im using this code to make an angular and laravel token based auth.
i trying to all multiple column login, eg email, phone and userid, though it was working ok but after playing around a bit i notice that if the user does not exist it would log them in as the first user from the DB.
here is the code
$email = $request->only('email', 'password');
$ssn = $request->only('ssn', 'password');
$badgenumber = $request->only('badgenumber', 'password');
$ophone = $request->only('ophone', 'password');
$fphone = $request->only('fphone', 'password');
$pager = $request->only('pager', 'password');
$error = 0;
try {
// verify the $email and create a token for the user
if (!$token = JWTAuth::attempt($email)) {
$error = 1;
}
if ($error == 1) {
$error = 0;
if (!$token = JWTAuth::attempt($ssn)) {
$error = 1;
}
}
if ($error == 1) {
$error = 0;
if (!$token = JWTAuth::attempt($badgenumber)) {
$error = 1;
}
}
if ($error == 1) {
$error = 0;
if (!$token = JWTAuth::attempt($ophone)) {
$error = 1;
}
}
if ($error == 1) {
$error = 0;
if (!$token = JWTAuth::attempt($fphone)) {
$error = 1;
}
}
if ($error == 1) {
$error = 0;
if (!$token = JWTAuth::attempt($pager)) {
$error = 1;
}
}
if($error == 1){
return response()->json(['error' => 'invalid_credentials'], 401);
}
} catch (JWTException $e) {
// something went wrong
return response()->json(['error' => 'could_not_create_token'], 500);
}
// if no errors are encountered we can return a JWT
return response()->json(compact('token'));
}
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire