Skip to content

Latest commit

 

History

History
109 lines (79 loc) · 3.07 KB

auth-manager.md

File metadata and controls

109 lines (79 loc) · 3.07 KB

Auth Manager

There is an Auth facade you may use for common tasks, it primarily inherits the October\Rain\Auth\Manager class for functionality.

You may use create method on the User model to register an account.

$user = \RainLab\User\Models\User::create([
    'name' => 'Some User',
    'email' => '[email protected]',
    'password' => 'changeme',
    'password_confirmation' => 'changeme',
]);

The markEmailAsVerified method can be used to activate an existing user.

// Auto activate this user
$user->markEmailAsVerified();

The check method is a quick way to check if the user is signed in.

// Returns true if signed in.
$loggedIn = Auth::check();

To return the user model that is signed in, use user method instead.

// Returns the signed in user
$user = Auth::user();

You may authenticate a user by providing their login and password with the attempt method.

// Authenticate user by credentials
$user = Auth::attempt([
    'email' => post('email'),
    'password' => post('password')
]);

The second argument is used to store a non-expire cookie for the user.

$user = Auth::attempt([...], true);

You can also authenticate as a user simply by passing the user model along with the login method.

// Sign in as a specific user
Auth::login($user);

The second argument will store the non-expire cookie for the user.

// Sign in and remember the user
Auth::login($user, true);

You may look up a user by their login name using the retrieveByCredentials method.

$user = Auth::retrieveByCredentials(['email' => '[email protected]']);

Guest Users

Creating a guest user allows the registration process to be deferred. For example, making a purchase without needing to register first. Guest users are not able to sign in and will be added to the user group with the code guest.

Use the is_guest attribute to create a guest user, it will return a user object and can be called multiple times. The unique identifier is the email address, which is a required field.

$user = \RainLab\User\Models\User::([
    'email' => '[email protected]',
    'is_guest' => true
]);

When a user registers with the same email address using the User::create method, they will inherit the existing guest user account.

// This will not throw an "Email already taken" error
$user = \RainLab\User\Models\User::create([
    'email' => '[email protected]',
    'password' => 'changeme',
    'password_confirmation' => 'changeme',
]);

Important: If you are using guest accounts, it is important to disable sensitive functionality for user accounts that are not verified, since it may be possible for anyone to inherit a guest account.

You may also convert a guest to a registered user with the convertToRegistered method. This will generate a random password and sends an invitation using the rainlab.user::mail.invite template.

$user->convertToRegistered();

To disable the notification and password reset, pass the first argument as false.

$user->convertToRegistered(false);