1

I have been struggling with creating a second authentication alongside with the out-of-the-box authentication in Laravel. I used the make:auth command from artisan and used my custom model as provider and also created a guard for my custom model. My issue is that the user does not get authenticated after a successful login. So in other words, when I try to retrieve the user with: Auth::user() or Auth::guard('employee')->user() it just gives me null and I cannot understand why this is happening. The thing is that I get redirected correctly but I don't know if its the session or anything else that is not working? Correct me if I am wrong

Edit:

My employee model:

    <?php
    namespace App\Models;

    use Illuminate\Foundation\Auth\User as Authenticatable;
    use Illuminate\Database\Eloquent\Factories\HasFactory;

    class Angestellter extends Authenticatable
    {
    use HasFactory;

    public $timestamps = false;

    protected $table = 'angestellter';

    /**
     * The attributes that are mass assignable.
     *
     * @var string[]
     */
    protected $fillable = [
        'friseurkuerzel',
        'vorname',
        'nachname',
        'email',
        'password',
        'ist_admin',
        'erstelldatum',
        'friseursalon_id',
    ];
    }

My guard config from /config/auth.php

    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],
        'employee' => [
            'driver' => 'session',
            'provider' => 'employees',
        ]
    ],

My AdminLoginController where I log in my user:

    $this->validate($request, $rules);
        $remember = $request->get('remember');
        if (Auth::guard('employee')->attempt([
            'email' => $request->get('email'),
            'password' => $request->get('password'),
        ], $remember)) {
            //Authentication passed...
            Auth::guard('employee')->login(Auth::guard('employee')->user());
            return redirect()->to(route('admin.home'))->send();
        }

After the attempt() method succeeds, I am able to dd() my Auth user with: Auth::guard('employee')->user()

But after the redirect, the Auth user is null wherever I dd() him.

I have just for the sake of testing tried to access him on my admin.home view via dd() after a successful redirect.

Improve this question
8
  • provide your model and the guard configuration and when and where are you trying to retrieve the user via Auth Commented Jan 5, 2022 at 23:56
  • @lagbox - I have updated my question. Commented Jan 6, 2022 at 1:41
  • btw, Auth::guard('employee')->login(Auth::guard('employee')->user()); ... Auth::guard('employee')->user() is the authenticated user (they are already logged in by the attempt method call) and you should not be calling send on the response (that gets called by the bootstrap script that started the application after the response makes its way out of the Kernel) Commented Jan 6, 2022 at 1:58
  • @lagbox I know that Auth::guard('employee')->user() it is the Auth User. I am using the login() function to set the Auth User in the session but as I said, after the redirect I am getting auth user = null. Btw I am calling the send because else I won't be redirected to my admin.home view. Any ideas? Commented Jan 6, 2022 at 16:43
  • they are already logged in (that is why you can get the user from the guard), you are asking the auth system for the currently logged in user to then log them in (that doesn't make sense) ... and don't call send ... that gets called after the response has made its way out of the kernel ... you DO NOT call that method yourself you just return your responses Commented Jan 6, 2022 at 16:44

1 Answer 1

Reset to default
1

With what you currently have you can make some minor adjustments to fix that up. Auth::guard('employee')->attempt([...]) is attempting to login the user so when you get inside the if block the user is already logged in so you don't need to retrieve them from the guard and log them in again. When returning Responses you do not need to call the send method on the Response. This is handled after the Response gets out of the Kernel; it is the first to last statement in the script, index.php, that loads your application:

$response = $kernel->handle(
    $request = Request::capture()
)->send();

If you call send on a Response while you are still in the middleware stack (which you are if you are in a route action) you are returning headers too early, flushing the response content to the client and finishing the request. Anything else in the middleware stack on the way out can not add headers to the Response that will end up being sent. Once the send method is called it won't send headers again. This means the cookies that the StartSession and EncryptCookies middleware add won't be sent.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.