dannewns · October 28, 2015 17:41
diff --git a/AuthController.php b/AuthController.php
 <?php

 namespace App\Http\Controllers\Auth;

 use Illuminate\Http\Request;
 use Illuminate\Mail\Message;
 use Illuminate\Contracts\Auth\Guard;
 use Illuminate\Contracts\Auth\PasswordBroker;
 use Illuminate\Support\Facades\Password;
 use Illuminate\Foundation\Auth\ThrottlesLogins;
 use App\Http\Controllers\Controller;

 use App\Model\User\User;
 use App\Http\Requests\AuthLoginRequest;
 use App\Http\Requests\AuthReminderRequest;
 use App\Http\Requests\AuthResetRequest;

 class AuthController extends Controller
 {
 	use ThrottlesLogins;

 	/**
 	 * User model being used
 	 */
 	protected $user_model;
 	
 	/**
 	 * the current auth implementation
 	 */ 
 	protected $auth;
 	
 	/**
 	 * Create a new authentication controller instance.
 	 *
 	 * @return void
 	 */
 	public function __construct(
 		Guard $auth,
 		User $user_model,
 		PasswordBroker $password)
 	{
 		$this->middleware('guest', ['except' => 'logout']);
 		
 		$this->auth = $auth
 		
 		$this->user_model = $user_model;
 		
 		$this->password = $password
 	}

 	/**
 	 * Index
 	 *
 	 * @param	Illuminate\Http\Request	$request
 	 * @return	\Illuminate\Http\Response
 	 */
 	public function index(Request $request)
 	{
 		return redirect()->route('login');
 	}
 	
 	/**
 	 * Login
 	 *
 	 * @param	Illuminate\Http\Request	$request
 	 * @return	\Illuminate\Http\Response
 	 */
 	public function login()
 	{
 		return response()->view('auth/login');
 	}

 	/**
 	 * Login (POST)
 	 *
 	 * @param	App\Http\Requests\AuthLoginRequest  $request
 	 * @return	\Illuminate\Http\Response
 	 */
 	public function login_post(AuthLoginRequest $request)
 	{
 		if($this->hasTooManyLoginAttempts($request)) {
 			return $this->sendLockoutResponse($request);
 		}

 		$credentials = $this->getCredentials($request);

 		if($this->auth->attempt($credentials, $request->has('remember'))) {
 			return $this->handleUserWasAuthenticated($request, true);
 		}

 		$this->incrementLoginAttempts($request);

 		return redirect($this->loginPath())
 				->withInput($request->only($this->loginUsername(), 'remember'))
 				->withErrors([
 					$this->loginUsername() => $this->getFailedLoginMessage(),
 				]);
 	}

 	/**
 	 * Logout
 	 *
 	 * @param	Illuminate\Http\Request	$request
 	 * @return	\Illuminate\Http\Response
 	 */
 	public function logout(Request $request)
 	{
 		$this->auth->logout();

 		return redirect()->route('login')->with('message', trans('auth.logged_out'))->with('success', true);
 	}

 	/**
 	 * Password reminder
 	 *
 	 * @param	Illuminate\Http\Request	$request
 	 * @return	\Illuminate\Http\Response
 	 */
 	public function password_reminder(Request $request)
 	{
 		return response()->view('auth/password_reminder');
 	}

 	/**
 	 * Password reminder (POST)
 	 *
 	 * @param	App\Http\Requests\AuthReminderRequest  $request
 	 * @return	\Illuminate\Http\Response
 	 */
 	public function password_reminder_post(AuthReminderRequest $request)
 	{
 		$user = $this->user_model->where('username', '=', $request->input('username'))->where('email', '=', $request->input('email'))->first();

 		if (!$user) {
 			return redirect()->route('password-reminder')
 							 ->withInput($request->only('username', 'email'))
 							 ->withErrors([])
 							 ->with('message', trans('passwords.user'))
 							 ->with('success', false);
 		}

 		$response = $this->password_broker->sendResetLink($request->only('email'), function (Message $message) {
 			$message->subject('Password Reset');
 		});

 		switch ($response) {
 			case Password::RESET_LINK_SENT:
 				return redirect()->route('login')->with('message', trans($response));

 			case Password::INVALID_USER:
 				return redirect()->back()->withErrors(['email' => trans($response)]);
 		}
 	}

 	/**
 	 * Password reset
 	 *
 	 * @param	Illuminate\Http\Request	$request
 	 * @param	string	$token
 	 * @return	\Illuminate\Http\Response
 	 */
 	public function password_reset(Request $request, $token)
 	{
 		return response()->view('auth/password_reset', [
 			'token' => $token
 		]);
 	}

