Scroll to top

SECURE LOGIN SYSTEM – PHP(LARAVEL) – 1

This tutorial is series of tutorials which will guide you through process of creating production ready login system in Laravel . We will be using Sentry for authentication . Below are steps we will follow to complete our application in part 1

  • Installing Sentry 2
  • Creating Views – Login, Register, Forgot Password, New Password.
  • Creating Authentication Filters
  • Defining routes
  • Creating Controllers and Models

INSTALLING SENTRY 2

You can follow steps here to install Sentry 2 or steps are also listed below

Open composer.json and add following lines.

{
    "require": {
        "cartalyst/sentry": "2.1.*",
    },
    "minimum-stability": "stable"
}

Run composer update from command line

Add this to the list of service providers

'Cartalyst\Sentry\SentryServiceProvider',

Add this to the list of aliases

'Sentry' => 'Cartalyst\Sentry\Facades\Laravel\Sentry',

Use migrations to create sentry tables

php artisan migrate --package=cartalyst/sentry

If you don’t know how to run migrations you can find mysql.sql file inside

vendor/cartalyst/sentry/schema

Now publish Sentry config’s using command below

php artisan config:publish cartalyst/sentry

We have successfully installed Sentry next we will create views

VIEWS

We have to create 5 views for login , register , forgotpassword , new password , master template

We will use login form css and html created by  kamalchaneman click here to go site

create styles.css inside public folder and add styles from above link  . We will first create master template . Using bootstrap for error and success notifications .

views/master.blade.php

<!--[if lt IE 7 ]> <html lang="en" class="ie6 ielt8"> <![endif]-->
<!--[if IE 7 ]>    <html lang="en" class="ie7 ielt8"> <![endif]-->
<!--[if IE 8 ]>    <html lang="en" class="ie8"> <![endif]-->
<!--[if (gte IE 9)|!(IE)]><!-->
    <!--<![endif]-->
<meta charset="utf-8" />
KodeInfo Secure Login System
            <link href="styles.css" rel="stylesheet" type="text/css" />
        <!-- Latest compiled and minified CSS -->
            <link href="//netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css" rel="stylesheet" /><script type="text/javascript" src="http://code.jquery.com/jquery-1.11.0.min.js"></script><script type="text/javascript" src="http://code.jquery.com/jquery-migrate-1.2.1.min.js"></script>
 <!-- Latest compiled and minified JavaScript -->
<div class="container"><section id="content">@if($errors->has())
<div class="alert alert-danger"><button class="close" type="button" data-dismiss="alert">
 ×
 </button>
 @foreach ($errors->all() as $error)
<ul>
    <li>{{ $error }}</li>
</ul>
 @endforeach</div>
 @endif
  
 @if(Session::has('error_msg'))
<div class="alert alert-danger">{{Session::get('error_msg')}}</div>
 @endif
  
 @if(Session::has('success_msg'))
<div class="alert alert-success">{{Session::get('success_msg')}}</div>
 @endif
  
 @yield('content')</section></div>

If registration form has errors we are looping through all errors and echo’ing each one inside error box. If we have successfully registered user then success box will appear with a message. Our login.blade.php will look like this

views/login.blade.php

@extends('master')
  
@section('content')
{{Form::open(array('url'=>'/login','method'=>'post'))}}
<h1>Login Form</h1>
<div><input id="username" type="text" name="identity" placeholder="Username/Email" required="" value="{{Input::old('identity')}}" /></div>
<div><input id="password" type="password" name="password" placeholder="Password" required="" /></div>
<div><input type="submit" value="Log in" />
 <a href="/forgotpassword">Lost your password?</a>
 <a href="/register">Register</a></div>
 
{{Form::close()}}
  
@stop

views/register.blade.php

@extends('master')
  
@section('content')
  
{{Form::open(array('url'=>'/register','method'=>'post'))}}
<h1>Register</h1>
<div><input id="username" type="text" name="email" placeholder="Enter Email" required="" value="{{Input::old('email')}}" /></div>
<div><input id="username" type="text" name="username" placeholder="Enter Username" required="" value="{{Input::old('username')}}" /></div>
<div><input id="password" type="password" name="password" placeholder="Enter Password" required="" /></div>
<div><input id="password" type="password" name="password_confirmation" placeholder="Confirm Password" required="" /></div>
<div><input type="submit" value="Register" />
 <a href="/forgotpassword">Forgot password?</a>
 <a href="/login">Login</a></div>
 
