I am new to Laravel and I am facing the following problem. I have a panel where all registered users are shown (which can be controlled by the admin user). Users have a "state" field and if the field is 1 they can enter the system, and if it is 0 they cannot enter the system. Therefore, the admin user has the ability to activate or deactivate a user. The part to validate the user in the login is already solved from LoginController
:
public function username(){
return 'username';
}
protected function credentials(\Illuminate\Http\Request $request)
{
return [
'username' => $request->{$this->username()},
'password' => $request->password,
'state' => 1
];
}
But, if the admin user deactivates a user, and your session is active, what should he do for his next request? , redirect it outside the application
I've read about it, but I think I'm saturated and I don't know where to start
CodePudding user response:
You could write a middleware that redirects the user to a page that says their account has been deactivated.
create a middleware php artisan make:middleware EnsureActiveState
edit it as below
<?php
namespace App\Http\Middleware;
use Closure;
class EnsureActiveState
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (Auth::check() && Auth::user()->state==0) {
return redirect('/disabled');
}
return $next($request);
}
}
Create a route /disabled
that returns a view to let the user know their account is disabled.
Add the middleware to the 'web' stack in App/Http/Kernel.php
\App\Http\Middleware\EnsureActiveState::class,