Laravel Auth login validation editing

1
votes

I want to edit my laravel login form. The main problem if I input data in email and password fields (email is correct, but the password is incorrect). I get an error which shows that email is incorrect, not password... I found a solution, edit this method in AutenticatesUsers.php. From:

protected function sendFailedLoginResponse(Request $request)
{
    throw ValidationException::withMessages([
        $this->username() => [trans('auth.failed')],
    ]);
}

To:

protected function sendFailedLoginResponse(Request $request)
{
    throw ValidationException::withMessages([
        $this->username() => [trans('auth.failed')],
        'password' => [trans('auth.failed_password')],
    ]);
}

But now if I do one mistake, no matter where I got both errors... How can I fix it? I want good inputs validation.

Edited: I'm overwriting sendFailedLoginResponse method like that:

protected function sendFailedLoginResponse(Request $request)
{
    $user = User::where($this->username(), $request->{$this->username()})->first();

    if(\Hash::check($request->$this->username(), $user->email)){
        throw ValidationException::withMessages([
            $this->username() => [trans('auth.failed')],
        ]);
    } else{
        throw ValidationException::withMessages([
            'password' => [trans('auth.failed_password')],
        ]);
    }
}

but now I'm getting this error: Object of class App\Http\Controllers\Auth\LoginController could not be converted to string

P.S. Sorry if questions are dumb, I'm new in all this Laravel and OOP stuff...

1
phplaravelvalidationauthentication
Throw 2 exceptions based of the failed value. If you put both conditions in the single throw, you'll get both back if it fails. I might go up in the stack to what is failing and calling that function - CodeJunkie

1 Answers

0
votes

For this purpose you'd use validation itself, You should change ValidateLogin like this: 

 $request->validate([                                                                                                                                                                                                                                                           
              $this->username() => 'bail|required|string|exists:users,username',                                                                                                                                                                                                                                    
              'password' => 'required|string',                                                                                                                                                                                                                                           
          ]);

With this change if the username not exists in your database laravel will throw exception which shows the username doesn't exists. So when your flow comes to sendFailedLoginResponse you will be sure that just password is incorrect and you can throw exception just for password.