cartalyst / sentinel Goto Github PK

On the documentation page, a small error occur.
See : https://cartalyst.com/manual/sentinel#callback-hasher

// Native PHP
$sentinel->setHasher(new Cartalyst\Sentinel\Hashing\NativeHasher($hasher, $checker));

// In Laravel
Sentinel::setHasher(new Cartalyst\Sentinel\Hashing\NativeHasher($hasher, $checker));

should be :

// Native PHP
$sentinel->setHasher(new Cartalyst\Sentinel\Hashing\CallbackHasher($hasher, $checker));

// In Laravel
Sentinel::setHasher(new Cartalyst\Sentinel\Hashing\CallbackHasher($hasher, $checker));

https://api.github.com/repos/cartalyst/sentinel/zipball/8ae622bf5f774c05e6b0f3bc2ccb8062732dc51b
returns
{
"message": "Not Found",
"documentation_url": "https://developer.github.com/v3"
}

tried dev-master, 1.0.x-dev, v1.0.1, v1.0.0 all fail with the same error message

I've read and re-read #17 and #22 and still doesn't help.

I have my own User model that extends EloquentUser and updated the config file. When using Sentinel::update($user, $updates) it returns an object(Cartalyst\Sentinel\Users\EloquentUser) instead of object(User).

Should the sentinel methods be returning the custom model instead of the EloquentUser model?

Greetings,
I'm not sure if I'm doing it wrong, but How can I check if an user has "user" permissions?

I'm trying with $user->hasAccess('user')

That's what I used to do with the old Sentry, but with Sentinel I'm getting the following error:

ErrorException
Argument 2 passed to Cartalyst\Sentinel\Permissions\SentinelPermissions::preparePermissions() must be of the type array, null given

Thanks in advance!

I don't know the procedure to get Laravel5 to take this branch. I've tried the L4 instructions and of course, they didn't work properly. I have 2 projects I would like to integrate Sentinel and would like to take advantage of the upgrades to the Branch to integrate into Laravel5, as easily as Sentinel integrated into Laravel4.

I don't personally know how to make it work, or I would fork, change the read-me for everyone's benefit.

I'm writing a filter in Laravel to handle checking permissions for any given route. I'm using role-based standard permissions. When I try to use $user->hasAccess("admin"), it always returns false, even though I'm checking a user in the administrators role, with the admin permission. Here's an example.

//setting up the role and permissions in UserSeeder.php
$role = Sentinel::getRoleRepository()->createModel()->create([
        'name' => 'Administrators',
        'slug' => 'administrators'
]);

$role->permissions = [
        'admin'
];

$role->save();



//setting up admin in console command
$credentials = [
        'email' => $this->option('email'),
        'password' => $this->option('password')
];

$user = Sentinel::registerAndActivate($credentials);

$role = Sentinel::findRoleByName('Administrators');
$role->users()->attach($user);



//trying to check user
if(!$user = Sentinel::check())
{
        if($request->ajax()) return $this->response->make('Unauthorized', 401);
        return $this->response->redirectGuest('/login');
}

//always returns false
if(!$user->hasAccess('admin'))
{
        if($request->ajax()) return $this->response->make('Unauthorized', 401);
        return $this->response->redirectGuest('/login');
}

Any help would be greatly appreciated. Thanks!

Tried doing a composer update this morning and it resulted in the fatal error:

PHP Fatal error: Trait 'Cartalyst\Support\Traits\RepositoryTrait' not found in /home/xxxxx/public_html/vendor/cartalyst/sentinel/src/Activations/IlluminateActivationRepository.php on line 26

Any ideas?

After trying to composer update, sentinel blocks it because I'm on laravel 4.2. For now I don't have intention to migrate to 5.0, and most packages support both versions. Is it possible to still use it in 4.2 ?

So I'm using Laravel 4.2 with Sentinel 1.0.5, but I can see the same problematic code in the latest version as well, and it's this line in particular:

When I run unit tests without a database (which isn't unreasonable), I randomly get exceptions when Sentinel fails to find the activations and permissions database tables - which is expected, since there is no database in the first place.

