Authenticate in laravel 5.4 using Sentinel

1. Installation

Open terminal in root project and run commant:

composer require cartalyst/sentinel "2.0.*"

Open file config/app.php then add those line into $providers:

Cartalyst\Sentinel\Laravel\SentinelServiceProvider::class,

add into $aliases:

'Activation' => Cartalyst\Sentinel\Laravel\Facades\Activation::class,
'Reminder'   => Cartalyst\Sentinel\Laravel\Facades\Reminder::class,
'Sentinel'   => Cartalyst\Sentinel\Laravel\Facades\Sentinel::class,

all install ok, run this command in terminal:

php artisan vendor:publish --provider="Cartalyst\Sentinel\Laravel\SentinelServiceProvider"
php artisan migrate

you must delete tables users, reset_password in migrate and db.

to using, only use in class:

use Cartalyst\Sentinel\Native\Facades\Sentinel;
use Illuminate\Database\Capsule\Manager as Capsule;

Sentinel

2. Sample login, logout with rule admin

create Request form:

php artisan make:request StoreLogin

in file Requests\StoreLogin.php:

/**
     * Determine if the user is authorized to make this request.
     *
     * @return bool
     */
    public function authorize()
    {
        return true;
    }

    /**
     * Get the validation rules that apply to the request.
     *
     * @return array
     */
    public function rules()
    {
        return [
            //
            'email' => 'required',
            'password' => 'required|min:6'
        ];
    }

route:

Route::get('/login', 'AuthController@getLogin')->name('login');
Route::post('/postLogin', 'AuthController@postLogin')->name('postlogin');

function postLogin() in file AuthController.php:

public function postLogin(StoreLogin $request)
    {
        try {
            $remember = (bool) $request->get('remember', false);
            if (Sentinel::authenticate($request->all(), $remember)) {
                return redirect()->intended($this->redirectTo);
            } else {
                $err = "Tên đăng nhập hoặc mật khẩu không đúng!";
            }
        } catch (NotActivatedException $e) {
            $err = "Tài khoản của bạn chưa được kích hoạt";
        } catch (ThrottlingException $e) {
            $delay = $e->getDelay();
            $err = "Tài khoản của bạn bị block trong vòng {$delay} sec";
        }
        return redirect()->back()
            ->withInput()
            ->with('err', $err);
    }

form login: file auth\login.blade.php

<form class="" action=" { {  Route('postlogin')}}" method="post">
    @if(session('err'))
        <div class="alert alert-warning" role="alert"> { { session('err')}}</div>
    @endif
     { { csrf_field()}}
    <h3>Đăng nhập</h3>
    <div class="form-group  { {  ($errors->first('email'))?'has-error':''}}">
        <label for="email">E-mail</label> 
        <input type="email" name="email"
            class="form-control" id="email" placeholder="E-mail" value=" { {  old('email')}}">
        @if($errors->first('email'))
            <p class="text-danger"> { { $errors->first('email')}}</p>
        @endif
    </div>
    <div class="form-group  { {  ($errors->first('password'))?'has-error':''}}">
        <label for="password">Mật khẩu</label> 
        <input type="password"
            name="password" class="form-control" id="password"
            placeholder="Mật khẩu">
        @if($errors->first('password'))
            <p class="text-danger"> { { $errors->first('password')}}</p>
        @endif
    </div>
    <div class="checkbox">
        <label> <input type="checkbox" name="remember" value="1"> Ghi nhớ tài khoản
        </label>
    </div>
    <button type="submit" class="btn btn-primary">Gửi</button>
</form>

add Middleware for check() authenticate and role admin

php artisan make:middleware Authenticate
php artisan make:middleware CheckRoleAdmin

<?php

namespace App\Http\Middleware;

use Closure;
use Cartalyst\Sentinel\Native\Facades\Sentinel;
use Illuminate\Database\Capsule\Manager as Capsule;

class Authenticate
{

    /**
     * Handle an incoming request.
     *
     * @param \Illuminate\Http\Request $request         
     * @param \Closure $next            
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if (Sentinel::check()) {
            return $next($request);
        }

        return redirect()->route('login')->withErrors('Bạn phải đăng nhập');
    }
}

<?php



namespace App\Http\Middleware;

use Closure;
use Cartalyst\Sentinel\Native\Facades\Sentinel;
use Illuminate\Database\Capsule\Manager as Capsule;

class CheckRoleAdmin
{

    /**
     * Handle an incoming request.
     *
     * @param \Illuminate\Http\Request $request         
     * @param \Closure $next            
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if (Sentinel::getUser()->inRole('admin')) {
            // return $next($request);
            return $next($request);
        }
        return redirect()->route('login')->with('err', 'Bạn không có quyền truy cập');
    }
}

in Kernel.php: add into $routeMiddleware:

'auth' => \App\Http\Middleware\Authenticate::class,
'check.admin' => \App\Http\Middleware\CheckRoleAdmin::class

if you want authenticate you add middleware in route:

Route::group([
    'prefix' => 'post', 'middleware' => ['auth','check.admin']
], function () {
    Route::get('/index', 'PostController@index')->name('post.index');
    Route::get('/create', 'PostController@create')->name('post.create');
    Route::post('/store', 'PostController@store')->name('post.store');

    Route::post('/{id}/newComment', 'CommentController@create')->name('post.newcomment');

    Route::get('/{id}', 'PostController@getPost')->name('post.getpost');
    Route::post('/{id}/new', 'CommentController@createInPageDetails')->name('post.newcommentdetails');
});