AdRock
5 months ago

Cannot Auth::logout() using multi tenancy, SQL error

Posted 5 months ago by AdRock

I created my own multi tenant login and authentication which works fine with no problems.

The only problem I have is when I want to log the use out. When i click the logout link I get this error

SQLSTATE[HY000] [1045] Access denied for user ''@'localhost' (using password: NO) (SQL: select * from people where id = 109304 limit 1)

I don't know where the logout function is so added it to my controller but I still get the same problem.

Do I need to update somewhere else or do something different in my logout function?

Here is my login controller

<?php

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
...
...
...

class LoginController extends Controller
{
    /*
    |--------------------------------------------------------------------------
    | Login Controller
    |--------------------------------------------------------------------------
    |
    | This controller handles authenticating users for the application and
    | redirecting them to your home screen. The controller uses a trait
    | to conveniently provide its functionality to your applications.
    |
    */

    use AuthenticatesUsers;

    /**
     * Where to redirect users after login.
     *
     * @var string
     */
    protected $redirectTo = '/home';

    /**
     * Create a new controller instance.
     *
     * @return void
     */
     public function __construct()
     {
         $this->middleware('guest')->except('logout');
     }

     public function login(Request $request)
     {
         // Check validation
         $this->validate($request, [
             'username' => 'required|regex:/^([a-z0-9-_\.]+)*@([a-z0-9-]+)$/',
             'password' => 'required'
         ]);

         list($username, $database) = explode("@", $request->input('username'));

         // Get user record
         $organisation = Organisation::where('dbName', $database)
            ->first();

        if(!$organisation) {
            return redirect()->back()->withErrors(['error' => ['Access denied: Incorrect login details']]);
        }

        // No way of setting an extra parameter against the user. Could be because of inheritance
        $request->session()->put('orgId', $organisation->id);

        $company = new Company();

        $company->hostname = '55.55.55.55'; //$organisation->dbHostname;
        $company->username = Crypt::decryptString($organisation->dbUser2);
        $company->password = Crypt::decryptString($organisation->dbPassword2);
        $company->database = $organisation->dbName;

        // connect to client database
        $company->connect();

        $user = User::where('username', $username)
            ->where('portalAccess', 1)
            ->where('isActive', 1)
            ->first();

        if (!Hash::check($request->input('password'), $user->password2)) {
            ...
            ...
            ...
        }

        // Set Auth Details
        \Auth::login($user);

        // Redirect home page
        return redirect()->route('dashboard.index');
    }
    //
    // /**
    //  * Log the user out of the application.
    //  *
    //  * @param  \Illuminate\Http\Request  $request
    //  * @return \Illuminate\Http\Response
    //  */
    // public function logout(Request $request)
    // {
    //     \Auth::logout();
    //     $request->session()->flush();
    //     $request->session()->regenerate();
    //
    //     return redirect()->route('login');
    // }
}
```

Please sign in or create an account to participate in this conversation.