Password expiration middleware to exclude social logins

Question

Password expiration middleware to exclude social logins

soringabriel opened this issue 2 years ago · 3 comments

https://github.com/rappasoft/laravel-boilerplate/blob/master/app/Domains/Auth/Http/Middleware/PasswordExpires.php#L25

I believe the middleware should have effect only for users that are NOT logged in through social logins (such as google or facebook). That's because those users do not have a password to set for current password when it expires (yet the boilerplate asks for it)

Answer 1 · 2022-05-05T07:55:52.000Z

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

Answer 2 · 2022-05-30T02:03:58.000Z

I am right this would require setting a session variable when social is used to logon, ie in App\Domains\Auth\Http\Controllers\Frontend\Auth\SocialController callback. by adding something like
session(['isSocial' => '1']);

and then checking this variable in the middleware? something like in App\Domains\Auth\Http\Middleware\PasswordExpires
handle function
if (session('isSocial', '0') == '1') {

or is there a better way?

Answer 3 · 2022-07-06T06:33:32.000Z

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.