Table of Contents
Add a New SSH Key
Home PHP Framework Laravel New password confirmation process for user login in Laravel 6.2 (code example)

New password confirmation process for user login in Laravel 6.2 (code example)

Jan 30, 2020 pm 08:45 PM
laravel

New password confirmation process for user login in Laravel 6.2 (code example)

Laravel has released v6.2, which adds a new password confirmation feature that allows you to require logged in users to re-enter their password before they can access routes.

This function is similar to the GitHub confirmation dialog box when you perform sensitive operations. You can easily set this up in Laravel, so let's try out the new feature so you can better understand how it works:

SETUP

First, in order to understand this new feature more intuitively, we create a new Laravel application:

laravel new confirm-app
cd confirm-app
composer require laravel/ui --dev
Copy after login

As you know, the make:auth command was removed in Laravel 6, and the same functionality has been migrated to laravel/ui. In the official expansion package. Let us use a new command to generate user authentication related code:

 php artisan ui vue --auth
 yarn install
 yarn dev
Copy after login

Next, we configure the SQLite database (of course you can choose the database you want to use):

touch database/database.sqlite
Copy after login

We have created the default configuration file required by Laravel when using the sqlite driver, but you still need to update the .env file to ensure the database connection and path are correct:

DB_CONNECTION=sqlite
# ...
# 使用 sqlite 驱动程序的默认路径
# DB_DATABASE=laravel
Copy after login

Next, let’s run the migration and then create a test user:

php artisan migrate
Copy after login

We can create it in the console through the factory() method A test user:

 php artisan tinker
 >>> $user = factory(App\User::class)->create([
 ... 'password' => bcrypt('secret'),
 ... 'email' => 'admin@example.com'
 ... ]);
Copy after login

Write the controller.

Assume you want the user to view administrative actions such as adding an SSH key before Re-verify their password. We want users to re-enter their passwords within a configured window (default is three hours).

We will create a fake /settings/ssh/create route, in which we need the new password.confirm middleware before the user can create a new key:

php artisan make:controller Settings/SSHController
Copy after login

Next, create the method create() in this controller:

 namespace App\Http\Controllers\Settings;
  
  use App\Http\Controllers\Controller;
  use Illuminate\Http\Request;
  
  class SSHController extends Controller
  {
  public function create()
  {
 return view('secret');
 }
 }
Copy after login

We will stub the secret template and place it at the root of the view path In the directory resources/views/secret.blade.php:

  @extends('layouts.app')
  @section('content')
  <div class="container">
  <div class="row justify-content-center">
  <div class="col-md-8">
  <h1 id="Add-nbsp-a-nbsp-New-nbsp-SSH-nbsp-Key">Add a New SSH Key</h1>
  <p>This page is only shown after password confirmation.</p>
  </div>
  </div>
 </div>
 @endsection
Copy after login

When coding, you should copy the file auth/passwords/confirm.blade.php to your project . You can get the file to copy here: ui/confirm.stub. Copy this file and add it to your project in the following path:

resources/views/auth/passwords/confirm.blade.php
Copy after login

Next, we need to define the routes, in routes/ At the end of the web.php file I mention the need for this middleware:

 Route::namespace(&#39;Settings&#39;)
 ->middleware([&#39;auth&#39;])
 ->group(function () {
 Route::get(&#39;/settings/ssh/create&#39;, &#39;SSHController@create&#39;)->middleware(&#39;password.confirm&#39;);
 });
Copy after login

Note: Typically, you can aggregate all routes that require authentication through the auth middleware. In this demo , we created a controller in the Settings namespace.

With it, once you log in, you will be redirected to /home. There, navigate to /settings/ssh/create and you will be prompted for your password:

New password confirmation process for user login in Laravel 6.2 (code example)

If you follow this tutorial, enter secret, submit the form, and then enter the create view. Once you confirm your password, you can refresh this page without prompting.

Use the new ddd() helper function, add it to your SSHController::create() method, the method will determine the value of session in auth.password_confirmed_at the next time you are prompted:

public function create()
 {
 ddd(session(&#39;auth&#39;));
 return view(&#39;secret&#39;);
 }
Copy after login

New password confirmation process for user login in Laravel 6.2 (code example)

This is the last time the password was verified. By default, users will not be reminded to verify their password again within 3 hours. Of course, you can customize it by modifying the config('auth.password_timeout') configuration item (the configuration item is defined in config/auth. of Laravel v6.2.0. php configuration file).

For more technical articles related to the laravel framework, please visit the laravel tutorial column!

The above is the detailed content of New password confirmation process for user login in Laravel 6.2 (code example). For more information, please follow other related articles on the PHP Chinese website!

Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

Video Face Swap

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Tools

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Laravel - Artisan Commands Laravel - Artisan Commands Aug 27, 2024 am 10:51 AM

Laravel - Artisan Commands - Laravel 5.7 comes with new way of treating and testing new commands. It includes a new feature of testing artisan commands and the demonstration is mentioned below ?

Laravel - Pagination Customizations Laravel - Pagination Customizations Aug 27, 2024 am 10:51 AM

Laravel - Pagination Customizations - Laravel includes a feature of pagination which helps a user or a developer to include a pagination feature. Laravel paginator is integrated with the query builder and Eloquent ORM. The paginate method automatical

How to get the return code when email sending fails in Laravel? How to get the return code when email sending fails in Laravel? Apr 01, 2025 pm 02:45 PM

Method for obtaining the return code when Laravel email sending fails. When using Laravel to develop applications, you often encounter situations where you need to send verification codes. And in reality...

Laravel schedule task is not executed: What should I do if the task is not running after schedule: run command? Laravel schedule task is not executed: What should I do if the task is not running after schedule: run command? Mar 31, 2025 pm 11:24 PM

Laravel schedule task run unresponsive troubleshooting When using Laravel's schedule task scheduling, many developers will encounter this problem: schedule:run...

In Laravel, how to deal with the situation where verification codes are failed to be sent by email? In Laravel, how to deal with the situation where verification codes are failed to be sent by email? Mar 31, 2025 pm 11:48 PM

The method of handling Laravel's email failure to send verification code is to use Laravel...

How to implement the custom table function of clicking to add data in dcat admin? How to implement the custom table function of clicking to add data in dcat admin? Apr 01, 2025 am 07:09 AM

How to implement the table function of custom click to add data in dcatadmin (laravel-admin) When using dcat...

Laravel Redis connection sharing: Why does the select method affect other connections? Laravel Redis connection sharing: Why does the select method affect other connections? Apr 01, 2025 am 07:45 AM

The impact of sharing of Redis connections in Laravel framework and select methods When using Laravel framework and Redis, developers may encounter a problem: through configuration...

Laravel - Dump Server Laravel - Dump Server Aug 27, 2024 am 10:51 AM

Laravel - Dump Server - Laravel dump server comes with the version of Laravel 5.7. The previous versions do not include any dump server. Dump server will be a development dependency in laravel/laravel composer file.

See all articles