 	/**
 	 * Password reset (POST)
 	 *
 	 * @param	App\Http\Requests\AuthResetRequest  $request
 	 * @return	\Illuminate\Http\Response
 	 */
 	public function password_reset_post(AuthResetRequest $request, $token)
 	{
 		if($token !== $request->input('token__form')) {
 			abort(400, 'Tokens do not match.');
 		}

 		$user = $this->user_model->where('username', '=', $request->input('username'))->where('email', '=', $request->input('email'))->first();

 		if (!$user) {
 			return redirect()->route('password-reminder')
 							 ->withInput($request->only('username', 'email'))
 							 ->withErrors([])
 							 ->with('message', trans('passwords.user'))
 							 ->with('success', false);
 		}

        $response = $this->password_broker->reset($request->only('email', 'password', 'password_confirmation') + array('token' => $token), function ($user, $password) {
            $user->password = $password;
 			$user->save();
        });

        switch ($response) {
            case Password::PASSWORD_RESET:
                return redirect()->route('login')->with('message', 'You have reset your password.')->with('success', true);
 				break;

            default:
                return redirect()->back()->withInput($request->only('username', 'email'))->withErrors(['email' => trans($response)]);
 				break;
        }
 	}

    /**
 	 * Get the path to the login route.
 	 *
 	 * @return string
 	 */
 	public function loginPath()
 	{
 		return '/login';
 	}

 	/**
 	 * Get the post register / login redirect path.
 	 *
 	 * @return string
 	 */
 	public function redirectPath()
 	{
 		return '/admin';
 	}

 	/**
 	 * Get the login to be used by the controller.
 	 *
 	 * @return string
 	 */
 	public function loginUsername()
 	{
 		return 'email';
 	}

 	/**
 	 * Get the failed login message.
 	 *
 	 * @return string
 	 */
 	protected function getFailedLoginMessage()
 	{
 		return trans('auth.failed');
 	}

    /**
     * Send the response after the user was authenticated.
     *
     * @param  App\Http\Requests\AuthLoginRequest  $request
     * @param  bool  $throttles
     * @return \Illuminate\Http\Response
     */
    protected function handleUserWasAuthenticated(AuthLoginRequest $request, $throttles)
    {
        if ($throttles) {
            $this->clearLoginAttempts($request);
        }

        if (method_exists($this, 'authenticated')) {
            return $this->authenticated($request, $this->auth->user());
        }

        return redirect()->intended($this->redirectPath())->with('message', trans('auth.logged_in'))->with('success', true);
    }

    /**
 	 * Get the needed authorization credentials from the request.
 	 *
 	 * @param  App\Http\Requests\AuthLoginRequest  $request
 	 * @return array
 	 */
 	protected function getCredentials(AuthLoginRequest $request)
 	{
 		return $request->only($this->loginUsername(), 'password');
 	}

 }
diff --git a/routes.php b/routes.php
 <?php
 Route::get('/', [
    'as'	=> 'root',
 	'uses'	=> 'Auth\AuthController@index'
 ]);
 Route::get('login', [
    'as'	=> 'login',
 	'uses'	=> 'Auth\AuthController@login'
 ]);
 Route::post('login', [
 	'as'	=> 'login.try',
 	'uses'	=> 'Auth\AuthController@login_post'
 ]);
 Route::post('logout', [
 	'as'	=> 'logout',
 	'uses'	=> 'Auth\AuthController@logout'
 ]);
 Route::get('password-reminder', [
    'as'	=> 'password-reminder',
 	'uses'	=> 'Auth\AuthController@password_reminder'
 ]);
 Route::post('password-reminder', [
    'as'	=> 'password-reminder.try',
 	'uses'	=> 'Auth\AuthController@password_reminder_post'
 ]);
 Route::get('password-reset/{token}', [
    'as'	=> 'password-reset',
 	'uses'	=> 'Auth\AuthController@password_reset'
 ])->where('token', '[A-Za-z0-9]{16,}');
 Route::post('password-reset/{token}', [
    'as'	=> 'password-reset.try',
 	'uses'	=> 'Auth\AuthController@password_reset_post'
 ])->where('token', '[A-Za-z0-9]{16,}');

 Route::group(['namespace' => 'Admin', 'as' => 'admin::', 'prefix' => 'admin', 'middleware' => 'auth'], function ()
 {
 	Route::get('/', [
 		'as'	=> 'index',
 		'uses'	=> 'AdminController@index'
 	]);

