I am building a system where when a user is logging in for the first time using Facebook, he doesn't get to provide a password. So I try to log him in using the credentials from facebook.
Sentry::authenticate($credentials, false);
The above command always has to ask for a password. How do I log in the user without having to ask them for a password?
In Sentry you can do login from two different ways:
1) When typed a password on your login form, you tell Sentry to find the user and check the password to authenticate and login him/she at the same time:
// Set login credentials
$credentials = array(
'email' => Input::get('email'),
'password' => Input::get('password'),
);
// Try to authenticate the user
$user = Sentry::authenticate($credentials, false);
2) When the user is authenticated by other means, like OAuth and you just need to force it to be logged on your system:
// Find the user using the user id or e-mail
$user = Sentry::findUserById($userId);
// or
$user = Sentry::findUserByLogin($email);
// and
// Log the user in
Sentry::login($user, false);
You choose one or another, you don't have to use both.
3) As third example, let's say you have an old user database and your passwords are hashed using MD5:
// Find the user
$user = Sentry::findUserByLogin($email);
// Check the password
if ($user->password !== md5(Input::get('password'))
{
Redirect::back()->withMessage('Password is not correct.');
}
// And, if password is correct, force the login:
Sentry::login($user, false);