Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Referencing issue #546 #549

Closed
joaoribeiro-controlink opened this issue Jun 22, 2024 · 11 comments
Closed

Referencing issue #546 #549

joaoribeiro-controlink opened this issue Jun 22, 2024 · 11 comments

Comments

@joaoribeiro-controlink
Copy link

joaoribeiro-controlink commented Jun 22, 2024

Fortify Version

1.21.3

Laravel Version

11.11.0

PHP Version

8.2.5

Database Driver & Version

MySQL 8

Description

Fortify does not make a successful authentication if the "remember" field is not passed as true.

I found that the problem is because the User model hasUuids trait on it.

Steps To Reproduce

Adding this to the FortifyServiceProvider on the boot method:

Fortify::authenticateUsing(function (Request $request) {
  if(Auth::attempt($request->only('username', 'password'), $request->filled('remember'))){
      // Regenerate the session to avoid session fixation
      $request->session()->regenerate();
  
      // Return the authenticated user instance
      return Auth::user();
  }
  
  return null;
});
@driesvints
Copy link
Member

Heya, thanks for reporting.

We'll need more info and/or code to debug this further. Can you please create a repository with the command below, commit the code that reproduces the issue as one separate commit on the main/master branch and share the repository here? Please make sure that you have the latest version of the Laravel installer in order to run this command. Please also make sure you have both Git & the GitHub CLI tool properly set up.

laravel new bug-report --github="--public"

Please do not amend and create a separate commit with your custom changes. After you've posted the repository, we'll try to reproduce the issue.

Thanks!

@joaoribeiro-controlink
Copy link
Author

Hey,
I follow your request

Repo link: https://github.com/joaoribeiro-controlink/laravel-bugreport-hasuuid

@joaoribeiro-controlink
Copy link
Author

I only installed laravel/fortify and laravel/breeze, at the moment authentication is only possible if the remember checkbox is checked

@driesvints
Copy link
Member

I'm sorry @joaoribeiro-controlink but that's way too much changes in a single commit. I can't possible tell what your custom changes are. Please re-create the repo and commit anything installer/jetstream setup separately and all of your custom changes like the UUID changes you mention in a separate commit for me to review.

@joaoribeiro-controlink
Copy link
Author

@driesvints The only thing I did is this:
image

The rest has been made by fortify and breeze

@crynobone
Copy link
Member

@joaoribeiro-controlink Laravel Breeze doesn't use Laravel Fortify. So Fortify::authenticateUsing() is not going to be used when authenticating using Breeze.

@driesvints
Copy link
Member

Yeah I think there's still some things missing here. It might be best if you first try a support channel:

@joaoribeiro-controlink
Copy link
Author

That's a way to close the ticket...

Just try it on a new project, add the trait HasUuids to the user model and the login will not work...

The breeze is just a UI start package...

@crynobone
Copy link
Member

Breeze doesn't use Fortify and therefore this report is invalid.

And no, Breeze not just a UI package as install it's own set of Controllers https://github.com/laravel/breeze/blob/2.x/stubs/default/app/Http/Controllers/Auth/AuthenticatedSessionController.php

@joaoribeiro-controlink
Copy link
Author

@crynobone Right, so try to use this Trait on a clean Laravel installation and check if it work as suppose.. Basically, fortify will only authenticate if the remember is passed as true if not, it happears that the auth session expire in the next second after the login

@crynobone
Copy link
Member

I been developing a project on Fortify this week and doesn't have this issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants