Level 2
What about using
'password' => 'required|confirmed|min:4',
Jul 9, 2019
22
Level 1
AJAX login with 'password' authentication to allow length of 4 instead of 6?
Hi, I've been researching this for a while and am still hitting a roadblock
I'm trying to login via an AJAX POST request. I'm sending two fields:
"email" (required|max:255|unique:users) "password" (required|min:4)
I'm trying to update the way the default auth fascade validates a password type on login (I'd like it to accept a minimum of 4 characters rather than 6) (4-digit pin) (in combination with other auth steps for security).
Any help is appreciated.
Level 1
I'm receiving a "The given data was invalid." 500 error.
Level 14
Can you provide more details on the error, perhaps a stack trace?
Level 1
Hi, certainly. I'm a beginner with Laravel. Where can I find "stack trace"?
Level 14
It should be part of the response you receive from the application. Or you can grab the most recent Laravel Log in storage/logs (assuming you're using the default logging that comes with a fresh Laravel install). Or maybe just a screenshot of the returned error would be helpful. Also be sure that your application is in debug mode:
.env file
APP_ENV=local
APP_DEBUG=true
APP_LOG_LEVEL=debug
Level 1
@mstrauss storage/logs has a laravel.log file. I've updated these parameters in .env, but this file is empty after repeated attempts with same error: 500 "The given data was invalid."
Level 14
Okay, perhaps it's this:
"username" (required|string|max:255|unique:users)
Did you set up your application to have a username field in the users table? Basically, because you're not supplying a third argument (column name) to this validation rule unique:users it is going to look for the username column, which does not come out of the box with Laravel. Instead Laravel uses the email field as the identifier. It can easily be changed if need be. But this could be the cause of your error.
Level 122
Can you login with 6 characters first? It sounds like you have bigger issues than the length of the password
Level 1
@mstrauss My apologies; I'm using an "email" field (same field from Laravel installation).
Level 14
Can you please copy and paste your validation rule from your app?
Level 1
@mstrauss Yes; pardon my beginner-level questions, but which validation rule? Where is this file? I see "LoginController.php", is it this? I have front-end validation in javascript as well.
Level 1
@snapey I've tried that with a 6-digit pin; same error.
Level 14
You wrote this in the original question:
"username" (required|max:255|unique:users) "password" (required|min:4)
That's what I am looking for. If the above is literally what's in your app, then you prob have to change it to:
> "email" (required|max:255|unique:users) "password" (required|min:4)
Level 1
@mstrauss In RegisterController.php I currently have:
/**
* Get a validator for an incoming registration request.
*
* @param array $data
* @return \Illuminate\Contracts\Validation\Validator
*/
protected function validator(array $data)
{
return Validator::make($data, [
'email' => 'required|max:255|unique:users',
'password' => 'required|min:4',
]);
}
Level 1
@mstrauss My LoginController.php currently looks like this:
<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
class LoginController extends Controller
{
/*
|--------------------------------------------------------------------------
| Login Controller
|--------------------------------------------------------------------------
|
| This controller handles authenticating users for the application and
| redirecting them to your home screen. The controller uses a trait
| to conveniently provide its functionality to your applications.
|
*/
use AuthenticatesUsers;
/**
* Where to redirect users after login.
*
* @var string
*/
protected $redirectTo = '/u';
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest')->except('logout');
}
protected function authenticated(Request $request, $user)
{
if ($request->ajax()){
return response()->json([
'auth' => auth()->check(),
'user' => $user,
'intended' => $this->redirectPath(),
]);
}
}
}
Level 1
@mstrauss My javascript currently looks like this (data[2] is a variable from a prior validation step):
var formData = new FormData();
var emailStr = data[2].toString();
var pinStr = pin.toString();
formData.append('email', emailStr);
formData.append('password', pinStr);
for (var value of formData.values()) {
console.log(value);
}
$.ajax({
type: "POST",
url: "/login",
dataType: 'json',
contentType: false,
processData: false,
data: formData,
cache: false,
success: function (response) {
alert('successfully authenticated');
},
error: function (jqXHR) {
var response = $.parseJSON(jqXHR.responseText);
if(response.message) {
alert(response.message);
}
alert("Oops! error");
}
});
Level 14
Okay, so the message you are getting is the default validation exception message in the Laravel Framework, which leads me to believe this is definitely an issue with the validation.
/**
* Create a new exception instance.
*
* @param \Illuminate\Contracts\Validation\Validator $validator
* @param \Symfony\Component\HttpFoundation\Response|null $response
* @param string $errorBag
* @return void
*/
public function __construct($validator, $response = null, $errorBag = 'default')
{
parent::__construct('The given data was invalid.');
$this->response = $response;
$this->errorBag = $errorBag;
$this->validator = $validator;
}
1 like
Level 14
Can you console log the formData on a login attempt?
Level 1
Level 14
The only Validation done by default (Framework) on the login is below:
/**
* Validate the user login request.
*
* @param \Illuminate\Http\Request $request
* @return void
*
* @throws \Illuminate\Validation\ValidationException
*/
protected function validateLogin(Request $request)
{
$request->validate([
$this->username() => 'required|string',
'password' => 'required|string',
]);
}
And it appears that you are sending in the proper data to be validated. The validation you displayed earlier, see below, only applies to registrations, not logins, as it is in the RegistrationController.
protected function validator(array $data)
{
return Validator::make($data, [
'email' => 'required|max:255|unique:users',
'password' => 'required|min:4',
]);
}
And the below method you displayed earlier, only comes into play **after the User is authenticated.
protected function authenticated(Request $request, $user)
{
if ($request->ajax()){
return response()->json([
'auth' => auth()->check(),
'user' => $user,
'intended' => $this->redirectPath(),
]);
}
}
See below from the Framework for reference:
/**
* Send the response after the user was authenticated.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
protected function sendLoginResponse(Request $request)
{
$request->session()->regenerate();
$this->clearLoginAttempts($request);
return $this->authenticated($request, $this->guard()->user())
?: redirect()->intended($this->redirectPath());
}
All that being said, I'm stumped! The core login validation should return a different validation message like: Credentials are wrong, email must be of type string or something like that. I can't understand why it's returning the default/generic validation message.
Level 122
See
Also, Validation exception is because email and password are not provided. Not authenticating is a different response.
Level 14
Just had a thought on this... Are you sending the CSRF token along with the AJAX login request?
formData.append('X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content'));
in blade file somewhere, probably included header:
<meta name="csrf-token" content="{{ csrf_token() }}">
Please or to participate in this conversation.