'Laravel redirect to blank page after logging in with encrypted user email
I have a client which want to save his data encrypted in the database (email, name etc.). He wants to log in with the email too. I made the functionality to log in with encrypted email but the problem is that after log in I am redirected to a blank page with the url /login when I should be redirected to /business-accounts. If I delete manually the /login from the url I am redirected to the /business-accounts which I need to be redirected. Before doing the ecrypted email authentication everything worked fine.
AuthenticatedSessionController.php
public function store(LoginRequest $request)
{
//check user is validated
User::all()->filter(function ($user) use ($request) {
if($user->email == $request->email){
if($user && $user->status==0){
throw ValidationException::withMessages([
'validation' => 'Account not verified.'
]);
}
//get user email crypted for login
$request->merge(['email' => User::find($user->id)->get_email_crypted()]);
$request->authenticate();
$request->session()->regenerate();
//set user session
UserService::set_session($user);
return redirect()->intended(RouteServiceProvider::HOME);
}
});
}
I printed a dd() before the return and seems like everything is working fine till there.
LoginRequest.php
public function authenticate()
{
$this->ensureIsNotRateLimited();
if (! Auth::attempt($this->only('email', 'password'), $this->boolean('remember'))) {
RateLimiter::hit($this->throttleKey());
throw ValidationException::withMessages([
'email' => __('auth.failed'),
]);
}
RateLimiter::clear($this->throttleKey());
}
RouteServiceProvider.php
public const HOME = '/business-accounts';
Encryption and decryption is made in the User model with get/setEmailAttribute. In the authenticate() method I could see that it is not entering the if where Auth::attempt is located.
I tried to make it work in PasswordResetLinkController too but all I could get is the same blank page with the url /forgot-password and no email received in the inbox.
My Laravel version is 8.x.
L.E. I dumped something before the return redirect() and I saw that in the browser after the login submit I am redirected back to the /login form, so I am thinking that I am getting in a loop or something.
L.E.2.
I somehow resolved this. The thing that I done was changing the crypting method on the email column. I changed the Laravel cripting method with the openssl_crypt function.
User Model
public function setEmailAttribute($value)
{
if (!is_null($value)) {
$this->attributes['email'] = openssl_encrypt($value, "AES-128-ECB", env('EMAIL_ENCRYPT_KEY', false));
}
}
Where the crypting key is located in .env.
AuthenticatedSessionController.php
public function store(LoginRequest $request)
{
//check user is validated
$user = User::where('email', openssl_encrypt($request->email, "AES-128-ECB", env('EMAIL_ENCRYPT_KEY', false)))->first();
if($user && $user->status==0){
throw ValidationException::withMessages([
'validation' => 'Contul nu este verificat'
]);
}
//set email from request to encrypted email
$request->merge(['email' => User::find($user->id)->get_email_crypted()]);
$request->authenticate();
$request->session()->regenerate();
UserService::set_session($user);
return redirect()->intended(RouteServiceProvider::HOME);
}
Solution 1:[1]
you can take a look in the log file in /storage/logs/laravel.log for the error message
also, you could change the .env file to show_errors = true and it will show the error in the browser
Solution 2:[2]
Use return redirect()->route('your-route-name'); maybe can help you.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Dharman |
| Solution 2 | Mansjoer |