Is there any recommended way to do what I want, that isn't "use a database for testing"?

The boot() method gets called when the application gets booted, so I don't know if there's a way around it - perhaps if the garbage collection code is moved to the closure within SentinelServiceProvider::registerSentinel()? Then garbage collection would only kick in when an actual Sentinel instance is requested somewhere - which is not something I'll ever be doing in my app's unit tests - I might only have mocks of the Sentinel class there, but since this package already has comprehensive tests, I don't want to test Sentinel itself in my app's tests.

Something like this, basically:

    protected function registerSentinel()
    {
        $that = $this;

        $this->app['sentinel'] = $this->app->share(function($app) use ($that)
        {
            $that->garbageCollect();

            /* rest of the service provider */
        }
    }

Of course, the call to $this->garbageCollect() within the service provider's boot() method would be removed.

Another solution, which seems to work for me is to have an environment-specific Sentinel configuration file. In other words, I have the file app/config/packages/cartalyst/sentinel/testing/config.php with the following contents:

<?php

return [
    'activations' => [
        'lottery' => [0, 100],
    ],
    'reminders' => [
        'lottery' => [0, 100],
    ],
];

Am I wrong in feeling that this is a little too hacky? Because, basically, it's like saying "in testing, you have a 0% chance of triggering garbage collection", as opposed to "in testing, don't ever try to perform garbage collection". Or maybe this is okay, and I'm just being obtuse.

Thanks in advance for any comments on this!

Would like more events added to the core. Events fired for actions such as creating password reminders, successful password resets, and logouts.

Laravel's package registration process is as below:

ServiceProvider --> register() [*should register the package and Laravel will tell the config repository the hint path] --> boot()

*Notice all the config, files, language etc path hints it adds when registering the package: https://github.com/laravel/framework/blob/master/src/Illuminate/Support/ServiceProvider.php#L54

Sentinel is incorrectly doing the below:

ServiceProvider --> register() [not registering the package, attempts to do lots of config calls for settings but Laravel can't/doesn't know where the package is and therefore has a hard time finding the path for the settings] --> boot() [only now registers the package]

Currently in Sentinel the package is registered AFTER the register in the boot method. This causes issue, possibly because Sentinel is using a non-recommended path structure for the config settings. I'm not sure if this is just an issue overloading the Sentinel config.

When I'm registering a new user:

$input = [
'email'=> Input::get('email'),
'username' => Input::get('username'),
'password' => Input::get('password')
];

And I use Sentinel::register($input); Only email & password columns with be filled in the database. In Sentry the username column could also be used to create the user.

Is it a bug? Or i'm doing it wrong?
Thanks in advance!

Hi there,

It appears this package has less granular exceptions on authenticate, login, and create user than Sentry does.

Is there a reason for this?

Also,

I found that if a user had not activated their account calling Sentinel::check() inside of a view throws a "NotActivatedException" exception that cannot be caught in the view. What is the process for doing so?

I can see Groups service provider and interface in the source code of Sentinel. But it is neither documented in the manual nor has SQL tables created after installing Sentinel.

What is wrong?

Hi,
I am trying to atttach a role to a user on user creation but I get "Call to undefined method Illuminate\Database\Query\Builder::user()"
following the instructions on https://cartalyst.com/manual/sentinel#assign-a-user-to-a-role
I hav the following:

$user = Sentinel::register($attributes);
$role = Sentinel::findRoleBySlug('owner');
$role->user()->attach($user);

I get the error on $role->user()->attach($user);

Deleting a user does not return true or false; always returns NULL

    public function delete()
    {
        if ($this->exists)
        {
            $this->activations()->delete();
            $this->persistences()->delete();
            $this->reminders()->delete();
            $this->roles()->detach();
            $this->throttle()->delete();
        }

        parent::delete();
    }

This is how it should be. Note the added return.

    public function delete()
    {
        if ($this->exists)
        {
            $this->activations()->delete();
            $this->persistences()->delete();
            $this->reminders()->delete();
            $this->roles()->detach();
            $this->throttle()->delete();
        }

        return parent::delete();
    }

I just noticed following relationship:

    /**
     * Returns the activations relationship.
     *
     * @return \Illuminate\Database\Eloquent\Relations\HasMany
     */
    public function activations()
    {
        return $this->hasMany(static::$activationsModel, 'user_id');
    }

This doesn't make sense to me right now, shouldn't user have hasOne relationship with activations table?

