login form with different custom error messages for each error

1
votes

We can change in the resources/lang/en.php the default login error message:

<?php

return [
    'failed' => 'These credentials do not match our records.',
    'throttle' => 'Too many login attempts. Please try again in :seconds seconds.',

];

But in the login form, if the user insert an invalid email, or dont fill the email field and password, or any other case that should result in an error the message is always the same: 'These credentials do not match our records.'

Do you know how to have different custom messages for different error cases? Like if the email field is required and was not filled, the email dont have an invalid format or the email is not registered in the system?

For example have rules like:

$rules = [
    'email' => 'required|email|exists:users.email'
];

$customMessages = [
    'email.required' => 'The email field is mandatory.',
    'email.email' => 'Introduced email doesnt have a valid format.',
    'email.exists' => 'Introduced email is not registered in the system.',
];


$this->validate($request, $rules, $customMessages);
2
laravel
laravel.com/docs/5.6/validation there is a lots of validation rules, errors. You can make your own validation rules.Ali Özen
Thnaks, but where to configure that rules using the Laravel Auth?user9977616

2 Answers

1
votes

This is intentional behaviour, as providing a different error when an email address doesn't exist is leaking information. An attacker can use this to see if a certain person/email has an account on your site without ever needing to log in.

However if you want to do this you can add a function to your LoginController

protected function validateLogin(Request $request)
{
    $this->validate($request, [
        $this->username() => 'required|string|exists:users',
        'password' => 'required|string',
    ],[
      $this->username().'.required' => 'You must provide an email address',
      'password.required' => 'You must provide a password',
    ]);
}

You can then just access the errors as usual for any other form validation in your blade template, IE: $errors->first('username')

0
votes

I'm just posting if someone will need it.
You can use like this:

protected function validateLogin(Request $request)
{
    $this->validate($request, [
        'email' => 'required|string|exists:users',
        'password' => 'required|string',
    ],
    [
    'exists' => 'Your custom message',
    'required' => 'Your custom message',
    ]);
}

Or even like this:

protected function validateLogin(Request $request)
{
    $message = [
    'exists' => 'Your custom message',
    'required' => 'Your custom message',
    ];
    $this->validate($request, [
        'email' => 'required|string|exists:users',
        'password' => 'required|string',
    ],
    $message);
}