Laravel 5.2 PHP – Build a Shopping Cart – #14 Forcing User Login

00:00:00 so time to continue with this
00:00:02 application and time to work on do you
00:00:06 fact that currently every user is able
00:00:08 to check out but I want to restrict that
00:00:11 to locked in users only so that
00:00:15 certainly as something I'll work on next
00:00:17 a quick and easy way a level to make
00:00:20 sure that only locked end users can
00:00:22 reach the checkout page of course is to
00:00:25 go to the routes file then here which
00:00:28 you have this check out route and then
00:00:30 add a middleware to it add D off
00:00:33 middleware remember we're already using
00:00:35 the off malware it the user routes here
00:00:38 for example here where we want to
00:00:40 protect the profile and the logout route
00:00:43 so here I'm balls of protecting slash
00:00:46 check out and I'll also protect the post
00:00:49 route so that no user is able to somehow
00:00:52 issue a post check out requests through
00:00:55 the terminal or something like that
00:00:57 however if I do it like this and while I
00:01:01 reload this page
00:01:02 I'm redirected so I can go through a
00:01:04 shopping cart click checkout and I
00:01:06 redirect it to the sign-in page which is
00:01:08 great which is what I want but if I do
00:01:11 is sign in here I'm taken to the user
00:01:14 profile that and again I have to click
00:01:16 on shopping cart before I can actually
00:01:17 go to the checkout page if I click log
00:01:20 out while I'm redirected but it would be
00:01:23 nice if after signing in I would
00:01:26 automatically be sent to the checkout
00:01:28 page if that is where I wanted to go so
00:01:31 that this sign in it's not actually
00:01:33 redirecting me somewhere else thereafter
00:01:35 it would also be nice if I had some kind
00:01:38 of don't have an account yet sign up
00:01:42 link at the bottom and then again be
00:01:44 redirected to the check out page after
00:01:46 signing up so a bit of a more user
00:01:49 friendly process in this place here so
00:01:53 I'll first add a link here which is
00:01:55 pretty easy I'll go to my sign-in page
00:01:59 here this one and below the form I'm
00:02:02 adding text I just said don't have an
00:02:05 account
00:02:07 and then simply a link which says sign
00:02:12 up instead or something like that and
00:02:14 here of course this link should point to
00:02:17 my sign up route which is user I'll have
00:02:22 to look it up to be honest user user dot
00:02:27 sign up well that was easy
00:02:28 so here who's here I'll just link to
00:02:33 that page so now I at least have the
00:02:35 possibility of going to design up page
00:02:38 instead but still I don't have the
00:02:40 chance of or I don't get redirected to
00:02:43 the checkout page after doing so so in
00:02:46 order to implement that I'll need to go
00:02:50 to my middle aware file which I can full
00:02:53 find an email aware folder and here the
00:02:55 authenticate middleware is Tamila we're
00:02:57 responsible for protecting my routes
00:02:59 here and redirecting me and here I'm
00:03:02 setting up that I want to get redirected
00:03:03 to a user or sign in and that is of
00:03:06 course the correct behavior because I
00:03:08 want to redirect to this sign-in page if
00:03:10 the user is not logged in but I also
00:03:13 want to store the URL the user tried to
00:03:16 access previously to signing in so here
00:03:21 I will store this in my session put and
00:03:24 I'll just name it old URL of course you
00:03:27 name it whatever you want and then I'm
00:03:29 going to retrieve the old URL on my
00:03:32 request where a half does URL method
00:03:35 which just gives me the URL the user
00:03:37 wanted to access so with that I making
00:03:40 sure that I will actually not redirect
00:03:44 the user instantly but before doing so I
00:03:47 will at least store which URL he wanted
00:03:50 to access and I can also do it and here
00:03:52 because it's not relevant for dhx case
00:03:54 so with that I'm making sure that I at
00:03:57 least have that URL the next of course
00:04:00 is to use that and the place to
00:04:02 implement this is the user controller
00:04:04 here in the post sign-in method for
00:04:08 example I'm handling the case that the
00:04:10 user well is successfully logged in and
00:04:13 here is the place where I always
00:04:15 redirect to the user profile which is OK
00:04:19 normal sign-in process but if I wanted
00:04:22 to go to the checkout page then I don't
00:04:25 want to redirect there instead I want to
00:04:27 redirect to the old URL right therefore
00:04:29 in this off attempt check here where I