When user registers, a record in activations table is created. I'm guessing that will be updated whenever a user tries to activate and once he/she activates you set completed to 1 and that's it.

Is there some reason that I'm not seeing that requires multiple records in activations table for same user? :)

select * from users where persistence_codes like ? | %a3l3eeEsBQCr4OcHNKBpxVPTNylPVQ3H%
please use "explain"

so I have my users and roles all set up, a default user is a Member:

{
    "name" : "Member",
    "permissions" : {
        "user.create" : false,
        "user.delete" : false,
        "user.view"   : true,
        "user.update" : false
    }
}

so any user can view any other user and not able to edit/delete them, but how can I make it so the logged in user if viewing themselves can edit their own data?
I was thinking of "user.self.update" : true but how would I check to see if it is the logged in user for self?

I just tried to implement the sentinel to save and update user using snippet below

$input = Input::get();
            $userdata = array(
                'email'       => $input['email'],
                'password'    => $input['password'],
                'first_name'  => $input['first_name'],
                'last_name'   => $input['last_name'],
            );

            if($input['password'] != $input['confirm_password']){
                throw new Exception("Password and confirmation password not match", 1);
            }

            if(!Sentinel::validForCreation($userdata)){
                throw new Exception("Data not valid for update", 1);
            }


            $user = Sentinel::registerAndActivate($userdata);

I am testing using blank password, and user is created successfully, also Sentinel alowing user to login with blank password

After doing a composer install/update the command php artisan theme:compile is called which results in an error:

{"error":{"type":"Symfony\\Component\\Debug\\Exception\\FatalErrorException","message":"Call to a member function lists() on a non-object","file":"...\\SoldiersController.php","line":88}}

Which reads $groups = Sentinel::getUser()->groups->lists('slug');

The access to this controller is restricted by the auth filter, so I know that there is a logged in user.

Hello!

I try to validate user credentials before register it with Sentinel. I got error message "Method 'validForCreation' not found in class Sentinel" when I try to execute this code:

$credentials = [
    'first_name' => Input::get('first_name'),
    'last_name'  => Input::get('last_name'),
    'email'      => Input::get('email'),
    'password'   => Input::get('password'),
];

if (true === Sentinel::validForCreation($credentials)) {
    return 'User credentials valid';
}

So what I need to do to implement this?

Currently persistence codes are stored in json format on the users table. When checking for a persistence code it has to perform (on average) a half table row scan just to determine the persistence code. As you can imagine, with a large users table this is a considerable performance hit. Ideally, the persistence codes should be split into a separate pivot table like so:

 user_id      persistant_code [indexed]

Hi!

I was using a development version of Sentry 3 in my project and I just migrated to Sentinel. I was using a Role model for groups, as it fits better in my case. Here's the very basic details of that Role model:

<?php

namespace LMS\Models;

use Cartalyst\Sentinel\Groups\EloquentGroup;

class Role extends EloquentGroup
{
    protected $table = 'roles';

    public function users()
    {
        return $this->belongsToMany('LMS\Models\User', 'roles_users', 'role_id', 'user_id')
            ->withTimestamps();
    }
}

In my User model I also override groups() relation and alias it with roles().

