Closed nckrtl closed 3 years ago
After some digging around I noticed that the default order of Fortify::authenticateThrough is:
Where do you see this? I can't find this anywhere.
https://github.com/laravel/fortify/blob/1.x/src/Http/Controllers/AuthenticatedSessionController.php
Thats where the default login pipeline is defined. So my initial statement that the "original" Fortify::authenticateThrough function is like that is not correct. You can alter the default pipeline with the earlier posted snippet in the fortify/jetstream service provider. As mentioned here in the jetstream docs: https://jetstream.laravel.com/1.x/features/authentication.html#customizing-the-authentication-pipeline
I hope this makes it a bit more clear.
Switching those two is something we cannot do as the AttemptToAuthenticate
will actually attempt to login the user. The event not firing does seems like a genuine concern though.
I could set up a repo so it can be verified, if that would help.
No, we verified it ourselves. Just trying to figure out what the best solution could be.
Fixed in next release thanks to @rodrigopedra
Description:
It seems that Illuminate\Auth\Events\Failed is not being triggered upon a failed login attempt. Other auth events are working fine as far as I can tell.
Steps To Reproduce:
This issue is also being described here: https://stackoverflow.com/questions/64666382/laravel-8-auth-attempting-and-failed-events-not-firing-as-expected
The reason I made this bug report in the fortify repository is because I'm also having this issue without Jetstream and just Fortify. That's why I think it's perhaps Fortify related.
I'm not sure how to further debug to get to the root of the problem, any help would be appreciated.
Edit: After some digging around I noticed that the default order of Fortify::authenticateThrough is:
Should AttemptToAuthenticate::class not come before RedirectIfTwoFactorAuthenticatable::class? Like:
By making this change in the FortifyServiceProvider the events fire as expected. Not sure if this might have any unintended side effects.