zizaco/confide-mongo

Confide Mongo is a authentication solution for Laravel that uses mongolid-laravel

Confide Mongo (Laravel4 Package)

, _(*1)

, _(*2)

Confide is a authentication solution for Laravel4 using MongoLid made to eliminate repetitive tasks involving the management of users: Account creation, login, logout, confirmation by e-mail, password reset, etc., _(*3)

Confide aims to be simple to use, quick to configure and flexible., _(*4)

Note: If you are NOT using MongoDB check Confide., _(*5)

Features

Current: - Account confirmation (through confirmation link). - Password reset (sending email with a change password link). - Easily render forms for login, signup and password reset. - Generate customizable routes for login, signup, password reset, confirmation, etc. - Generate a customizable controller that handles the basic user account actions. - Contains a set of methods to help basic user features. - Integrated with the Laravel Auth component/configs. - Field/model validation. - Login throttling. - Redirecting to previous route after authentication., _(*6)

If you are looking for user roles and permissions see Entrust, _(*7)

Planned: - Captcha in user signup and password reset. - General improvements., _(*8)

Quick start

Required setup

In the require key of composer.json file add the following, _(*9)

"zizaco/confide-mongo": "dev-master"

Run the Composer update comand, _(*10)

$ composer update

In your config/app.php add 'Zizaco\ConfideMongo\ConfideMongoServiceProvider' to the end of the $providers array, _(*11)

'providers' => array(

    'Illuminate\Foundation\Providers\ArtisanServiceProvider',
    'Illuminate\Auth\AuthServiceProvider',
    ...
    'Zizaco\ConfideMongo\ConfideMongoServiceProvider',

),

At the end of config/app.php add 'Confide' => 'Zizaco\Confide\ConfideFacade' to the $aliases array, _(*12)

'aliases' => array(

    'App'        => 'Illuminate\Support\Facades\App',
    'Artisan'    => 'Illuminate\Support\Facades\Artisan',
    ...
    'Confide'    => 'Zizaco\Confide\ConfideFacade',

),

Configuration

Set the driver to "mongoLid" in config/auth.php as stated in MongoLid Authentication:, _(*13)

    ...

    'driver' => 'mongoLid',

    ...

This values contained in config/auth.php will be used by Confide Mongo to generate the controllers and routes., _(*14)

Set the address and name from the from array in config/mail.php. Those will be used to send account confirmation and password reset emails to the users., _(*15)

User model

Change your User model in app/models/User.php to:, _(*16)

<?php

use Zizaco\ConfideMongo\ConfideMongoUser;

class User extends ConfideMongoUser {

}

ConfideMongoUser class will take care of some behaviors of the user model., _(*17)

Dump the default acessors

Least, you can dump a default controller and the default routes for Confide., _(*18)

$ php artisan confide:controller
$ php artisan confide:routes

Don't forget to dump composer autoload, _(*19)

$ composer dump-autoload

And you are ready to go. Access http://yourapp/user/create to create your first user. Check the app/routes.php to see the available routes., _(*20)

Usage in detail

Basic setup:, _(*21)

1. Mongo database connection in config/database.php running properly.
2. Set the auth driver to "mongoLid" in config/auth.php.
3. Check and correct the model and collection names in config/auth.php. They will be used by Confide all the time.
4. from configuration in config/mail.php.

Configuration:, _(*22)

1. ConfideMongoServiceProvider and ConfideFacade entry in config/app.php 'providers' and 'aliases' respectively.
2. User model (with the same name as in config/auth.php) should extend ConfideMongoUser class. This will cause to methods like resetPassword(), confirm() and a overloaded save() to be available.

Optional steps:, _(*23)

1. Use Confide facade to dump login and signup forms easly with makeLoginForm() and makeSignupForm(). You can render the forms within your views by doing {{ Confide::makeLoginForm()->render() }}.
2. Generate a controller with the template contained in Confide throught the artisan command $ php artisan confide:controller. If a controller with the same name exists it will NOT be overwritten.
3. Generate routes matching the controller template throught the artisan command $ php artisan confide:routes. Your routes.php will NOT be overwritten.

