I'd like to simply add multiple checking step to my Auth::attempt method
Firstly system will checking wheter the user exists and the password is correct, if it failed it will return to the user to tell that the credentials didn't match the records
If the validation above were sucesfull, then the system should check whether the user is active or not, if it failed it should send the message to the user that they need to activate their account
according to the docs , i should utilize the attemptWhen method like so :
if (Auth::attemptWhen([
'username' => $this->username,
'password' => $this->password
], function (\App\Models\User $user) {
return $user->is_active;
})) {
return redirect()->route('home');
}
throw ValidationException::withMessages([
'username' => 'Credentials didn\'t match any records.',
]);
However, the error message will always says "Credentials didn't match any records." how to add the error message to the user if they need to activate their account ?
You can do these checks yourself with what the SessionGuard
provides if you need more control of the responses:
// validate the credentials
if (Auth::validate($credentials)) {
// get the user record that the credentials were checked for
$user = Auth::getLastAttempted();
if ($user->is_active) {
// login user
Auth::login($user);
// do a redirect if you wish
}
// not active
}
// not valid credentials