It was working so far with Sentry 3.x-dev. Now it's somehow broken, since it's forcing to use default tables. When I tried to login in the app, I got this exception:

[2014-08-03 23:21:21] development.ERROR: exception 'Illuminate\Database\QueryException' with message 'SQLSTATE[42S02]: Base table or view not found: 1146 Table 'lms.groups' doesn't exist (SQL: select `groups`.*, `groups_users`.`user_id` as `pivot_user_id`, `groups_users`.`group_id` as `pivot_group_id`, `groups_users`.`created_at` as `pivot_created_at`, `groups_users`.`updated_at` as `pivot_updated_at` from `groups` inner join `groups_users` on `groups`.`id` = `groups_users`.`group_id` where `groups_users`.`user_id` in (1))' in /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Database/Connection.php:555
Stack trace:
#0 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Database/Connection.php(283): Illuminate\Database\Connection->run('select `groups`...', Array, Object(Closure))
#1 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Database/Query/Builder.php(1360): Illuminate\Database\Connection->select('select `groups`...', Array)
#2 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Database/Query/Builder.php(1350): Illuminate\Database\Query\Builder->runSelect()
#3 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Database/Query/Builder.php(1337): Illuminate\Database\Query\Builder->getFresh(Array)
#4 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Database/Eloquent/Builder.php(415): Illuminate\Database\Query\Builder->get(Array)
#5 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Database/Eloquent/Relations/BelongsToMany.php(144): Illuminate\Database\Eloquent\Builder->getModels()
#6 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Database/Eloquent/Relations/Relation.php(103): Illuminate\Database\Eloquent\Relations\BelongsToMany->get()
#7 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Database/Eloquent/Builder.php(480): Illuminate\Database\Eloquent\Relations\Relation->getEager()
#8 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Database/Eloquent/Builder.php(449): Illuminate\Database\Eloquent\Builder->loadRelation(Array, 'groups', Object(Closure))
#9 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Database/Eloquent/Builder.php(158): Illuminate\Database\Eloquent\Builder->eagerLoadRelations(Array)
#10 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Database/Eloquent/Builder.php(125): Illuminate\Database\Eloquent\Builder->get(Array)
#11 /home/vagrant/lms.app/vendor/cartalyst/sentinel/src/Users/IlluminateUserRepository.php(110): Illuminate\Database\Eloquent\Builder->first()
#12 /home/vagrant/lms.app/vendor/cartalyst/sentinel/src/Sentinel.php(309): Cartalyst\Sentinel\Users\IlluminateUserRepository->findByCredentials(Array)
#13 /home/vagrant/lms.app/workbench/paulofreitas/laravel-media-alchemyst/vendor/illuminate/support/Illuminate/Support/Facades/Facade.php(211): Cartalyst\Sentinel\Sentinel->authenticate(Array, false)
#14 /home/vagrant/lms.app/src/Services/AccountService.php(96): Illuminate\Support\Facades\Facade::__callStatic('authenticate', Array)
#15 /home/vagrant/lms.app/src/Services/AccountService.php(96): Cartalyst\Sentinel\Laravel\Facades\Sentinel::authenticate(Array, false)
#16 /home/vagrant/lms.app/src/Controllers/AccountController.php(98): LMS\Services\AccountService->signin(Array)
#17 [internal function]: LMS\Controllers\AccountController->session()
#18 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Routing/Controller.php(231): call_user_func_array(Array, Array)
#19 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php(93): Illuminate\Routing\Controller->callAction('session', Array)
#20 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php(62): Illuminate\Routing\ControllerDispatcher->call(Object(LMS\Controllers\AccountController), Object(Illuminate\Routing\Route), 'session')
#21 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Routing/Router.php(962): Illuminate\Routing\ControllerDispatcher->dispatch(Object(Illuminate\Routing\Route), Object(Illuminate\Http\Request), 'LMS\\Controllers...', 'session')
#22 [internal function]: Illuminate\Routing\Router->Illuminate\Routing\{closure}()
#23 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Routing/Route.php(109): call_user_func_array(Object(Closure), Array)
#24 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Routing/Router.php(1028): Illuminate\Routing\Route->run(Object(Illuminate\Http\Request))
#25 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Routing/Router.php(996): Illuminate\Routing\Router->dispatchToRoute(Object(Illuminate\Http\Request))
#26 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(776): Illuminate\Routing\Router->dispatch(Object(Illuminate\Http\Request))
#27 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(746): Illuminate\Foundation\Application->dispatch(Object(Illuminate\Http\Request))
#28 /home/vagrant/lms.app/vendor/barryvdh/laravel-debugbar/src/Barryvdh/Debugbar/Middleware.php(34): Illuminate\Foundation\Application->handle(Object(Illuminate\Http\Request), 1, true)
#29 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Session/Middleware.php(72): Barryvdh\Debugbar\Middleware->handle(Object(Illuminate\Http\Request), 1, true)
#30 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Cookie/Queue.php(47): Illuminate\Session\Middleware->handle(Object(Illuminate\Http\Request), 1, true)
#31 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Cookie/Guard.php(51): Illuminate\Cookie\Queue->handle(Object(Illuminate\Http\Request), 1, true)
#32 /home/vagrant/lms.app/vendor/stack/builder/src/Stack/StackedHttpKernel.php(23): Illuminate\Cookie\Guard->handle(Object(Illuminate\Http\Request), 1, true)
#33 /home/vagrant/lms.app/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(642): Stack\StackedHttpKernel->handle(Object(Illuminate\Http\Request))
#34 /home/vagrant/lms.app/public/index.php(49): Illuminate\Foundation\Application->run()
#35 {main} [] []

