Referencing issue #546

[joaoribeiro-controlink]

Fortify Version

1.21.3

Laravel Version

11.11.0

PHP Version

8.2.5

Database Driver & Version

MySQL 8

Description

Fortify does not make a successful authentication if the "remember" field is not passed as true.

I found that the problem is because the User model hasUuids trait on it.

Steps To Reproduce

Adding this to the FortifyServiceProvider on the boot method:

Fortify::authenticateUsing(function (Request $request) {
  if(Auth::attempt($request->only('username', 'password'), $request->filled('remember'))){
      // Regenerate the session to avoid session fixation
      $request->session()->regenerate();
  
      // Return the authenticated user instance
      return Auth::user();
  }
  
  return null;
});

[driesvints]

Heya, thanks for reporting.

We'll need more info and/or code to debug this further. Can you please create a repository with the command below, commit the code that reproduces the issue as one separate commit on the main/master branch and share the repository here? Please make sure that you have the latest version of the Laravel installer in order to run this command. Please also make sure you have both Git & the GitHub CLI tool properly set up.

laravel new bug-report --github="--public"

Please do not amend and create a separate commit with your custom changes. After you've posted the repository, we'll try to reproduce the issue.

Thanks!

[joaoribeiro-controlink]

Hey,
I follow your request

Repo link: https://github.com/joaoribeiro-controlink/laravel-bugreport-hasuuid

[joaoribeiro-controlink]

I only installed laravel/fortify and laravel/breeze, at the moment authentication is only possible if the remember checkbox is checked

[driesvints]

I'm sorry @joaoribeiro-controlink but that's way too much changes in a single commit. I can't possible tell what your custom changes are. Please re-create the repo and commit anything installer/jetstream setup separately and all of your custom changes like the UUID changes you mention in a separate commit for me to review.

[joaoribeiro-controlink]

@driesvints The only thing I did is this:

The rest has been made by fortify and breeze

[crynobone]

@joaoribeiro-controlink Laravel Breeze doesn't use Laravel Fortify. So Fortify::authenticateUsing() is not going to be used when authenticating using Breeze.

[driesvints]

Yeah I think there's still some things missing here. It might be best if you first try a support channel:

• Laracasts Forums
• Laravel.io Forums
• StackOverflow
• Discord or InertiaJS Discord for Inertia questions
• Larachat
• IRC

[joaoribeiro-controlink]

That's a way to close the ticket...

Just try it on a new project, add the trait HasUuids to the user model and the login will not work...

The breeze is just a UI start package...

[crynobone]

Breeze doesn't use Fortify and therefore this report is invalid.

And no, Breeze not just a UI package as install it's own set of Controllers https://github.com/laravel/breeze/blob/2.x/stubs/default/app/Http/Controllers/Auth/AuthenticatedSessionController.php

[joaoribeiro-controlink]

@crynobone Right, so try to use this Trait on a clean Laravel installation and check if it work as suppose.. Basically, fortify will only authenticate if the remember is passed as true if not, it happears that the auth session expire in the next second after the login

[crynobone]

I been developing a project on Fortify this week and doesn't have this issue.