1.8 KiB
1.8 KiB
Walkthrough - Login Issue Fix
I have fixed the issue where users were unable to login after running php artisan serve. The root cause was that the AuthenticatedSessionController was always enforcing ReCaptcha validation, even when ENABLE_RECAPTCHA=false was set in the .env file.
Changes
1. Conditional ReCaptcha Validation
I modified AuthenticatedSessionController.php to:
- Check the
ENABLE_RECAPTCHAenvironment variable before performing any ReCaptcha-related logic. - Added a check for the success status returned by Google's ReCaptcha API (previously it was ignored).
- Used
env('RECAPTCHA_SECRET_KEY')with a fallback to allow configuring the secret through.env.
if (env('ENABLE_RECAPTCHA', true)) {
$token = $request->input('g-recaptcha-response');
if (!$token) {
return back()->with('error', 'Harap centang Captcha sebelum melanjutkan!')->withInput();
}
// ... (ReCaptcha API call)
if (!isset($hasilGoogle['success']) || !$hasilGoogle['success']) {
return back()->with('error', 'Captcha validasi gagal!')->withInput();
}
}
Verification Results
Logic Check
- The
login.blade.phpfile already had a conditional check for@if (env('ENABLE_RECAPTCHA', true)). - By adding the same check to the controller, the two are now synchronized.
- Since
.envhasENABLE_RECAPTCHA=false, the login process will now bypass ReCaptcha validation entirely, allowing users to login with just their email and password.
User Verification
- Please attempt to login now. You should no longer be redirected back with a "Harap centang Captcha" error when ReCaptcha is disabled.