It seems that somewhere in the implementation it's hard coding relationships, thus breaking any non-expected customization of the internal classes. Shouldn't it enable such customizations just as it was before?

Thanks in advance for any instruction on how I could fix that.

Hi!

After your last update (~20 min ago) Composer rise a fatal error:

Generating autoload files
{"error":{"type":"ErrorException","message":"Argument 1 passed to Cartalyst\Sentinel\Laravel\SentinelServiceProvider::configHitsLottery() must be of the type array, null given, called in /Users/User/Sites/Site/vendor/cartalyst/sentinel/src/Laravel/SentinelServiceProvider.php on line 405 and defined","file":"/Users/User/Sites/Site/vendor/cartalyst/sentinel/src/Laravel/SentinelServiceProvider.php","line":417}}{"error":{"type":"ErrorException","message":"Argument 1 passed to Cartalyst\Sentinel\Laravel\SentinelServiceProvider::configHitsLottery() must be of the type array, null given, called in /Users/User/Sites/Site/vendor/cartalyst/sentinel/src/Laravel/SentinelServiceProvider.php on line 405 and defined","file":"/Users/User/Sites/Site/vendor/cartalyst/sentinel/src/Laravel/SentinelServiceProvider.php","line":417}}{"error":{"type":"ErrorException","message":"Argument 1 passed to Cartalyst\Sentinel\Laravel\SentinelServiceProvider::configHitsLottery() must be of the type array, null given, called in /Users/User/Sites/Site/vendor/cartalyst/sentinel/src/Laravel/SentinelServiceProvider.php on line 405 and defined","file":"/Users/User/Sites/Site/vendor/cartalyst/sentinel/src/Laravel/SentinelServiceProvider.php","line":417}}

Rollback from master-dev to 1.0.* did not help.

Please fix this issue.

Migrating to Sentinel I am stuck in the activation process. The findUserByActivationCode method is missing in Sentinel. You can only activate an account by passing a User object. But people are not logged in when not activated.

What's the correct workflow to activate without logging in? Or should I create a Pull Request with the method ;-)

Greetings.
When I try to composer update, I'm getting the following error:

Your requirements could not be resolved to an installable set of packages.
- Installation request for cartalyst/sentinel 1.0.* -> satisfiable by cartalyst/sentinel[v1.0.0].
- cartalyst/sentinel v1.0.0 requires cartalyst/support ~1 -> no matching package found.

How can I fix this?
Thanks in advance!

I am currently working on a company intranet application and I find that the current “standard” or “strict” role based permission implementations don’t quite work in my situation. Since a large number of users are going to be on the site, I would prefer to keep everything role based, and only in rare cases update an individuals permissions.

I would like to propose an “inverse” permissions setting to the “standard” implementation, so that instead of a user being rejected if any of the permissions are false - I would like a user to be granted access if any of the permissions are true across all the roles they belong to.

