Build Your Own PHP Framework
This episode is for members only

Sign up to access "Build Your Own PHP Framework" right now.

Get started
Already a member? Sign in to continue
Playing
31. Registering and authenticating a user

Episodes

0%
Your progress
  • Total: 4h 45m
  • Played: 0m
  • Remaining: 4h 45m
Join or sign in to track your progress
01. Setting up
01. Introduction
2m 23s
0%
02. Composer and PSR-4 Autoloading
6m 17s
0%
03. Bootstrapping and structure
3m 18s
0%
04. Error reporting with Ignition
3m 49s
0%
02. Container
05. Using a container
3m 21s
0%
06. Adding service providers
5m 23s
0%
07. Autowiring with reflection
5m 5s
0%
08. Refactoring to a singleton
4m 17s
0%
03. Application config
09. Building the Config class
6m 19s
0%
10. Reading and merging config files
6m 21s
0%
11. Registering service providers through config
2m 13s
0%
12. Using env files
6m 26s
0%
04. Routing and controllers
13. Everything starts with requests
6m 52s
0%
14. Adding routing
5m 27s
0%
15. Responding in routes
4m 13s
0%
16. Cleaning up responding
7m 12s
0%
17. Defining routes in a separate file
3m 10s
0%
18. Creating a controller
5m 17s
0%
19. Using services inside controllers
2m 3s
0%
05. Views
20. Installing Twig
6m 22s
0%
21. Rendering a view
3m 36s
0%
22. Debugging in Twig
4m 45s
0%
23. Creating a base layout
3m 38s
0%
24. Page titles in Twig
4m 31s
0%
25. Creating a Twig config helper
8m 57s
0%
06. Database
26. Setting up and querying the database
13m 29s
0%
27. Working with models
4m 32s
0%
28. Creating an example user profile page
5m 49s
0%
07. Authentication
29. Setting up Sentinel
8m 36s
0%
30. Creating the registration flow
5m 44s
0%
31. Registering and authenticating a user
5m
0%
32. Showing authenticated state
5m 40s
0%
33. Logging in
3m 59s
0%
34. Logging out
3m 2s
0%
08. CSRF Protection
35. Protecting routes with CSRF
7m 51s
0%
36. Adding tokens to forms
6m 5s
0%
09. Flashing messages
37. Basic session flashing
5m 46s
0%
38. Creating a Twig helper and flashing globally
1m 39s
0%
10. Validation
39. Validating the login form
6m 40s
0%
40. Manually adding validation errors
1m 24s
0%
41. Validating the registration form
4m 5s
0%
42. Custom validation rules
9m 39s
0%
11. Middleware
43. How middleware works
5m 41s
0%
44. Adding auth middleware and grouping routes
7m 37s
0%
45. Persisting old form data
6m 53s
0%
12. Exception handling
46. Creating an exception handler
3m 38s
0%
47. Custom 404 (and other error) views
7m 27s
0%
48. Rendering views for CSRF errors
5m 18s
0%
13. Pagination
49. Paginating with Eloquent
7m 48s
0%
50. Building a pagination view with Twig
7m 38s
0%
14. Global helpers
51. Registering functions with PSR-4
1m 50s
0%
52. Container resolution helper
2m 24s
0%
53. View and config helpers
4m 12s
0%
54. Route generator helper
4m 34s
0%

