow
yarn giant

Then let's configure an SQLite database (but you can use the database connection you want):
touch database/database.sqlite 

When using a database link, we created the file that Laravel would search for by default SqliteBut .envfile through the correct connection and database update :
DB_CONNECTION=sqlite
# ... # Use the default path of the sqlite driver#DB_DATABASE=laravel
 Then let's create a test user:
php artisan migrate
We can create a test user with the console factory():
php artisan tinker
> $user = factory(App\User::class)-create([
... 'password' => bcrypt('secret'),
... 'email' => 'admin@example.com'
... ]);

Let's Write Controllers

Suppose you want users to reverify their passwords before viewing a administrative action, such as adding an SSH key. We want the user to re-enter the password in the configured window (default 3 hours).

Before the user can create a new key /settings/ssh/createNew password.confirm middleware software for A Route we will create:

php artisan make:controller Settings/SSHController
Then create the controller action
namespace App\Http\Controllers\Settings;

use App\Http\Controllers\Controller;
use Illuminate\Http\Request;

class SSHController extends Controller
{
    public function create()
    {
        return view('secret');
    }
}
resources/views/secret.blade.php:
@extends('layouts.app')
@section('content')
     div class="container">div class="row justify-content-center">div class="col-md-8">h1>Add a New SSH Keyh1>p>This page is only shown after password confirmation.  p>div>div>div >div>
@endsection
During writing auth/passwords/confirm.blade.php file for your project you must copy Here you can get: 
ui / confirm.stub . Copy this file and add it to your project as follows:
resources/views/auth/passwords/confirm.blade.php
Then, routes/web.php File we need to define the route with the middleware software we will need to identify. :
Route::namespace('Settings')
    ->middleware(['auth'])
    ->group(function () {
        Route::get('/settings/ssh/create', 'SSHController@create')->middleware('password.confirm');
    });
Once you log in with this, you will be redirected to the home page and then ask to enter your password:


If you followed it with secret, you will be redirected to create view after the form. After you confirm the password, you can refresh this page without being prompted.

Add this method to your own method to visualize auth.password_confirmed_atoturum, which is the SSHController::create() to be requested the next time using the New ddd (helper):

public function create()
{
    ddd(session('auth'));
    return view('secret');
}


 Version v6.2.0 config('auth.password_timeout') Place Field Value how long before it confirms the password again .config/auth.php



Share this article


Comments (0)

Comment