I have some problems with "remember me". It keeps me logged in even if I haven't checked the "remember me" box.
This is my code - LoginController.php:
public function login(Request $request)
{
$request->validate([
'email' => 'required|email',
'password' => 'required|string',
]);
if (Auth::attempt(['email' => $request->input('email'), 'password' => $request->input('password')], $request->has('remember'))) {
return redirect('/');
} else {
return redirect()->back()->withInput()->with('error', 'The email or password is incorrect.');
}
}
login.blade.php:
<div class="card-body">
@if (session('error'))
<div class="alert alert-danger">
{{ session('error') }}
</div>
@endif
<form method="POST" action="{{ route('login') }}">
@csrf
<div class="form-group">
<label for="email">{{ __('Email') }}</label>
<input id="email" type="email" class="form-control" name="email" value="{{ old('email') }}" required autocomplete="email" autofocus>
</div>
<div class="form-group">
<label for="password">{{ __('Password') }}</label>
<input id="password" type="password" class="form-control" name="password" required autocomplete="current-password">
</div>
<div class="form-group">
<input type="checkbox" name="remember" id="remember" {{ old('remember') ? 'checked' : '' }}>
<label for="remember">{{ __('Remember Me') }}</label>
</div>
<div class="form-group">
<button type="submit" class="btn btn-primary">{{ __('Login') }}</button>
</div>
<div class="form-group">
<p>Don't have an account? <a href="{{ route('register') }}">Register</a></p>
</div>
My database has a column called remember_token which should help with the "remember me".
Remember me does not affect the user's identity. Identification takes place directly through the e-mail password or username.
It seems to me you want if the checkbox is not checked the user should not be authorized, but it is not true.