I'm trying to get the sentry package set up in my app correctly.
I can log a user in and out and protect routes but I can't seem to get the redirect::intended to work properly. My understanding is that a user will be taken back to the route they originally called before being directed to the login page. At the moment it simply keeps redirecting to the default page.
In my routes.php I have the following group set up:
Route::group(array('before' => 'sentryAuth'), function () {...}
Within this group I've placed all the protected routes.
In my filters.php I have the following filters:
Route::filter('sentryAuth', function () {
if (!Sentry::check()) {
return Redirect::route('login');
}
});
Route::filter('sentryGuest', function () {
if (Sentry::check()) {
return Redirect::intended('dashboard');
}
});
In my userController I have the following code:
public function postAuthenticate()
{
try {
// Set login credentials
$credentials = array(
'email' => Input::get('email'),
'password' => Input::get('password')
);
// Try to authenticate the user
$user = Sentry::authenticate($credentials, false);
} catch (Cartalyst\Sentry\Users\LoginRequiredException $e) {
echo 'Login field is required.';
}
catch (Cartalyst\Sentry\Users\PasswordRequiredException $e) {
echo 'Password field is required.';
}
catch (Cartalyst\Sentry\Users\UserNotFoundException $e) {
echo 'User was not found.';
}
catch (Cartalyst\Sentry\Users\WrongPasswordException $e) {
echo 'Wrong password, try again.';
}
catch (Cartalyst\Sentry\Users\UserNotActivatedException $e) {
echo 'User is not activated.';
}
if (!Sentry::check()) {
return Redirect::to('user/login');
} else {
return Redirect::intended('dashboard');
}
}
I've tried to access a page 'bookings/create' without being logged in. I get taken to the login page, log in but it then takes me to the dashboard not to bookings/create.
AM I missing something here? Is there additional code I need to get the intended to work??
I am not sure about this, because I am not using Sentry for my current project.. so this is just a hunch.
It seems that since you used SentryAuth and not the native Auth class in laravel 4, the session item for the intended url is not set.. I looked on the API on the Redirector class and i saw this:
public function intended($default, $status = 302, $headers = array(), $secure = null)
{
$path = $this->session->get('url.intended', $default);
$this->session->forget('url.intended');
return $this->to($path, $status, $headers, $secure);
}
and as the code says, the session key is 'url.intended'. i verified this using the native Auth filter and the intended URL is set on Session::get('url.intended') as expected..
so a possible solution to this is to manually set it in the session. an example would be:
On your filter
Route::filter('sentryAuth', function () {
if (!Sentry::check()) {
Session::put('loginRedirect', Request::url());
return Redirect::route('login');
}
});
On your postAuthenticate() method
if (!Sentry::check()) {
return Redirect::to('user/login');
} else {
// Get the page we were before
$redirect = Session::get('loginRedirect', 'dashboard');
// Unset the page we were before from the session
Session::forget('loginRedirect');
return Redirect::to($redirect);
}
parts of the code were taken from here for reference.. ^_^