The example on the current Sentinel documentation is to have roles for “Admin” / “Moderator” / “User”.

In my example, I have a role for each department, so “HR”, “IT”, “Projects”, “Careers”, “User”, “Finance”, “Quality”, etc.

As an example of my use case, Alice is assigned the default “User” role, she is also assigned to the “Safety” role. Alice is able to [view, edit, download, upload] any information on the User page for safety reasons. The permissions on the role for “Safety” are set to false for all other controller methods, e.g. she is not allowed to create new careers or projects. She is also in the “HR” role in which the permissions for deleting users is set to true.

If Alice wants to delete a user, she will be denied the permission because the "Safety" role permits her from this operation. If we used an “inverse” implementation she would be allowed to perform the action because one of the roles she belongs to (hr) has the permission set to true.

The problem I have is that some users may be an admin of one role/page, moderator of another role, and users of a few more.

It becomes more complicated because we are using the media system as well, and media files are allowed to be set to private and restricted to certain groups, so file-a.jpg might be available to the “HR” and “Projects” users. Because of the logic of the file sharing, I don’t want to alter up the roles too much.

What are your thoughts on this? Is this bad practice to allow permissions to be implemented in such a way, or do you think this be a useful addition to the Sentinel system?

Hi, thanks for adding me. I'm kicking the tires on this, and I must be missing something, because I can't find an obvious way to assign users to groups.

In Sentry, you call addGroup() on the User, but in Sentinel neither the user repository and interface nor the group ones seem to have any methods that are doing the trick. I've tried $user->setGroupsModel($group) and it doesn't seem to persist when I save() the user.

Any hints?

Edit -- NM, I figured it out -- it's back to a vanilla Eloquent model, so

    $userUser = $userGroup->users()->save($userUser);
    $adminUser = $userGroup->users()->save($adminUser);
    $adminUser = $adminGroup->users()->save($adminUser);

I've been given access to Sentinel, but I don't have an active Cartalyst subscription at the moment. I would like to give the feature/updates branch a try, but can't seem to get access to the cartalyst/support package.

Hello,

how this one is achieved?

I have tried: protected php $loginNames = ['username', 'email'];
but no luck, only when using one of them - works, like:
php protected $loginNames = ['username'];
or
php protected $loginNames = ['email'];

but then I only can login using email or username.
ANy help would be appreciated :)

Thanks!

When a user authenticate with a clear password, Sentinel should resave the password hash.

Eg.
I have my current users table with md5 password. I use CallbackHasher() to check md5 password and rehash password using password_hash().

I my users never change there passwords, my table will always have md5 password.

I thick Sentinel should have a needRehash() method into Hashers using Traits.

After a credential login, needRehash() should be called, if it return true, the user object should be saved with the new password hash.

I try to change the password of a user with:

function generatePassword(){
        $password = 'password';
        $credentials = [
            'password' => $password
        ];
  \Sentinel::update($this, $credentials);
        return $password;
}

But the password doesn't change, (the email field does when supplied).

I tried it with a reminder too, it returns true, but doesn't change it.

I am using a custom model extending Cartalyst\Sentinel\Users\EloquentUser.

Any suggestions?

Hello,

why not add this, to migrate up:

$table->foreign('user_id')->references('id')->on('users')->onUpdate('cascade')->onDelete('cascade');
$table->foreign('role_id')->references('id')->on('roles')->onUpdate('cascade')->onDelete('cascade');

and this, to migrate down?

Schema::table('role_users', function(Blueprint $table)
{
    $table->dropForeign('role_users_user_id_foreign');
    $table->dropForeign('role_users_role_id_foreign');
});

This probably should be modified to support custom tables, etc, but in general I am checking the idea of this :)

EDIT.
One more note, that role_users creation should be moved after users table is created.

Thanks!

Sorry for this question but how can i log a user in?

At the docs is states:

$user = Sentinel::findById(1);
Sentinel::login($user);

But how can i log the user in with his email?

Thanks

I hope I can get some help here...