{{Form::close()}}
  
@stop

views/forgotpassword.blade.php

@extends('master')
  
@section('content')
{{Form::open(array('url'=>'/forgotpassword','method'=>'post'))}}
<h1>Forgot Password</h1>
<div><input id="username" type="text" name="email" placeholder="Enter email" required="" value="{{Input::old('email')}}" /></div>
<div><input style="width: 130px;" type="submit" value="Reset Password" />
 <a href="/register">Register</a>
 <a href="/login">Login</a></div>
 
{{Form::close()}}
@stop

We will be redirected to /newpassword from the link which we will send to users email address

views/newpassword.blade.php

@extends('master')
  
@section('content')
{{Form::open(array('url'=>'/newpassword','method'=>'post'))}}
<h1>New Password</h1>
 
<input type="hidden" name="email" value="{{Input::get('email')}}" />
<input type="hidden" name="resetcode" value="{{Input::get('resetcode')}}" />
<div><input id="password" type="password" name="password" placeholder="New Password" required="" /></div>
<div><input id="password" type="password" name="password_confirmation" placeholder="Confirm Password" required="" /></div>
<div><input type="submit" value="Save" />
 <a href="/register">Register</a>
 <a href="/login">Login</a></div>
 
{{Form::close()}}
@stop

FILTERS

We will create a filter which will check if the user logged in If the user is already logged in then he will be redirected to dashboard or else the user will be redirected to the login page

filters.php

Route::filter('members_auth',function(){
//If already logged in go to dashboard or else login
if(!Sentry::check()){
return Redirect::to('/login');
}
});

ROUTES

Our routes file is simple we applied a filter to the dashboard and all routes are mapped to a controller action

routes.php

Route::get('/',array('before' => 'members_auth', 'uses' => 'LoginController@dashboard'));
  
Route::get('/login','LoginController@showLogin');
  
Route::post('/login','LoginController@storeLogin');
  
Route::get('/logout','LoginController@getLogout');
  
Route::get('/register','LoginController@showRegister');
  
Route::post('/register','LoginController@storeRegister');
  
Route::get('/register/{userId}/activate/{activationCode}','LoginController@registerActivate');
  
Route::get('/forgotpassword','LoginController@showForgotpassword');
  
Route::post('/forgotpassword','LoginController@storeForgotpassword');
  
Route::get('/newpassword','LoginController@showNewPassword');
  
Route::post('/newpassword','LoginController@storeNewPassword');

MODELS

We will have only one model which will link to profile which will contain additional data related to the user.

models/Profile.php

class Profile extends Eloquent  {
  
protected $table = 'profile';
  
}

CONTROLLER

Our controller is a dummy at present with methods mapped by routes.

controllers/LoginController.php

class LoginController extends BaseController {
  
public function __construct() {
//We will implement Filters later
$this -> beforeFilter('csrf', array('on' => 'post'));
}
  
public function dashboard(){
return View::make('index');
}
  
//Show login Form
public function showLogin() {
  
return View::make('login');
}
  
//Authenticate User
public function storeLogin() {
  
}
  
//Show register Form
public function showRegister() {
return View::make('register');
}
  
//Register User
public function storeRegister() {
  
}
  
//Show forgotpassword Form
public function showForgotpassword() {
return View::make('forgotpassword');
}
  
//Send email for forgot password
public function storeForgotpassword() {
  
}
  
//Show newpassword Form
public function showNewPassword() {
return View::make('newpassword');
}
  
//Store new password
public function storeNewPassword() {
  
}
  
}

In the next part, we will implement storeRegister and complete our registration module.

Thanks
KodeInfo

 

 

 

Author avatar

admin

http://www.kodeinfo.com
Imran is a web developer and consultant from India. He is the founder of KodeInfo, the PHP and Laravel Community . In the meantime he follows other projects, works as a freelance backend consultant for PHP applications and studies IT Engineering . He loves to learn new things, not only about PHP or development but everything.

Post a Comment

Your email address will not be published. Required fields are marked *