I have implemented JWT token authentication with the help of this https://www.avyatech.com/rest-api-with-laravel-8-using-jwt-token/
Step 11. Prepare api controller actions -> authenticate()
now, the system admin allows a user record to Mark as active/Inactive(status) and that inactive the User should not be able to log in into System
Login logic:
public function authenticate(UserRequest $request)
{
$credentials = $request->only('email', 'password');
$request->validated();
//Request is validated
try {
if (!$token = JWTAuth::attempt($credentials)) {
$message = 'Login credentials are invalid.';
$data = [];
return response()->failed($message, $data);
}
} catch (JWTException $e) {
return $credentials;
return response()->json([
'status' => false,
'message' => 'Could not create token.',
'error' => $e
], 500);
}
//Token created, return with success response and jwt token
$message = 'Successfully login.';
$data = [
'token' => $token
];
return response()->success($message, $data);
}
Table:
User
---------------
-id
-username
-email
-password
-status // active/inactive
What step do I need to include to achieve this logic? Inactive users must not be logged into systems
Many Thanks!
CodePudding user response:
Fetch the user and throw an error just before returning the response:
public function authenticate(UserRequest $request)
{
// ...
$user = User::where('email', $credentials['email'])->first();
if($user === null || $user->status !== 'active') {
$message = 'Your account is not active.';
$data = [];
return response()->failed($message, $data);
}
$message = 'Successfully login.';
$data = [
'token' => $token
];
return response()->success($message, $data);
}