I currently have the following permissions set for an admin role:

"\\App\\Modules\\Blog\\Controllers\\Admin\\BlogController@viewPosts":"1",
"\\App\\Modules\\Blog\\Controllers\\Admin\\BlogController@addPost":"1",
"\\App\\Modules\\Blog\\Controllers\\Admin\\BlogController@editPost":"1",
"\\App\\Modules\\Blog\\Controllers\\Admin\\BlogController@deletePost":"1",
"\\App\\Modules\\Members\\Controllers\\Admin\\GroupController@create":"1",
"\\App\\Modules\\Members\\Controllers\\Admin\\GroupController@edit":"1",
"\\App\\Modules\\Members\\Controllers\\Admin\\GroupController@delete":"1"

While I understand that a user assigned to that role will inherit the role's permissions if he doesnt have any set for him, I am struggling to get this to work properly.

In my filters file, I have the following code:

Route::filter('role.admin.perms', function($route, $request)
{
    $action = $route->getActionName();

    if (Sentinel::hasAccess(addslashes($action)))
    {
        return;
    }

    Session::flash('error', 'Permission denied.');
    return Redirect::route('admin.dashboard');
});

This unfortunately is not working for me. Am I missing something?

Regards

Emmanuel

$this->package() has been deprecated and the configuration loading has been changed

Hello,

I have one question, what would you suggest to do, to make our build process not stopping, because when the phpci tries to build whole project, it has problems accessing sentinel package. and fails with exception. While not using it, our build were running smooth.

Maybe some of you already had this problem and have some suggestions?

Thank you

As of now, the only way to create a role is to retrieve the EloquentRole model from the role repository and call its create() method. Should be pretty straight forward to add the rest of the CRUD methods to the repo interface and Illuminate implementation.

Similarly, when modifying permissions for both Roles and Users, you're recommended to modify the permissions property, then call save(). This functionality can't be ensured via an interface contract, so a setter implementation would help with keeping the library agnostic.

I can help PR both of these later this week, just wanted to get this mentioned before I forgot.

Like the title asks, when are we going to see a stable version of this?

Starting a new project in the next 2 weeks and want to use this if stable. or find something else for the time being.

I'm not sure if you guys are supporting Laravel 5 yet, but I get this error on a fresh build.

exception 'ReflectionException' with message 'Class request does not exist' in /vagrant/conductor-starter/vendor/laravel/framework/src/Illuminate/Container/Container.php:747
Stack trace:
#0 /vagrant/conductor-starter/vendor/laravel/framework/src/Illuminate/Container/Container.php(747): ReflectionClass->__construct('request')
#1 /vagrant/conductor-starter/vendor/laravel/framework/src/Illuminate/Container/Container.php(652): Illuminate\Container\Container->build('request', Array)
#2 /vagrant/conductor-starter/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(478): Illuminate\Container\Container->make('request', Array)
#3 /vagrant/conductor-starter/vendor/laravel/framework/src/Illuminate/Container/Container.php(1102): Illuminate\Foundation\Application->make('request')
#4 /vagrant/conductor-starter/vendor/cartalyst/sentinel/src/Laravel/SentinelServiceProvider.php(113): Illuminate\Container\Container->offsetGet('request')
#5 /vagrant/conductor-starter/vendor/laravel/framework/src/Illuminate/Container/Container.php(275): Cartalyst\Sentinel\Laravel\SentinelServiceProvider->Cartalyst\Sentinel\Laravel\{closure}(Object(Illuminate\Foundation\Application))
#6 /vagrant/conductor-starter/vendor/laravel/framework/src/Illuminate/Container/Container.php(744): Illuminate\Container\Container->Illuminate\Container\{closure}(Object(Illuminate\Foundation\Application), Array)

Thanks!

Travis.com or shippable or codeship.io?

on my shippable.yml file, composer installs the packages, but always fails when installing cartalyst packages, and I'm guessing it has something to do with authentication/ssh key?

for obvious reasons, I don't want to deploy my private key to the server "unless I really need to".

Does anyone has a "recommended" solution for this?

I'm currently transitoning an old application in which I need the CallbackHasher. I am using Laravel 5, so I put the Sentinel::setHasher() in my ApplicationServiceProviders boot method.

