Laravel 5.4, show error message auth login when user is not active

Question

My focus is to show the user an error message called "You are inactive or not activated yet", if a user is tried to login with valid credentials but his status field is 0 ( Inactive ).

I am able to redirect a user to login page if his/her status is inactive by below function in LoginController.

protected function credentials(\Illuminate\Http\Request $request) {
    return ['email' => $request->{$this->username()}, 'password' => $request->password, 'status' => 1];

        }

How can I achieve this in laravel 5.4.

Any guide is helpful for me. Thanks in advance.

Answer 1

You can try to modify the sendFailedLoginResponse function in your LoginController.php

Path: app\Http\Controllers\LoginController

Remember to import Illuminate\Http\Request and App\User(Here is App\Models\User because I moved my User model to App\Models);

<?php

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
use App\Models\User;


class LoginController extends Controller
{
    /*
    |--------------------------------------------------------------------------
    | Login Controller
    |--------------------------------------------------------------------------
    |
    | This controller handles authenticating users for the application and
    | redirecting them to your home screen. The controller uses a trait
    | to conveniently provide its functionality to your applications.
    |
    */

    use AuthenticatesUsers;

    /**
     * Where to redirect users after login.
     *
     * @var string
     */
    protected $redirectTo = '/home';

    /**
     * Create a new controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        $this->middleware('guest')->except('logout');
    }

    protected function credentials(Request $request) {
      return array_merge($request->only($this->username(), 'password'), ['active' => 1]);
    }

    /**
     * Get the failed login response instance.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return \Illuminate\Http\RedirectResponse
     */
    protected function sendFailedLoginResponse(Request $request)
    {
        $errors = [$this->username() => trans('auth.failed')];

        // Load user from database
        $user = User::where($this->username(), $request->{$this->username()})->first();

        // Check if user was successfully loaded, that the password matches
        // and active is not 1. If so, override the default error message.
        if ($user && \Hash::check($request->password, $user->password) && $user->active != 1) {
            $errors = [$this->username() => trans('auth.notactivated')];
        }

        if ($request->expectsJson()) {
            return response()->json($errors, 422);
        }
        return redirect()->back()
            ->withInput($request->only($this->username(), 'remember'))
            ->withErrors($errors);
    }
}

By the way, I add a line in resources\lang\en\auth.php so I can use trans('auth.notactivated') as my error message.

<?php

return [
    'failed' => 'These credentials do not match our records.',
    'throttle' => 'Too many login attempts. Please try again in :seconds seconds.',
    'notactivated' => 'This account has not been activated yet.',
];