 	Route::get('dashboard', [
 		'as'	=> 'dashboard',
 		'uses'	=> 'AdminController@dashboard'
 	]);

 	Route::resource('user', 'UserController');
 });
diff --git a/udpates b/udpates
 quickly looking i would just remove the request dependancy in the login function if your not using it, same as the others unless they are being used directly in the view??
 its just a style thing for me there is nothign wrong with it being there. OK I JUST SOUND LIKE AN ARSE HERE. sorry

 inject the password broker and user model in the constructor, though I would probably create a AuthRepository and inject the requirements in there and work on it that way.
 but im just being anal
	<?php

	namespace App\Http\Controllers\Auth;

	use Illuminate\Http\Request;
	use Illuminate\Mail\Message;
	use Illuminate\Contracts\Auth\Guard;
	use Illuminate\Contracts\Auth\PasswordBroker;
	use Illuminate\Support\Facades\Password;
	use Illuminate\Foundation\Auth\ThrottlesLogins;
	use App\Http\Controllers\Controller;

	use App\Model\User\User;
	use App\Http\Requests\AuthLoginRequest;
	use App\Http\Requests\AuthReminderRequest;
	use App\Http\Requests\AuthResetRequest;

	class AuthController extends Controller
	{
	use ThrottlesLogins;

	/**
	* User model being used
	*/
	protected $user_model;

	/**
	* the current auth implementation
	*/
	protected $auth;

	/**
	* Create a new authentication controller instance.
	*
	* @return void
	*/
	public function __construct(
	Guard $auth,
	User $user_model,
	PasswordBroker $password)
	{
	$this->middleware('guest', ['except' => 'logout']);

	$this->auth = $auth

	$this->user_model = $user_model;

	$this->password = $password
	}

	/**
	* Index
	*
	* @param Illuminate\Http\Request $request
	* @return \Illuminate\Http\Response
	*/
	public function index(Request $request)
	{
	return redirect()->route('login');
	}

	/**
	* Login
	*
	* @param Illuminate\Http\Request $request
	* @return \Illuminate\Http\Response
	*/
	public function login()
	{
	return response()->view('auth/login');
	}

	/**
	* Login (POST)
	*
	* @param App\Http\Requests\AuthLoginRequest $request
	* @return \Illuminate\Http\Response
	*/
	public function login_post(AuthLoginRequest $request)
	{
	if($this->hasTooManyLoginAttempts($request)) {
	return $this->sendLockoutResponse($request);
	}

	$credentials = $this->getCredentials($request);

	if($this->auth->attempt($credentials, $request->has('remember'))) {
	return $this->handleUserWasAuthenticated($request, true);
	}

	$this->incrementLoginAttempts($request);

	return redirect($this->loginPath())
	->withInput($request->only($this->loginUsername(), 'remember'))
	->withErrors([
	$this->loginUsername() => $this->getFailedLoginMessage(),
	]);
	}

	/**
	* Logout
	*
	* @param Illuminate\Http\Request $request
	* @return \Illuminate\Http\Response
	*/
	public function logout(Request $request)
	{
	$this->auth->logout();

	return redirect()->route('login')->with('message', trans('auth.logged_out'))->with('success', true);
	}

	/**
	* Password reminder
	*
	* @param Illuminate\Http\Request $request
	* @return \Illuminate\Http\Response
	*/
	public function password_reminder(Request $request)
	{
	return response()->view('auth/password_reminder');
	}

	/**
	* Password reminder (POST)
	*
	* @param App\Http\Requests\AuthReminderRequest $request
	* @return \Illuminate\Http\Response
	*/
	public function password_reminder_post(AuthReminderRequest $request)
	{
	$user = $this->user_model->where('username', '=', $request->input('username'))->where('email', '=', $request->input('email'))->first();

	if (!$user) {
	return redirect()->route('password-reminder')
	->withInput($request->only('username', 'email'))
	->withErrors([])
	->with('message', trans('passwords.user'))
	->with('success', false);
	}

	$response = $this->password_broker->sendResetLink($request->only('email'), function (Message $message) {
	$message->subject('Password Reset');
	});

	switch ($response) {
	case Password::RESET_LINK_SENT:
	return redirect()->route('login')->with('message', trans($response));

	case Password::INVALID_USER:
	return redirect()->back()->withErrors(['email' => trans($response)]);
	}
	}

	/**
	* Password reset
	*
	* @param Illuminate\Http\Request $request
	* @param string $token
	* @return \Illuminate\Http\Response
	*/
	public function password_reset(Request $request, $token)
	{
	return response()->view('auth/password_reset', [
	'token' => $token
	]);
	}

