Level 102
It seems that you should return the user or null. This is neither
return back()->withNotify($notify)->withInput();
Jul 24, 2022
5
Level 1
Argument #1 ($user) must be of type Illuminate\Contracts\Auth\Authenticatable
I'm trying to customize the authorization by using the following in FortifyServiceProvider.php
Fortify::authenticateUsing(function (Request $request) {
$user = User::where('username', $request->username)->first();
$request->validate([
'captcha' => 'required|numeric|digits:6',
'username' => 'required|string',
'password' => 'required|string',
]);
if (isset($request->captcha)) {
if (!captchaVerify($request->captcha, $request->captcha_secret)) {
$notify[] = ['error', "Invalid Captcha"];
return back()->withNotify($notify)->withInput();
}
}
if ($user && Hash::check($request->password, $user->password)) {
return $user;
}
});
but it gives the following exception Illuminate\Auth\SessionGuard::login(): Argument 1 ($user) must be of type Illuminate\Contracts\Auth\Authenticatable, Illuminate\Http\RedirectResponse given, called in C:\wamp\www\core\vendor\laravel\fortify\src\Actions\AttemptToAuthenticate.php on line 80.
I have tried to comment the PrepareAuthenticatedSession::class in the following authenticateThrough
Fortify::authenticateThrough(function (Request $request) {
return array_filter([
config('fortify.limiters.login') ? null : EnsureLoginIsNotThrottled::class,
Features::enabled(Features::twoFactorAuthentication()) ? RedirectIfTwoFactorAuthenticatable::class : null,
// AttemptToAuthenticate::class,
PrepareAuthenticatedSession::class,
]);
});
it works without the mentioned error, but the user even if he disables two-factor authentication will not be able to log in.
Any idea for how to fix the problem or even an explanation of this exception could also be useful!
Level 1
Fortify::authenticateUsing(function (Request $request) {
$user = User::where('username', $request->username)->first();
$request->validate([
'captcha' => 'required|numeric|digits:6',
'username' => 'required|string',
'password' => 'required|string',
]);
if ($user && Hash::check($request->password, $user->password)) {
$notify[] = ['error', "Invalid Captcha"];
if (isset($request->captcha)) {
try {
if (!captchaVerify($request->captcha, $request->captcha_secret)) {
return back()->withNotify($notify)->withInput() ? redirect()->back() : back();
}
} catch (\Exception $e) {
$notify[] = ['error', $e->getMessage()];
return back()->withNotify($notify)->withInput();
}
}
}
return $user ?? null;
});
I tried the following but no luck at all still the same exception
Level 102
@nbukhari you still have the redirect. Can you try and remove it like this?
if (!captchaVerify($request->captcha, $request->captcha_secret)) {
return null;
}
Level 1
@Sinnbeck Thank you! It worked! But can you please explain what was the trick? I mean I did not get how this logic worked
Level 102
@nbukhari I would assume that it uses this function. As you can see it expects a user to be returned. If it's not null, it tries to sign in with it. You returned a redirect object, which it cannot use for logi https://github.com/laravel/fortify/blob/1.x/src/Actions/AttemptToAuthenticate.php#L72
1 like
Please or to participate in this conversation.