-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
8 changed files
with
186 additions
and
141 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -9,7 +9,28 @@ nextURL: '/docs/features/user-profiles' | |
|
||
# Authentication | ||
|
||
Wave provides you with all the authentication features you need for most use-cases. Here are the login pages that you get out of the box: | ||
Wave is built on top of <a href="https://devdojo.com/auth" target="_blank">DevDojo Auth</a>, which means your application will have all the authentication features you need for most use-cases. Be sure to refer to the <a href="https://devdojo.com/auth" target="_blank">Auth docs</a> for more advanced configurations. | ||
|
||
- [Authentication](#authentication) | ||
- [Auth Customizations](#auth-customizations) | ||
- [Available Authentication Pages](#available-authentication-pages) | ||
- [Login](#login) | ||
- [Registration](#registration) | ||
- [Verify Email](#verify-email) | ||
- [Password Confirmation](#password-confirmation) | ||
- [Password Reset/Request](#password-resetrequest) | ||
- [Two-Factor Challenge](#two-factor-challenge) | ||
- [Social Authentication](#social-authentication) | ||
|
||
# Auth Customizations | ||
|
||
Our Auth package includes a setup route that will allow you to upload a logo, change your color scheme and more. If you visit `/auth/setup` you'll see a setup page in front of you that will provide a handful of customization options. | ||
|
||
<img src="https://cdn.devdojo.com/images/august2024/devdojo-auth-setup.jpeg" class="w-full h-auto rounded-md" /> | ||
|
||
# Available Authentication Pages | ||
|
||
Below is a quick list of all the authentication pages you get out of the box: | ||
|
||
- Login | ||
- Register | ||
|
@@ -19,65 +40,81 @@ Wave provides you with all the authentication features you need for most use-cas | |
- Password Reset | ||
- Two-Factor Challenge | ||
|
||
--- Previous | ||
Let's dig into each page a little deeper. | ||
|
||
# Authentication | ||
### Login | ||
|
||
Wave is built on top of the default Laravel Authentication and includes a few additional features such as email verification, forgot password, username login, and of course billing upon registration. | ||
After a user has created an account through your application, they can login by visiting the `/auth/login` route. After successfully logging in the user will then be redirected to their dashboard. | ||
|
||
- [Authentication](#authentication) | ||
- [Authentication](#authentication-1) | ||
- [Registration](#registration) | ||
- [Login](#login) | ||
- [Email verification](#email-verification) | ||
- [Login with email or username](#login-with-email-or-username) | ||
- [Forgot password](#forgot-password) | ||
> With a fresh installation of Wave your app will have a default admin account. To use this account you can login with the following email `[email protected]` and password as `password` | ||
--- | ||
|
||
<a name="register"></a> | ||
### Registration | ||
|
||
By default users will need to purchase in order to register for an account; however, you can open up free registration by visiting the admin settings `/admin/settings`, clicking on the Billing Tab, toggling off *Require Credit Card Up Front*, and save. | ||
By default, all users can register for a free account; however, if you wanted users to be a subscriber before accessng your app, you can add the `subscribed` middleware to the dashboard and many other pages. This will restrict access to a specific page unless a user is a subscriber. | ||
|
||
> You can use the `subscribed` middleware in place of the `auth` middleware, no need to include them both. The `subscribed` middleware will also check that the user is logged in and if not it will redirect them to the login page. | ||
Otherwise, you may offer your users a Free minified version of your SaaS and encourage them to upgrade to a subscription plan with more advanced and bonus features. | ||
|
||
If you wish to add some additional functionality when a user registers, you may add this to your `App\Models\User` model inside of the `boot()` method. As you can see we've already added some functionality to dynamically create a username from an email and assign the user with the default user role upon registration. | ||
|
||
```php | ||
protected static function boot() | ||
{ | ||
parent::boot(); | ||
|
||
// Listen for the creating event of the model | ||
static::creating(function ($user) { | ||
// Check if the username attribute is empty | ||
if (empty($user->username)) { | ||
// Use the name to generate a slugified username | ||
$username = Str::slug($user->name, ''); | ||
$i = 1; | ||