00:04:32 will check if the user was successfully
00:04:35 logged in I'll add another if block
00:04:37 inside of it where I just check if my
00:04:40 session has this old URL field because
00:04:45 if it doesn't have this field well then
00:04:47 I'm coming from somewhere else and well
00:04:49 I don't want to redirect there in this
00:04:53 case that I do have it I want to return
00:04:57 a redirect which then should lead to
00:05:00 well to does URL right so get old URL
00:05:05 like this I could do it like this but
00:05:08 actually all won't make one extra step
00:05:11 I'll extract the old URL here and
00:05:14 thereafter I'm going to forget this key
00:05:19 like so and then of course down here
00:05:23 I'll just use the old URL variable with
00:05:26 that I'm going to clear that old URL so
00:05:28 that upon futures sign-in requests I'm
00:05:31 not always getting redirected to
00:05:32 checkout page with that I set up the
00:05:37 redirection when signing in I'm going to
00:05:39 copy this code and of course I want to
00:05:42 do the same thing after signing up so
00:05:45 here in the post-synaptic out after
00:05:49 logging the user in here I'm also
00:05:51 checking if I have the over URL if I do
00:05:54 so I'll redirect there and if I don't
00:05:56 have it well then this KO here is
00:05:58 skipped and instead I'm just redirecting
00:06:01 to the user profile like that and with
00:06:03 that I'm making sure that I got this
00:06:05 well more convenient sign-in process
00:06:08 when I need to sign in for checking out
00:06:11 so with that change in place if I go
00:06:13 back to the application go to my
00:06:15 shopping cart and click on checkout then
00:06:18 I get this error because well first in
00:06:22 your controller we need to import these
00:06:24 sessions assayed certainly important and
00:06:27 I need to do this
00:06:28 in the authentic eight classier Soyuz
00:06:31 session like this okay with that if I go
00:06:35 back click on checkout again I redirect
00:06:37 it to the sign-in page and here if I
00:06:39 sign in with my dummy account click on
00:06:41 sign in now you see I'm getting to the
00:06:44 checkout page however one thing you'll
00:06:46 notice is if I lock out them I'm going
00:06:49 to the sign in page if I log in again
00:06:52 well I'm back on a checkout page and
00:06:54 that certainly is not to behavior one
00:06:57 right I want to go to the user profile
00:06:59 page now because checkout no longer is
00:07:01 my old old URL so something's going
00:07:05 wrong here and actually that's really
00:07:08 tricky if we have a look at our code we
00:07:11 do forget the old URL here after logging
00:07:15 in and that works I can tell you that so
00:07:18 somehow it seems to get set again at
00:07:22 some other place but the only place
00:07:24 where I do set it is here in my
00:07:26 authenticate Villa where here right so
00:07:29 it looks like we're getting to this
00:07:31 middle aware again and we actually do in
00:07:35 the user controller if I log out I'm
00:07:38 redirecting back now what does back mean
00:07:42 well if I log out here whilst only
00:07:45 checkout page well then back means back
00:07:48 to the checkout and the reason why I see
00:07:50 the sign-in page is just because the
00:07:52 checkout pages protected so here instead
00:07:56 of redirecting back which would lead to
00:07:59 old URL being set again I could simply
00:08:02 redirect to let's say user dot sign-in
00:08:07 directly doing it this way if I sign in
00:08:11 again you see that debugger was talking
00:08:14 about but if I now hit logout I'm taking
00:08:17 to the sign-in form and if I now log in
00:08:20 again we're at the user profile so now
00:08:22 this bug is fixed so that's definitely
00:08:25 an important one to keep in mind since
00:08:28 this is really tricky to find and it
00:08:31 well kind of destroys our whole work for
00:08:34 we set up there with that well out of
00:08:36 the way I can go back to
00:08:38 let's say logging out here then I can go
00:08:41 back to the you shopping cart let's say
00:08:44 I want to create a new user or some
00:08:46 quickly doing this with some dummy data
00:08:47 here and I'm going to be checkout page
00:08:50 as well with that I'm then able to
00:08:53 actually do the checkout I'll use this
00:08:56 dummy credit card number again some date
00:09:00 in the future some dummy CBC code here
00:09:04 don't save this purchase was successful
00:09:07 and if we have a look at the database
00:09:09 the orders table we get a new order now
00:09:12 related to user free which makes sense
00:09:14 because data ste user I just created
00:09:17 with this test free email address here

00:09:19 and yeah so all the orders are stored
00:09:24 here that's great
00:09:25 the very last thing is I wanna do is I
00:09:28 wanna take my user profile here and list
00:09:31 all the orders of a user so I'll be back
00:09:35 with that

You may also like