Build Your Own PHP Framework

Sign in Get started

This episode is for members only

Sign up to access "Build Your Own PHP Framework" right now.

Already a member? Sign in to continue

Playing

33. Logging in

Episodes

0%

Your progress

Total: 4h 45m
Played: 0m
Remaining: 4h 45m

Join or sign in to track your progress

01. Setting up

01. Introduction

02. Composer and PSR-4 Autoloading

03. Bootstrapping and structure

04. Error reporting with Ignition

02. Container

05. Using a container

06. Adding service providers

07. Autowiring with reflection

08. Refactoring to a singleton

03. Application config

09. Building the Config class

10. Reading and merging config files

11. Registering service providers through config

12. Using env files

04. Routing and controllers

13. Everything starts with requests

14. Adding routing

15. Responding in routes

16. Cleaning up responding

17. Defining routes in a separate file

18. Creating a controller

19. Using services inside controllers

05. Views

20. Installing Twig

21. Rendering a view

22. Debugging in Twig

23. Creating a base layout

24. Page titles in Twig

25. Creating a Twig config helper

06. Database

26. Setting up and querying the database

27. Working with models

28. Creating an example user profile page

07. Authentication

29. Setting up Sentinel

30. Creating the registration flow

31. Registering and authenticating a user

32. Showing authenticated state

34. Logging out

08. CSRF Protection

35. Protecting routes with CSRF

36. Adding tokens to forms

09. Flashing messages

37. Basic session flashing

38. Creating a Twig helper and flashing globally

10. Validation

39. Validating the login form

40. Manually adding validation errors

41. Validating the registration form

42. Custom validation rules

11. Middleware

43. How middleware works

44. Adding auth middleware and grouping routes

45. Persisting old form data

12. Exception handling

46. Creating an exception handler

47. Custom 404 (and other error) views

48. Rendering views for CSRF errors

13. Pagination

49. Paginating with Eloquent

50. Building a pagination view with Twig

14. Global helpers

51. Registering functions with PSR-4

52. Container resolution helper

53. View and config helpers

54. Route generator helper

Transcript

00:00

Okay, let's now go through the flow again, but create a route to log the user in. So it's going to be exactly the same as our register flow. Feel free to go ahead and build it yourself if you want to try this out. Otherwise, let's get started.

00:13

So the first thing that we're going to need is a login controller. So I'm pretty much just going to copy and paste this register controller. So let's call this login controller and paste everything in. Obviously change over the name of this.

00:27

And everything is going to be pretty similar. The index is going to be similar here. We're just going to obviously render a login view. And in here, we'll fill this in in a second and we'll keep the redirect in here

00:37

because we are going to redirect the user over to the dashboard. Okay, so over to our web routes, let's go ahead and register two more of these. We'll look at route grouping a little bit later when things start to get messy. And let's say login, login and reference our login controller here and here.

00:54

And these two methods are the same. Okay, so last up, let's just create out the login.twig view. And again, we can pretty much steal everything from register because it's going to be very similar. Just changing over the title, the header, the action that we're going through to.

01:13

And we don't need our first name to log in. We just need our email and our password. And let's finally change that button label. Okay, so once again, let's add this to our navigation.

01:22

So let's, when we are not signed in, add in a login link here through to login. And if we head over, we should be able to click on this and enter our details. Okay, so to log a user in, we've actually already seen this over in our register controller, just here, this auth login.

01:41

Again, we're not going to add validation here. We're not going to check if the login failed. We will be doing that a little bit later. So let's go back over to our login controller.

01:50

And inside of the store, let's just take this. And instead of login, we're going to use authenticate. And you can also use authenticate and remember. So you could add a checkbox to this if you wanted to, to either pass this through,

02:03

as you can see, to the method. So if we just open up the authenticate method, you can see that we can pass a true or false value so you can implement a checkbox and send this through as well if you wanted to. Okay, so let's authenticate.

02:17

And of course, we're going to pass through all of the credentials that come through in the past body of the request. And then we're going to authenticate the user and send them over to the dashboard. So we'll tidy this up in just a second because we want to check if the login process failed.

02:32

But let's go and try and sign in with the details that I registered earlier. So my password is just password. Let's hit login. And there we go.

02:40

We are now signed in. Obviously, we have redirected to our dashboard. We see our name. So just to give you an idea of what we're going to cover later when we flash messages,

02:48

this, of course, can fail if I enter incorrect information. So if we head over to our cookies and get rid of our PHP session, let's go ahead and just submit this through. You can see that we're redirected because we're not creating any kind of if statements

03:04

in here to prevent that. And if I enter the incorrect credentials, we're not going to be signed in either. So what we're going to do with this is this will return false if it fails. So we can just wrap this entire thing in an if statement.

03:17

So if it does fail, what we can do is we can flash a message up here, which we're going to be covering a little bit later. And then we can redirect the user back to the login page. Let's go ahead and just make sure we check that this is falsy.

03:31

And let's go over and try and hit login. And you can see I'm just redirected straight back to the login page. If I enter my email address and I choose an incorrect password and hit login, again, that comes and redirects us back as well.

03:45

So that's pretty much what we're going to be doing later, both with the login and register process when we look at flashing messages. We just decide where we want to redirect the user to based on whether this was successful or failed.

Episode summary

In this episode, we're setting up the login functionality for our app. We basically go through a very similar process as when we built the registration flow, so if you want to try this yourself and already have the register code, you can use it as a starting point!

We'll start by creating a login controller, which is almost a copy-paste from the register controller but with the necessary tweaks, like changing the name and rendering a login view instead of a register view. We also hook up the routes for the login page in our web routes file, just like we did for registration.

Next, we build the login.twig view, mostly copying over the markup from the registration form, but since logging in only requires an email and password, we strip out the first name field and update the button text. We then update our nav so users can see a link to log in if they're not already signed in.

For the actual login logic, we use the framework's authenticate method with the submitted email and password, redirecting the user to their dashboard if successful. At this point, we're keeping things simple without validation or error messages, but we see what happens if the login fails—nothing fancy yet, just a redirect back to the login page. The groundwork is all here so that, in the future, we can add some flash messages to let users know if their login failed or succeeded.

So, by the end of this episode, users can now log in and get redirected to their dashboard, and we've laid out where and how to add polish like error handling later.

Episode discussion

No comments, yet. Be the first!