shetabit/visitor

Exclude Password

mrensz49 opened this issue · 1 comments

mrensz49 commented

Hi!
Switching package to this one. I want to use this especially in my login route.
In a request field name under table name: shetabit_visits, found out that there were password were stored.

Just thinking if how can I modified or disabled the password only for a security purposes.
Any idea on this on how to exclude the password only?

Capture

Thanks.

Enaah commented

The except entry in the visitor.php-config does also nothing?!

Edit:

A small workaround to make it work:

  1. copy the LogVisits-Middleware (./vendor/shetabit/visitor/src/Middlewares/LogVisits.php) to your /app/Middleware/ (or where you organize them)
  2. register your Middleware everywhere instead of the package one

Add this lines on top of the Middleware:

 /* exclude the permitted routes */
        if (in_array($request->route()->getName(), config('visitor.except'), true)) {
            return $next($request);
        }

This will exclude the loggin completly and not removing the password-param from the request

  • 🎉2