


New password confirmation process for user login in Laravel 6.2 (code example)
Laravel has released v6.2, which adds a new password confirmation feature that allows you to require logged in users to re-enter their password before they can access routes.
This function is similar to the GitHub confirmation dialog box when you perform sensitive operations. You can easily set this up in Laravel, so let's try out the new feature so you can better understand how it works:
SETUP
First, in order to understand this new feature more intuitively, we create a new Laravel application:
laravel new confirm-app cd confirm-app composer require laravel/ui --dev
As you know, the make:auth command was removed in Laravel 6, and the same functionality has been migrated to laravel/ui. In the official expansion package. Let us use a new command to generate user authentication related code:
php artisan ui vue --auth yarn install yarn dev
Next, we configure the SQLite database (of course you can choose the database you want to use):
touch database/database.sqlite
We have created the default configuration file required by Laravel when using the sqlite driver, but you still need to update the .env file to ensure the database connection and path are correct:
DB_CONNECTION=sqlite # ... # 使用 sqlite 驱动程序的默认路径 # DB_DATABASE=laravel
Next, let’s run the migration and then create a test user:
php artisan migrate
We can create it in the console through the factory() method A test user:
php artisan tinker >>> $user = factory(App\User::class)->create([ ... 'password' => bcrypt('secret'), ... 'email' => 'admin@example.com' ... ]);
Write the controller.
Assume you want the user to view administrative actions such as adding an SSH key before Re-verify their password. We want users to re-enter their passwords within a configured window (default is three hours).
We will create a fake /settings/ssh/create route, in which we need the new password.confirm middleware before the user can create a new key:
php artisan make:controller Settings/SSHController
Next, create the method create() in this controller:
namespace App\Http\Controllers\Settings; use App\Http\Controllers\Controller; use Illuminate\Http\Request; class SSHController extends Controller { public function create() { return view('secret'); } }
We will stub the secret template and place it at the root of the view path In the directory resources/views/secret.blade.php:
@extends('layouts.app') @section('content') <div class="container"> <div class="row justify-content-center"> <div class="col-md-8"> <h1 id="Add-nbsp-a-nbsp-New-nbsp-SSH-nbsp-Key">Add a New SSH Key</h1> <p>This page is only shown after password confirmation.</p> </div> </div> </div> @endsection
When coding, you should copy the file auth/passwords/confirm.blade.php to your project . You can get the file to copy here: ui/confirm.stub. Copy this file and add it to your project in the following path:
resources/views/auth/passwords/confirm.blade.php
Next, we need to define the routes, in routes/ At the end of the web.php file I mention the need for this middleware:
Route::namespace('Settings') ->middleware(['auth']) ->group(function () { Route::get('/settings/ssh/create', 'SSHController@create')->middleware('password.confirm'); });
Note: Typically, you can aggregate all routes that require authentication through the auth middleware. In this demo , we created a controller in the Settings namespace.
With it, once you log in, you will be redirected to /home. There, navigate to /settings/ssh/create and you will be prompted for your password:
If you follow this tutorial, enter secret, submit the form, and then enter the create view. Once you confirm your password, you can refresh this page without prompting.
Use the new ddd() helper function, add it to your SSHController::create() method, the method will determine the value of session in auth.password_confirmed_at the next time you are prompted:
public function create() { ddd(session('auth')); return view('secret'); }
This is the last time the password was verified. By default, users will not be reminded to verify their password again within 3 hours. Of course, you can customize it by modifying the config('auth.password_timeout') configuration item (the configuration item is defined in config/auth. of Laravel v6.2.0. php configuration file).
For more technical articles related to the laravel framework, please visit the laravel tutorial column!
The above is the detailed content of New password confirmation process for user login in Laravel 6.2 (code example). For more information, please follow other related articles on the PHP Chinese website!

Hot AI Tools

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Undress AI Tool
Undress images for free

Clothoff.io
AI clothes remover

Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Hot Tools

Notepad++7.3.1
Easy-to-use and free code editor

SublimeText3 Chinese version
Chinese version, very easy to use

Zend Studio 13.0.1
Powerful PHP integrated development environment

Dreamweaver CS6
Visual web development tools

SublimeText3 Mac version
God-level code editing software (SublimeText3)

Hot Topics

Method for obtaining the return code when Laravel email sending fails. When using Laravel to develop applications, you often encounter situations where you need to send verification codes. And in reality...

Laravel schedule task run unresponsive troubleshooting When using Laravel's schedule task scheduling, many developers will encounter this problem: schedule:run...

The method of handling Laravel's email failure to send verification code is to use Laravel...

How to implement the table function of custom click to add data in dcatadmin (laravel-admin) When using dcat...

The impact of sharing of Redis connections in Laravel framework and select methods When using Laravel framework and Redis, developers may encounter a problem: through configuration...

Custom tenant database connection in Laravel multi-tenant extension package stancl/tenancy When building multi-tenant applications using Laravel multi-tenant extension package stancl/tenancy,...

LaravelEloquent Model Retrieval: Easily obtaining database data EloquentORM provides a concise and easy-to-understand way to operate the database. This article will introduce various Eloquent model search techniques in detail to help you obtain data from the database efficiently. 1. Get all records. Use the all() method to get all records in the database table: useApp\Models\Post;$posts=Post::all(); This will return a collection. You can access data using foreach loop or other collection methods: foreach($postsas$post){echo$post->

Efficiently process 7 million records and create interactive maps with geospatial technology. This article explores how to efficiently process over 7 million records using Laravel and MySQL and convert them into interactive map visualizations. Initial challenge project requirements: Extract valuable insights using 7 million records in MySQL database. Many people first consider programming languages, but ignore the database itself: Can it meet the needs? Is data migration or structural adjustment required? Can MySQL withstand such a large data load? Preliminary analysis: Key filters and properties need to be identified. After analysis, it was found that only a few attributes were related to the solution. We verified the feasibility of the filter and set some restrictions to optimize the search. Map search based on city
