Laravel 5.2: Adding Extra Checks at Authentication

This quick post will be about changing the built-in authentication to include more checks beyond username and password. In this post, we will be specifically checking that, along with the correct username and password, the active field, in the users table, must also be equal to 1 (users.active = 1).

Quick Answer

Just add the following to your app\Http\Controllers\Auth\AuthController.php file:

Above, I want the authentication to also check that the user’s active field is set to 1. If your user status check is different, make sure that you change these values.

Long(er) Answer

The getCredentials() method, from the AuthenticatesUsers trait, builds an associative array and sends it to be checked by another function (SessionGuard:attempt) . By default, it will only send the username and password and the attempt() function will loop through the items in the $credentials array, and build a database query from it. We will override the getCredentials() method and add our extra additional check to the $credentials array.

Add this code to your app\Http\Controllers\Auth\AuthController.php file:

Now test it by setting your user’s status to something invalid, and see if you can still log in or not.

Enjoy 🙂

This entry was posted in Dev, Laravel, PHP. Bookmark the permalink.

One Response to Laravel 5.2: Adding Extra Checks at Authentication

  1. Remove “Request” from function, make it
    protected function getCredentials($request)

Leave a Reply

Your email address will not be published. Required fields are marked *