Files
kulakpos_web/walkthroughs/2026-04-10_cb7addd1_Walkthrough__Login_Issue_Fix.md

38 lines
1.8 KiB
Markdown
Raw Normal View History

2026-05-14 11:55:22 +07:00
# Walkthrough - Login Issue Fix
I have fixed the issue where users were unable to login after running `php artisan serve`. The root cause was that the `AuthenticatedSessionController` was always enforcing ReCaptcha validation, even when `ENABLE_RECAPTCHA=false` was set in the `.env` file.
## Changes
### 1. Conditional ReCaptcha Validation
I modified [AuthenticatedSessionController.php](file:///home/itc43/Documents/HOKBEN_PROJECT/RANGGA/hbvs/app/Http/Controllers/Auth/AuthenticatedSessionController.php) to:
- Check the `ENABLE_RECAPTCHA` environment variable before performing any ReCaptcha-related logic.
- Added a check for the success status returned by Google's ReCaptcha API (previously it was ignored).
- Used `env('RECAPTCHA_SECRET_KEY')` with a fallback to allow configuring the secret through `.env`.
```php
if (env('ENABLE_RECAPTCHA', true)) {
$token = $request->input('g-recaptcha-response');
if (!$token) {
return back()->with('error', 'Harap centang Captcha sebelum melanjutkan!')->withInput();
}
// ... (ReCaptcha API call)
if (!isset($hasilGoogle['success']) || !$hasilGoogle['success']) {
return back()->with('error', 'Captcha validasi gagal!')->withInput();
}
}
```
## Verification Results
### Logic Check
- The `login.blade.php` file already had a conditional check for `@if (env('ENABLE_RECAPTCHA', true))`.
- By adding the same check to the controller, the two are now synchronized.
- Since `.env` has `ENABLE_RECAPTCHA=false`, the login process will now bypass ReCaptcha validation entirely, allowing users to login with just their email and password.
### User Verification
- Please attempt to login now. You should no longer be redirected back with a "Harap centang Captcha" error when ReCaptcha is disabled.