Implemented Custom Auth Framework

Rebuilt member authorization and session handling within Laravel's envirnoment. Sticking with bcrypt encryption for passwords to make the transistion simple.
2025-06-25 16:04:37 -05:00 · 2023-08-15 14:05:51 -07:00
parent 50e80cec84
commit ac6fd7be1e
10 changed files with 173 additions and 21 deletions
--- a/app/Http/Controllers/AuthController.php
+++ b/app/Http/Controllers/AuthController.php
@ -0,0 +1,48 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Symfony\Component\HttpFoundation\Response;
+
+class AuthController extends Controller
+{
+    public function showLogin(Request $request)
+    {
+        //$token = $request->session()->token();
+
+        //$token = csrf_token();
+        return view('front.login');
+    }
+
+    public function memberAuth(Request $request): Response
+    {
+        $token = csrf_token();
+
+        $credentials = $request->validate([
+            'handle'   => ['required'],
+            'password' => ['required'],
+        ]);
+
+        if (Auth::attempt($credentials)) {
+            $request->session()->regenerate();
+            return redirect()->intended('den');
+        }
+
+        return back()->withErrors([
+            'error' => 'Nope. Check your crendtials, champ',
+        ]);
+    }
+
+    public function leave(Request $request): Response
+    {
+        Auth::logout();
+
+        $request->session()->invalidate();
+
+        $request->session()->regenerateToken();
+
+        return redirect()->intended('login');
+    }
+}
--- a/app/Http/Controllers/DenController.php
+++ b/app/Http/Controllers/DenController.php
@ -0,0 +1,16 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+
+class DenController extends Controller
+{
+    //
+    public function start(Request $request)
+    {
+        $member = Auth::user();
+        return view('back.start', ['handle' => $member->handle]);
+    }
+}
--- a/app/Http/Controllers/FrontIndexController.php
+++ b/app/Http/Controllers/FrontIndexController.php
@ -2,6 +2,7 @@

 namespace App\Http\Controllers;

+use Illuminate\Support\Facades\DB;
 use App\Models\Location;

 class FrontIndexController extends Controller
@ -11,6 +12,10 @@ class FrontIndexController extends Controller
        $locations = Location::all();
        $count     = count($locations);

+        $terms = "no|agenda";
+
+        //$result = DB::select("SELECT * FROM searchlocations('$terms')");
+
        return view('front.index', ['count' => $count]);
    }
 }
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@ -36,11 +36,12 @@ class Kernel extends HttpKernel
            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
            \App\Http\Middleware\VerifyCsrfToken::class,
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
+
        ],

        'api' => [
            // \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
-            \Illuminate\Routing\Middleware\ThrottleRequests::class.':api',
+            \Illuminate\Routing\Middleware\ThrottleRequests::class . ':api',
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
        ],
    ];
@ -53,16 +54,17 @@ class Kernel extends HttpKernel
     * @var array<string, class-string|string>
     */
    protected $middlewareAliases = [
-        'auth' => \App\Http\Middleware\Authenticate::class,
-        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
-        'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class,
-        'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
-        'can' => \Illuminate\Auth\Middleware\Authorize::class,
-        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
+        'auth'             => \App\Http\Middleware\Authenticate::class,
+        'auth.basic'       => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
+        'auth.session'     => \Illuminate\Session\Middleware\AuthenticateSession::class,
+        'cache.headers'    => \Illuminate\Http\Middleware\SetCacheHeaders::class,
+        'can'              => \Illuminate\Auth\Middleware\Authorize::class,
+        'guest'            => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
-        'precognitive' => \Illuminate\Foundation\Http\Middleware\HandlePrecognitiveRequests::class,
-        'signed' => \App\Http\Middleware\ValidateSignature::class,
-        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
-        'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
+        'precognitive'     => \Illuminate\Foundation\Http\Middleware\HandlePrecognitiveRequests::class,
+        'signed'           => \App\Http\Middleware\ValidateSignature::class,
+        'throttle'         => \Illuminate\Routing\Middleware\ThrottleRequests::class,
+        'verified'         => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
+        'member.check'     => \App\Http\Middleware\MemberCheck::class,
    ];
 }
--- a/app/Http/Middleware/MemberCheck.php
+++ b/app/Http/Middleware/MemberCheck.php
@ -0,0 +1,24 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+
+class MemberCheck
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
+     */
+    public function handle(Request $request, Closure $next)
+    {
+        if (Auth::check()) {
+            return $next($request);
+        } else {
+            return redirect('login');
+        }
+    }
+}