Some login and session updates.

2025-09-29 18:20:01 +00:00 · 2015-07-14 22:45:00 +02:00
parent b250a10e3c
commit 74231f552a
3 changed files with 88 additions and 5 deletions
--- a/app/Http/Controllers/Auth/AuthController.php
+++ b/app/Http/Controllers/Auth/AuthController.php
@@ -5,6 +5,7 @@ use FireflyIII\Http\Controllers\Controller;
 use FireflyIII\Models\Role;
 use FireflyIII\User;
 use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;
+use Illuminate\Foundation\Auth\ThrottlesLogins;
 use Illuminate\Http\Request;
 use Illuminate\Mail\Message;
 use Mail;
@@ -31,7 +32,54 @@ class AuthController extends Controller
    |
    */

-    use AuthenticatesAndRegistersUsers;
+    /**
+     * Handle a login request to the application.
+     *
+     * @param  \Illuminate\Http\Request $request
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function postLogin(Request $request)
+    {
+        $this->validate(
+            $request, [
+            $this->loginUsername() => 'required', 'password' => 'required',
+        ]
+        );
+
+        // If the class is using the ThrottlesLogins trait, we can automatically throttle
+        // the login attempts for this application. We'll key this by the username and
+        // the IP address of the client making these requests into this application.
+        $throttles = $this->isUsingThrottlesLoginsTrait();
+
+        if ($throttles && $this->hasTooManyLoginAttempts($request)) {
+            return $this->sendLockoutResponse($request);
+        }
+
+        $credentials            = $this->getCredentials($request);
+        $credentials['blocked'] = 0;
+
+        if (Auth::attempt($credentials, $request->has('remember'))) {
+            return $this->handleUserWasAuthenticated($request, $throttles);
+        }
+
+        // If the login attempt was unsuccessful we will increment the number of attempts
+        // to login and redirect the user back to the login form. Of course, when this
+        // user surpasses their maximum number of attempts they will get locked out.
+        if ($throttles) {
+            $this->incrementLoginAttempts($request);
+        }
+
+        return redirect($this->loginPath())
+            ->withInput($request->only($this->loginUsername(), 'remember'))
+            ->withErrors(
+                [
+                    $this->loginUsername() => $this->getFailedLoginMessage(),
+                ]
+            );
+    }
+
+    use AuthenticatesAndRegistersUsers, ThrottlesLogins;

    public $redirectTo = '/';