Murlidhar Fichadia Murlidhar Fichadia - 6 months ago 28
SQL Question

Login user into laravel using pin

I have a very simple application of scoreboard in which I send an email to the users with the link. which looks like :

http://localhost:8888/users/evqGeyCgo4tIG2C
for now. here the string after
/users/
is a unique pin that is generated and emailed to the user.

So user simply clicks on the link and in the background I am trying to retrieve email and password of the user and attempt to login. But unfortunately, I cant use hashed password stored in Database to login.

This is my code :

Way 1 :

$user = User::select('email','password')->where('pin',$pin)->first();

if (Auth::login($user)) {
// Authentication passed...
return redirect()->intended('/user');
}


Way 2 :

$user = User::select('email','password')->where('pin',$pin)->first();

if (Auth::attempt(['email' => $user->email, 'password' => $user->password])) {
// Authentication passed...
return redirect()->intended('/user');
}


Unfortunately second way fails as I cant use the hashed password. And the first way I looked it from here but I dont see redirect to trigger. from here : https://laravel.com/docs/4.2/security#manually

I dont mind any other way/method to get the user loggedin with a pin. And I dont mind if any one user sees some other users profile.

So you might be thinking the pin is passed in url can be used by other user to login too. But I am not worried about it. Its just scores that users see of their game.

Answer

I think what you need is to log users in by their ID:

$user = User::select('id')->where('pin',$pin)->first();
Auth::loginUsingId($user->id);
return redirect()->intended('/user');