extend laravel 5 built-in authentication to login only “if user == active”

Question

I use the included authentication of laravel 5.1.6 and want to know how I can extend it, to work like this:

if (Auth::attempt([\'email\' => $email, \'password         


        

Answer 1

I have now changed the auth middleware /app/Http/Middleware/Authenticate.php (added the block below the comment):

/**
 * Handle an incoming request.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  \Closure  $next
 * @return mixed
 */
public function handle($request, Closure $next)
{
    if ($this->auth->guest())
    {
        if ($request->ajax())
        {
            return response('Unauthorized.', 401);
        }
        else
        {
            return redirect()->guest('auth/login');
        }
    }

    #logout if user not active
    if($this->auth->check() && $this->auth->user()->active !== 1){
        $this->auth->logout();
        return redirect('auth/login')->withErrors('sorry, this user account is deactivated');
    }

    return $next($request);
}

It seems, it also logs out inactive users if they were already logged in.