	/**
	* Password reset (POST)
	*
	* @param App\Http\Requests\AuthResetRequest $request
	* @return \Illuminate\Http\Response
	*/
	public function password_reset_post(AuthResetRequest $request, $token)
	{
	if($token !== $request->input('token__form')) {
	abort(400, 'Tokens do not match.');
	}

	$user = $this->user_model->where('username', '=', $request->input('username'))->where('email', '=', $request->input('email'))->first();

	if (!$user) {
	return redirect()->route('password-reminder')
	->withInput($request->only('username', 'email'))
	->withErrors([])
	->with('message', trans('passwords.user'))
	->with('success', false);
	}

	$response = $this->password_broker->reset($request->only('email', 'password', 'password_confirmation') + array('token' => $token), function ($user, $password) {
	$user->password = $password;
	$user->save();
	});

	switch ($response) {
	case Password::PASSWORD_RESET:
	return redirect()->route('login')->with('message', 'You have reset your password.')->with('success', true);
	break;

	default:
	return redirect()->back()->withInput($request->only('username', 'email'))->withErrors(['email' => trans($response)]);
	break;
	}
	}

	/**
	* Get the path to the login route.
	*
	* @return string
	*/
	public function loginPath()
	{
	return '/login';
	}

	/**
	* Get the post register / login redirect path.
	*
	* @return string
	*/
	public function redirectPath()
	{
	return '/admin';
	}

	/**
	* Get the login to be used by the controller.
	*
	* @return string
	*/
	public function loginUsername()
	{
	return 'email';
	}

	/**
	* Get the failed login message.
	*
	* @return string
	*/
	protected function getFailedLoginMessage()
	{
	return trans('auth.failed');
	}

	/**
	* Send the response after the user was authenticated.
	*
	* @param App\Http\Requests\AuthLoginRequest $request
	* @param bool $throttles
	* @return \Illuminate\Http\Response
	*/
	protected function handleUserWasAuthenticated(AuthLoginRequest $request, $throttles)
	{
	if ($throttles) {
	$this->clearLoginAttempts($request);
	}

	if (method_exists($this, 'authenticated')) {
	return $this->authenticated($request, $this->auth->user());
	}

	return redirect()->intended($this->redirectPath())->with('message', trans('auth.logged_in'))->with('success', true);
	}

	/**
	* Get the needed authorization credentials from the request.
	*
	* @param App\Http\Requests\AuthLoginRequest $request
	* @return array
	*/
	protected function getCredentials(AuthLoginRequest $request)
	{
	return $request->only($this->loginUsername(), 'password');
	}

	}
	<?php
	Route::get('/', [
	'as' => 'root',
	'uses' => 'Auth\AuthController@index'
	]);
	Route::get('login', [
	'as' => 'login',
	'uses' => 'Auth\AuthController@login'
	]);
	Route::post('login', [
	'as' => 'login.try',
	'uses' => 'Auth\AuthController@login_post'
	]);
	Route::post('logout', [
	'as' => 'logout',
	'uses' => 'Auth\AuthController@logout'
	]);
	Route::get('password-reminder', [
	'as' => 'password-reminder',
	'uses' => 'Auth\AuthController@password_reminder'
	]);
	Route::post('password-reminder', [
	'as' => 'password-reminder.try',
	'uses' => 'Auth\AuthController@password_reminder_post'
	]);
	Route::get('password-reset/{token}', [
	'as' => 'password-reset',
	'uses' => 'Auth\AuthController@password_reset'
	])->where('token', '[A-Za-z0-9]{16,}');
	Route::post('password-reset/{token}', [
	'as' => 'password-reset.try',
	'uses' => 'Auth\AuthController@password_reset_post'
	])->where('token', '[A-Za-z0-9]{16,}');

	Route::group(['namespace' => 'Admin', 'as' => 'admin::', 'prefix' => 'admin', 'middleware' => 'auth'], function ()
	{
	Route::get('/', [
	'as' => 'index',
	'uses' => 'AdminController@index'
	]);

	Route::get('dashboard', [
	'as' => 'dashboard',
	'uses' => 'AdminController@dashboard'
	]);

	Route::resource('user', 'UserController');
	});
	quickly looking i would just remove the request dependancy in the login function if your not using it, same as the others unless they are being used directly in the view??
	its just a style thing for me there is nothign wrong with it being there. OK I JUST SOUND LIKE AN ARSE HERE. sorry

	inject the password broker and user model in the constructor, though I would probably create a AuthRepository and inject the requirements in there and work on it that way.
	but im just being anal