Later on (in a login form) the hasher somehow gets set to the NativeHasher again - I checked this by various dd calls.

How can this be? do I need to set the custom hasher in a different provider? I'm currently not able to log in at all.

We can't validate the validity of a reminder code (valid and not already used) or activation code before the ::complete() function.

I guest Reminder::exist() and Activation::exist() should have a second argument to check a particular code.

eg.

    public function exists(UserInterface $user, $code = NULL)
    {
        $expires = $this->expires();

        $activation = $this
            ->createModel()
            ->newQuery()
            ->where('user_id', $user->getUserId())
            ->where('completed', false)
            ->where('created_at', '>', $expires);

        if ($code) {
            $activation->where('code', '=', $code);
        }
        return $activation->first() ?: false;
    }

or have alternative like Reminder::valid()and Activation::valid() that take $user and activation code.

Best regards

Hello all,

We recently updated Sentinel and Laravel to the latest versions through composer update and we are getting this error after update:

• Removing cartalyst/sentinel (dev-master 6749d28)
• Installing cartalyst/sentinel (dev-master d4df203)
  Downloading: 100%

Writing lock file
Generating autoload files
Argument 1 passed to Cartalyst\Sentinel\Laravel\SentinelServiceProvider::configHitsLottery() must be of the type array, null given, called in /HDDNOU/users/alin/coparrot/vendor/cartalyst/sentinel/src/Laravel/SentinelServiceProvider.php on line 411 and defined

Can you please advise ?

Thanks,
Catalin

I notice the Swipe is currently being integrated directly into the core for a 2FA system. I think it would be best to have a 2FA interface itself, that way I for instance can make a package that uses RFC 6238 so that any person already using something like FreeOTP or Google Authenticator can use that. This way developers using the system aren't necessarily tied to one or two providers which come with Sentinel, they can openly integrate with whatever provider they want (or DIY.)

As a side note, Swipe is also stated in the docs as "free" which it actually may not be. There is an upper limit of 5000 users, if a site goes above that then they will need the Enterprise edition which appears late from the date on their site right now.

Hello,

I'm having an issue with the new update of sentinel.
I've updated and published again the new config file of Sentinel package. I changed:

'users' => [
'model' => 'Cartalyst\Sentinel\Users\EloquentUser',
],

I changed the users model my custom User model that extends the Sentinel's EloquentUser model. However, when I use Sentinel::getUser(), it will return the Sentinel's EloquentUser model instead of my app's model.
If I do a dd(Sentinel::getUser()):
object(Cartalyst\Sentinel\Users\EloquentUser)[561]

What Am I doing wrong? It worked fine with the previous update :/
Thanks in advance :)

Am I missing something, or isn't it possible to ban users?

Starting with [89fc486]

I get

Generating autoload files
{"error":{"type":"ErrorException","message":"Argument 1 passed to Cartalyst\\Sentinel\\Laravel\\SentinelServiceProvider::configHitsLottery() must be of the type array, null given, called in \/home\/vagrant\/code\/sbe\/vendor\/cartalyst\/sentinel\/src\/Laravel\/SentinelServiceProvider.php on line 403 and defined","file":"\/home\/vagrant\/code\/sbe\/vendor\/cartalyst\/sentinel\/src\/Laravel\/SentinelServiceProvider.php","line":415}}{"error":{"type":"ErrorException","message":"Argument 1 passed to Cartalyst\\Sentinel\\Laravel\\SentinelServiceProvider::configHitsLottery() must be of the type array, null given, called in \/home\/vagrant\/code\/sbe\/vendor\/cartalyst\/sentinel\/src\/Laravel\/SentinelServiceProvider.php on line 403 and defined","file":"\/home\/vagrant\/code\/sbe\/vendor\/cartalyst\/sentinel\/src\/Laravel\/SentinelServiceProvider.php","line":415}}

A real one this time. Logging in with a nonexistent user gives a not-null constraint error on the THROTTLE table. When I disable the constraint I get an ip row and a global row.