I'm attempting to switch our old form of authentication to Laravel's Auth. I'm authenticating the user with an ajax call, and checking if their password needs to be reset.
I validate the old way, use Laravel's Auth::login() to manually log the user in. On success of the ajax call, I redirect to the url of the reset password route.
Now when I get to the reset pass route, I check to see if the user is authenticated. When I check inside the reset password function, the user is no longer authenticated. Laravel route filtering also returns the same results.
Any advice is appreciated, thanks!
Javascript:
function login(){
$form = $('#login-form')
$.ajax({
url: "/laravel/public/index.php/login",
type: 'POST',
data: $form.serialize(),
success: function(data){
if(data.action == 'reset')
window.location = '/laravel/public/index.php/reset';
},
error: function(){
}
});
}
Login function - Laravel
$login = Input::get('login');
$pass = Input::get('password');
$user = User::where('login', $login)
->select('password_reset', 'crypted_password', 'salt', 'password', 'id')
->first();
// check for reset old password
if($user->password_reset == 1 && Hash::needsRehash($user->password)){
$reset = LoginController::oldValidation($pass, $user->salt, $user->crypted_password);
if($reset == 1){
Auth::login($user);
error_log('Login Auth:' . Auth::check()); // will return true
return array('action'=>'reset');
}
}
Reset function - Laravel
public static function reset(){
error_log('Check: ' . Auth::check()); // this is now false
}