Transcript

00:00
Now that we've got the data that we need to register a user,
00:03
registering a user isn't very difficult at all. We've already set up Sentinel over in our auth service provider, and remember we returned this or added this to our container. So we can very easily access this out of our container,
00:16
call any of the methods that Sentinel has to register a user, log a user in, whatever we need to do. Okay, so let's go back to our register controller and we'll start to do this now. Now bear in mind at this point we're not validating.
00:28
Validation is obviously incredibly important. We're also not going to catch any kind of error here, for example, if the user already exists. So we will be doing that when we get to validation and also flashing messages.
00:40
Okay, so to register a user, we need to pull Sentinel in at the top here. So let's go ahead and pull Sentinel in, and we'll just name that auth so we can access it really conveniently. And let's go ahead and register a user.
00:56
So to register a user, let's access Sentinel, and we're going to say register. Now we can either register a user or register and activate them. Later on, if you wanted to add these ability to send emails, you could register them, send off an email,
01:11
and they would have to click a link in their email. We're not going to be doing that just yet. So let's choose register and activate, which will activate that user's account. Now this method expects, if we just check this out, an array of credentials.
01:23
So things like the first name, email, and password. The hashing will be taken care of for you, so you don't have to manually hash any passwords. So all we really need to do is just parse in the parsed body that we did before.
01:37
And that is as easy as it is now to register an account. Now there's one other thing that we're going to look at, which we haven't touched on just yet, which is redirecting a user. So to redirect a user, we want to return a response,
01:51
but we want to do something slightly different. We don't just want to return a standard response like we've been doing. Instead, we want to return a redirect response. So a redirect response from that direct Taurus package
02:06
will go ahead and redirect the user to a specific location. So we already have that dashboard page, and it makes sense after the user's registered to redirect them straight to their dashboard.
02:17
So this isn't going to look great at the moment because we're not validating anything. We're not flashing any messages. We're not even showing if the user is signed in,
02:25
and we're not even signing the user in here, but we'll see the redirect in action, and then we'll go ahead and check out what else we can do. Okay, let's go over to register.
02:33
Remember over in the database under users, we don't have any users at the moment. We cleared that out earlier. Let's try and register an account for myself,
02:43
and we'll see what happens. Okay, let's hit register here. And there we go. So we were redirected over to the dashboard.
02:50
So that redirect response works, and let's give the database a refresh. So as you can see, everything that we need is filled in, including the hashed password, super useful,
03:01
really, really easy to get this working. Now, as part of the registration process, technically now we're not signed in. So throughout the course,
03:10
if you want to sign the user out because we're not at the point yet that we are actually implementing the logout, head over to your session storage or your cookie storage
03:19
and just get rid of the PHP session ID. And I don't think there'll be anything in session storage, no. So we're just dealing with cookies here.
03:26
So clear that out. We know that we are not signed in at the moment. Let's go ahead and actually sign the user in after we have registered them.
03:34
So what we're gonna need to do is wrap this in an if statement. So let's create out an if statement here, and let's pop this just directly
03:42
into the actual if statement itself. And what we're gonna do is assign the user, which gets returned from this register and activate method. So this register method here will create the user for us,
03:55
and then it will return that user. So with that, we'll have the user after they've registered, and then all we need to do is just call auth and login, and we just wanna pass the instance of the user in.
04:09
So when we log in, we can either pass an instance of the user who has been registered, or we can pass in the credentials that we want to use.
04:17
Okay, so this should log us in now, and then in the next episode, we're gonna look at updating our state. Okay, let's just try this out one more time.
04:24
So we'll need to clear out the record in the database here. Let's head back over and register a new account, and that should sign us in, although we won't have any knowledge of it.
04:35
Okay, great. So we are technically signed in. If we head over to application and cookies, this session will now let us know that we're signed in.
04:44
Okay, so we've registered an account. We've got a lot of work to do in terms of validation, checking that the user was actually created properly and flashing any errors if it wasn't,
04:53
but let's go to the next episode and just change around the state of the navigation so once we have registered an account, we know that we are signed in.

Episode summary

In this episode, we finally wire up our user registration logic! We start off with the data we collected from our registration form, and — using Sentinel, which we've already set up — we register a new user. You'll see how we can easily access Sentinel from our container and use it to call methods like register or register and activate.

We keep things simple for now: no validation or error handling is done yet (we'll get to that soon). We're also skipping email activation for the moment and just activating the account automatically.

Once a user is registered, we look at how to redirect them immediately to the dashboard using a redirect response. Then we try it out: register a new account, watch the redirect happen, and take a look at the database to confirm the user (and their hashed password!) is there.

After registration, we realize the user isn't technically signed in yet, so we go back and update the code to log the user in as soon as they're created. We make a quick change, re-test, and see that the session cookie indicates the user is now logged in.

By the end of this episode, our app can register users and immediately log them in. There's still work to do (like validation and error-handling), but we're up and running. Next up: we'll update the navigation to reflect the new authentication state!

Episode discussion

No comments, yet. Be the first!