search

DarkGhostHunter / Laraguard

"On-premises 2FA Authentication for all your users out-of-the-box
MIT License
266 stars 24 forks source link

username based login fail #36

Closed Zer0xFF closed 4 years ago

Zer0xFF commented 4 years ago

I've setup 2FA for a login system I'm using, and it works great when logging in through email address, however it fails when we attempt username based login instead.

to allow the users to login through both email/user we override LoginController ::credentials as follows

LoginController:credentials(Request)
{
        $field = filter_var($request->get($this->username()), FILTER_VALIDATE_EMAIL)
            ? $this->username()
            : 'username';
        return [
            $field => $request->get($this->username()),
            'password' => $request->password,
        ];
}

because of this, saveCredentials saves field username which results in fail login attempt after entering the 2fa code, The email field is required.

I'm not sure what's the best way around to fixing this, Im currently overriding the view and changing the field name username to email, as a workaround.

DarkGhostHunter commented 4 years ago

I'll take a look.

DarkGhostHunter commented 4 years ago

I'll see it over the weeksays.

DarkGhostHunter commented 4 years ago

Okay, this is out of the scope of the package.

The only fix I could make is to add the email key to the rules, and require it if the username key is absent.

You shouldn't override the view since the problem is not there but in the rules themselves.