In this lesson, we will implement the login form and authenticate the user.
Login form
So, first the login form.
resources/js/components/Auth/Login.vue:
<template> <form @submit.prevent="submitLogin"> <!-- Email --> <div> <label for="email" class="block font-medium text-sm text-gray-700"> Email </label> <input v-model="loginForm.email" id="email" type="email" class="block mt-1 w-full rounded-md shadow-sm border-gray-300 focus:border-indigo-300 focus:ring focus:ring-indigo-200 focus:ring-opacity-50" required autofocus autocomplete="username"> <!-- Validation Errors --> <div class="text-red-600 mt-1"> <div v-for="message in validationErrors?.email"> {{ message }} </div> </div> </div> <!-- Password --> <div class="mt-4"> <label for="password" class="block font-medium text-sm text-gray-700"> Password </label> <input v-model="loginForm.password" id="password" type="password" class="block mt-1 w-full rounded-md shadow-sm border-gray-300 focus:border-indigo-300 focus:ring focus:ring-indigo-200 focus:ring-opacity-50" required autocomplete="current-password"> <!-- Validation Errors --> <div class="text-red-600 mt-1"> <div v-for="message in validationErrors?.password"> {{ message }} </div> </div> </div> <!-- Remember me --> <div class="block mt-4"> <label class="flex items-center"> <input type="checkbox" name="remember" v-model="loginForm.remember" class="rounded border-gray-300 text-indigo-600 shadow-sm focus:border-indigo-300 focus:ring focus:ring-indigo-200 focus:ring-opacity-50" /> <span class="ml-2 text-sm text-gray-600">Remember me</span> </label> </div> <!-- Buttons --> <div class="flex items-center justify-end mt-4"> <button class="inline-flex items-center px-4 py-2 bg-gray-800 border border-transparent rounded-md font-semibold text-xs text-white uppercase tracking-widest hover:bg-gray-700 active:bg-gray-900 focus:outline-none focus:border-gray-900 focus:shadow-outline-gray transition ease-in-out duration-150 ml-4" :class="{ 'opacity-25': processing }" :disabled="processing" > </div> </form></template> <script setup>import useAuth from '@/composables/auth'; const { loginForm, validationErrors, processing, submitLogin } = useAuth()</script>Nothing special about the form itself. When submitted, we will call...
How secure is it to store and check for a auth user this way?
Shouldn't we be storing/checking for a bearer token?
as long as you do not have XSS vulnerabilities. same goes for everything else, not only localStorage.
Bearer token is set after you login, and is checked on the backend.
and as for bearer token, see the next lesson
There3 is no security risk here. Since we only store the information that we are logged in at the backend. If someone wants to access a restricted area of your Vue frontend, they always find a way - it is just a javascript applicatiion in the users browser. The important thing here is to protect the data in the backend, which is still protected.
I think you somehow forgot the script section in Login.vue file... Can you please take a look at that?
is not there @David Lun
This is the script setup I used in Login.vue
lesson is updated to include that part
i have a question in the loginUser function i can save the token of the user in local storage instead of "loggedIn" item ?
In the Intro you state that you only use breeze for its visual tools and we will not use it in the authentication section. Then after going through the whole course, you show us the modifications we have to do on the breeze authentication Controller - which I haven't, since I didn't think I'd need breeze. How much DO you rely on breeze functionality?
It's been some time since this course was written so don't remember exactly now. You could just copy the controller code from breeze and modify it. As I can see in the source code breeze controllers are used only for loggin in and logging out user.
Then just create that file with this one method.
Hello, I think there is something missing or broken in the
<button>element in Login.vue fileWill need more