15.6 Get Coding
Finally it’s time to get our hands dirty! Let’s start with the authentication routine. First we need
to link our login route to the login form view.
1 <?php
2
3 Route::get('login', function() {
4 return View::make('pages.login');
5 });
There, that wasn’t so hard. Now let’s handle the authentication in the POST route in the usual
way.
1 <?php
2
3 Route::post('login', function() {
4
5 $userdata = array(
6 'username' => Input::get('username'),
7 'password' => Input::get('password')
8 );
9
10 if ( Auth::attempt($userdata) )
11 {
12 return Redirect::to('admin');
13 }
14 else
15 {
16 return Redirect::to('login')
17 ->with('login_errors', true);
18 }
19 });Now we can login to our system. If you have any trouble understanding these topics please refer
to the previous chapters, we aren’t covering anything new here.
Let’s create the logout route, so that we can test the login process.
1 <?php
2
3 Route::get('logout', function() {
4 Auth::logout();
5 return Redirect::to('/');
6 });
Let’s add a small profile section to the header of our main template. We can use this to login or
logout from the system.
1 <div class="header">
2 @if ( Auth::guest() )
3 {{ HTML::link('admin', 'Login') }}
4 @else
5 {{ HTML::link('logout', 'Logout') }}
6 @endif
7 <hr />
8
9 <h1>Wordpush</h1>
10 <h2>Code is Limmericks</h2>
11 </div>
Now to add the auth filter to both admin routes. You will notice that admin is the only route that
needs protecting, since we want people to be able to browse our blog but not write anything.
1 <?php
2
3 Route::get('admin', array('before' => 'auth', 'do' => function() {
4 // show the create new post form
5 }));
6
7 Route::post('admin', array('before' => 'auth', 'do' => function() {
8 // handle the create new post form
9 }));
Let’s also attach the create new post form to the admin GET route while we are here. We should
also hand the currently logged in user to this view. That way we can use the user objects id
field to identify the author.