If Persona needs to check for authentication, then change the model in your config/auth.php file. No need to do any joins or anything.
- Table: Persona
- Columns: id_Persona, Name, Age, City, Phone, Email, etc.
- N°Rows: 1.000's, contacts, users, refered, etc.
- Table: Usuario
- Columns: id_Persona, password, remember_token
- N°Rows: 10's, just users
Condition: Persona.id_Persona = Usuario.id_Persona
Auth: Persona.Email = <username> || Usuario.Password = <password>
That explain better why I need a join, can't just merge tables, the framework should adapt to my needs, no my needs to the framework, I can't have hundreds of rows in <NULL> just because I had to merge the tables... hope you can understand.
Do you know another way, @thomastkim? thanks!
So, if I'm understanding this correctly, users (Usario) can actually have a password without an email?
No, as it must exist a "Person" row with the same ID so it can exist an "User" row with given ID.
FOREIGN KEY (`id_persona`) REFERENCES `persona` (`id_persona`))
Can't exist an "User" without "Person", which have the email. "Email" is Not Null.
Ahh, I see. So a Persona has one Usario, and a Usario belongs to a Persona.
Try this then.
// Import this at the top
use Hash;
// Add this, wherever you do your login check
// The fields
$email = $request->email;
$password = $request->password;
// Get person and his/her relationship with usario
$user = Persona::with('usario')->where('email', $email)->first();
// check if user exists, and if so, check his password
// Then login using the usario id
if ($user && Hash::check($password, $user->usario->password)) {
Auth::loginUsingId($user->usario->id);
}
@thomaskim, thanks you'r right. Thanks for your idea, with that in mind, I changed postLogin() but inside AuthController, so I can preserve the Throttles and Remember features, and the core still unchanged, here's the code if I can help to another one:
//------------------------------------
Auth\AuthController.php
//------------------------------------
protected function postLogin(Request $request)
{
$this->validate($request, [
$this->loginUsername() => 'required', 'password' => 'required',
]);
// If the class is using the ThrottlesLogins trait, we can automatically throttle
// the login attempts for this application. We'll key this by the username and
// the IP address of the client making these requests into this application.
$throttles = $this->isUsingThrottlesLoginsTrait();
if ($throttles && $this->hasTooManyLoginAttempts($request)) {
return $this->sendLockoutResponse($request);
}
$credentials = $this->getCredentials($request);
//Here's the custom SQL, so you can retrieve a "user" and "pass" from anywhere in the DB
$usuario = \DB::select('
SELECT
persona.nombre,
usuario.password
FROM
persona
INNER JOIN
usuario ON persona.id_persona = usuario.id_persona
WHERE
persona.email = ?
LIMIT 1', array($credentials['email']));
// Instead of:
// if (Auth::attempt($credentials, $request->has('remember'))) {
if ($usuario && Hash::check($credentials['password'], $usuario[0]->password)) {
Auth::loginUsingId($usuario[0]->id_persona, $request->has('remember'));
// Put any custom data you need for the user/session
Session::put('nombre', $usuario[0]->nombre);
return $this->handleUserWasAuthenticated($request, $throttles);
}
// If the login attempt was unsuccessful we will increment the number of attempts
// to login and redirect the user back to the login form. Of course, when this
// user surpasses their maximum number of attempts they will get locked out.
if ($throttles) {
$this->incrementLoginAttempts($request);
}
return redirect($this->loginPath())
->withInput($request->only($this->loginUsername(), 'remember'))
->withErrors([
$this->loginUsername() => $this->getFailedLoginMessage(),
]);
}
Sign in to participate in this thread!
Laravel
Laravel News
Laracasts
Laravel Podcast