Advanced

Using custom collection / model name

You can change the model name that will be authenticated in the config/auth.php file. Confide uses the values present in that configuration file., _(*24)

To change the controller name when dumping the default controller template you can use the --name option., _(*25)

$ php artisan confide:controller --name Employee

Will result in EmployeeController, _(*26)

Then, when dumping the routes, you should use the --controller option to match the existing controller., _(*27)

$ php artisan confide:routes --controller Employee

Using custom form or emails

First, publish the config files:, _(*28)

$ php artisan config:publish zizaco/confide

Then edit the view names in app/config/packages/zizaco/confide/config.php., _(*29)

Update an User

To update an user already in the database you'll want to either pass in an different rule set or use the amend function., _(*30)

$user = new User;
$user->username = 'newUserName';

// Save
$user->save($this->getUpdateRules());

Validate model fields

To change the validation rules of the User model you can take a look at Laravel 4 Validations. For example:, _(*31)

<?php

use Zizaco\ConfideMongo\ConfideMongoUser;

class User extends ConfideMongoUser {

    /**
     * Validation rules
     */
    public static $rules = array(
        'email' => 'required|email',
        'password' => 'required|between:4,11|confirmed',
    );

}

Feel free to add more fields to your collection and to the validation array. Then you should build your own sign-up form with the additional fields., _(*32)

Passing additional information to the make methods

If you want to pass additional parameters to the forms, you can use an alternate syntax to achieve this., _(*33)

Instead of using the make method:, _(*34)

Confide::makeResetPasswordForm( $token ):

You would use:, _(*35)

View::make(Config::get('confide::reset_password_form'))
    ->with('token', $token);

It produces the same output, but you would be able to add more inputs using 'with' just like any other view., _(*36)

RESTful controller

If you want to generate a RESTful controller you can use the aditional --restful or -r option., _(*37)

$ php artisan confide:controller --restful

Will result in a RESTful controller, _(*38)

Then, when dumping the routes, you should use the --restful option to match the existing controller., _(*39)

$ php artisan confide:routes --restful

User roles and permissions

In order not to bloat Confide with not related features, the role and permission was developed as another package: Entrust. This package couples very well with Confide., _(*40)

See Entrust, _(*41)

Note: Entrust is not yet available for MongoLid / MongoDB, _(*42)

Redirecting to previous route after login

When defining your filter you should set the 'loginRedirect' session variable. For example:, _(*43)

// filters.php

Route::filter('auth', function()
{
    if ( Auth::guest() ) // If the user is not logged in
    {
        // Set the loginRedirect session variable
        Session::put( 'loginRedirect', Request::url() );

        // Redirect back to user login
        return Redirect::to( 'user/login' );
    }
});

// Only authenticated users will be able to access routes that begins with
// 'admin'. Ex: 'admin/posts', 'admin/categories'.
Route::when('admin*', 'auth'); 

or, if you are using Entrust ;), _(*44)

// filters.php

Entrust::routeNeedsRole( 'admin*', 'Admin', function(){
    Session::put( 'loginRedirect', Request::url() );
    return Redirect::to( 'user/login' );
} );

Validating a route

If you want to validate whether a route exists, the Confide::checkAction function is what you are looking for., _(*45)

Currently it is used within the views to determine Non-RESTful vs RESTful routes., _(*46)

Troubleshooting

"'confirmation_code' required" when creating a user, _(*47)

If you overwrite the save() method in your model, make sure to call parent::save():, _(*48)

public function save( $forced = false ){

    parent::save( $forced) // Don't forget this

    // Your stuff
}

Confirmation link is not sent when user signup, _(*49)

If you overwrite the afterSave() method in your model, make sure to call parent::afterSave(), _(*50)

Users are able to login without confirming account, _(*51)

If you want only confirmed users to login, in your UserController, instead of simply calling logAttempt( $input ), call logAttempt( $input, true ). The second parameter stands for "confirmed_only"., _(*52)

License

Confide is free software distributed under the terms of the MIT license, _(*53)

Aditional information

Any questions, feel free to contact me or ask here, _(*54)

Any issues, please report here, _(*55)