Confide is a authentication solution for Laravel4 made to eliminate repetitive tasks involving the management of users: Account creation, login, logout, confirmation by e-mail, password reset, etc.
Confide aims to be simple to use, quick to configure and flexible.
Current:
- Account confirmation (through confirmation link).
- Password reset (sending email with a change password link).
- Easily render forms for login, signup and password reset.
- Generate customizable routes for login, signup, password reset, confirmation, etc.
- Generate a customizable controller that handles the basic user account actions.
- Contains a set of methods to help basic user features.
- Integrated with the Laravel Auth component/configs.
- Field/model validation (Powered by Ardent).
- Login throttling.
If you are looking for user roles and permissions see Entrust
Planned:
- Captcha in user signup and password reset.
- General improvements.
In the require
key of composer.json
file add the following
"zizaco/confide": "dev-master"
Run the Composer update comand
$ composer update
In your config/app.php
add 'Zizaco\Confide\ConfideServiceProvider'
to the end of the $providers
array
'providers' => array(
'Illuminate\Foundation\Providers\ArtisanServiceProvider',
'Illuminate\Auth\AuthServiceProvider',
...
'Zizaco\Confide\ConfideServiceProvider',
),
At the end of config/app.php
add 'Confide' => 'Zizaco\Confide\ConfideFacade'
to the $aliases
array
'aliases' => array(
'App' => 'Illuminate\Support\Facades\App',
'Artisan' => 'Illuminate\Support\Facades\Artisan',
...
'Confide' => 'Zizaco\Confide\ConfideFacade',
),
Set the properly values to the config/auth.php
. This values will be used by confide to generate the database migration and to generate controllers and routes.
Set the address
and name
from the from
array in config/mail.php
. Those will be used to send account confirmation and password reset emails to the users.
Now generate the Confide migration and the reminder password table migration:
$ php artisan confide:migration
It will generate the <timestamp>_confide_setup_users_table.php
migration. You may now run it with the artisan migrate command:
$ php artisan migrate
It will setup a table containing username
, email
, password
, confirmation_code
and confirmed
fields, which are the default fields needed for Confide use. Feel free to add more fields to the database.
Change your User model in app/models/User.php
to:
<?php
use Zizaco\Confide\ConfideUser;
class User extends ConfideUser {
}
ConfideUser
class will take care of some behaviors of the user model.
Least, you can dump a default controller and the default routes for Confide.
$ php artisan confide:controller
$ php artisan confide:routes
Don't forget to dump composer autoload
$ composer dump-autoload
And you are ready to go.
Access http://yourapp/user/create
to create your first user. Check the app/routes.php
to see the available routes.
Basic setup:
- Database connection in
config/database.php
running properly. - Correct model and table names in
config/auth.php
. They will be used by Confide all the time. from
configuration inconfig/mail.php
.
Configuration:
ConfideServiceProvider
andConfideFacade
entry inconfig/app.php
'providers'
and'aliases'
respectively.- User model (with the same name as in
config/auth.php
) should extendConfideUser
class. This will cause to methods likeresetPassword()
,confirm()
and a overloadedsave()
to be available.
Optional steps:
- Use
Confide
facade to dump login and signup forms easly withmakeLoginForm()
andmakeSignupForm()
. You can render the forms within your views by doing{{ Confide::makeLoginForm()->render() }}
. - Generate a controller with the template contained in Confide throught the artisan command
$ php artisan confide:controller
. If a controller with the same name exists it will NOT be overwritten. - Generate routes matching the controller template throught the artisan command
$ php artisan confide:routes
. Yourroutes.php
will NOT be overwritten.
You can change the model name that will be authenticated in the config/auth.php
file.
Confide uses the values present in that configuration file.
To change the controller name when dumping the default controller template you can use the --name option.
$ php artisan confide:controller --name Employee
Will result in EmployeeController
Then, when dumping the routes, you should use the --controller option to match the existing controller.
$ php artisan confide:routes --controller Employee
First, publish the config files:
$ php artisan config:publish zizaco/confide
Then edit the view names in app/config/packages/zizaco/confide/config.php
.
To change the validation rules of the User model you can take a look at Ardent. For example:
<?php
use Zizaco\Confide\ConfideUser;
class User extends ConfideUser {
/**
* Validation rules
*/
public static $rules = array(
'username' => 'required|alpha_dash|between:6,12',
'email' => 'required|email',
'password' => 'required|between:4,11|confirmed',
);
}
Feel free to add more fields to your table and to the validation array. Then you should build you own signup form with the aditional fields.
If you want to generate a RESTful controller you can use the aditional --restful
or -r
option.
$ php artisan confide:controller --restful
Will result in a RESTful controller
Then, when dumping the routes, you should use the --restful option to match the existing controller.
$ php artisan confide:routes --restful
In order not to bloat Confide with not related features, the role and permission was developed as another package: Entrust. This package couples very well with Confide.
See Entrust
[Exception] SQLSTATE[HY000]: General error: 1364 Field 'confirmation_code' doesn't have a default value...
If you overwrite the beforeSave()
method in your model, make sure to call parent::beforeSave()
:
public function beforeSave( $forced = false ){
parent::beforeSave( $forced) // Don't forget this
// Your stuff
}
Confirmation link is not sent when user signup
Same as above. If you overwrite the afterSave()
method in your model, make sure to call parent::afterSave()
:
Users are able to login without confirming account
If you want only confirmed users to login, in your UserController
, instead of simply calling logAttempt( $input )
, call logAttempt( $input, true )
. The second parameter stands for "confirmed_only".
Confide is free software distributed under the terms of the MIT license
Any questions, feel free to contact me or ask here
Any issues, please report here