while (self::where('username', $username)->exists()) { | ||
$username = Str::slug($user->name, '') . $i; | ||
$i++; | ||
} | ||
$user->username = $username; | ||
} | ||
}); | ||
|
||
// Listen for the created event of the model | ||
static::created(function ($user) { | ||
// Remove all roles | ||
$user->syncRoles([]); | ||
// Assign the default role | ||
$user->assignRole( config('wave.default_user_role', 'registered') ); | ||
}); | ||
} | ||
``` | ||
|
||
![no-cc](https://cdn.devdojo.com/images/april2021/no-cc.png) | ||
You may modify this functionality as needed or add more functionality to it. | ||
|
||
Now your users will be able to register for a free account. | ||
### Verify Email | ||
|
||
<a name="login"></a> | ||
### Login | ||
In order to turn on Email Verification and require your users to verify their email before accessing your application, you can toggle that setting from the Auth Settings page (`/auth/setup/settings`), toggle on the **Registration Require Email Verification**, and users will now be required to verify email before accessing your application. | ||
|
||
After a user has created an account through your application, they can login by visiting the `/login` route. After successfully logging in the user will then be redirected to their dashboard. | ||
<img src="https://cdn.devdojo.com/images/august2024/require-email-verification.png" class="w-full h-auto rounded-md" /> | ||
|
||
> If you have just installed Wave you can login with the default email `[email protected]` and password as `password` | ||
Please refer to <a href="https://devdojo.com/auth/docs/config/email/" target="_blank">this documentation</a> to learn how to modify the logo in your emails. | ||
|
||
<a name="email-verification"></a> | ||
### Email verification | ||
|
||
You may choose to require your users to verify their email before signing up for a free trial. To enable this you will need to visit the admin settings page at `/admin/settings`, click on the Auth tab and then toggle *Verify Email during Sign Up* | ||
### Password Confirmation | ||
|
||
![verify-email](https://cdn.devdojo.com/images/april2021/verify-email.png) | ||
There may be parts of your application where you want users to confirm their password before being able to access your application. You can add the middleware name `confirm` to any page/route and the user will be required to re-enter their password. | ||
|
||
<a name="login-options"></a> | ||
### Login with email or username | ||
### Password Reset/Request | ||
|
||
Optionally you may choose to allow users to login with their email address or their username. You can also change this in the **Auth** tab of your admin settings (see screenshot above). | ||
The password Request page allows users to enter in their email address. They will then be sent a unique password link in their email. Upon visiting that link they will be prompted to reset their password. | ||
|
||
<a name="forgot-password"></a> | ||
### Forgot password | ||
### Two-Factor Challenge | ||
|
||
Users can click on the forgot password link on the login page and they will be taken to a form where they can enter their email address.The user will then receive an email with a link to your application where they can reset their password. | ||
You can also give your users the option of enabling Two-Factor auth to gaurantee security in their account. Learn more about <a href="https://devdojo.com/auth/docs/config/two-factor-auth/" target="_blank">setting up 2FA and enabling it for your users here</a>. | ||
|
||
> Quick note on Email Verification and Forgot Password, your application must be configured to send email before these features can be used. | ||
## Social Authentication | ||
|
||
The simplest way to test emails in development mode is to use [Mailtrap](https://mailtrap.io/). You can sign up for a free account and then enter your mailtrap credentials in your `.env` file: | ||
Setting up Social Authentication is very simple thanks to the Auth Package. From inside the `/auth/setup/providers` you can toggle the social networks you want to enable. | ||
|
||
```html | ||
MAIL_DRIVER=smtp | ||
MAIL_HOST=smtp.mailtrap.io | ||
MAIL_PORT=2525 | ||
MAIL_USERNAME= | ||
MAIL_PASSWORD= | ||
MAIL_ENCRYPTION=null | ||
``` | ||
<img src="https://cdn.devdojo.com/images/august2024/social-providers-screen.jpeg" class="w-full rounded-md border border-gray-200" /> | ||
|
||
You will also need to add the social network API keys in order to successfully enable the provider. <a href="https://devdojo.com/auth/docs/config/social-providers/" target="_blank">Learn more about that here</a>. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.