The AuthController.php @limonte has overridden is in App\Http\Controllers\Auth, not in the vendor directory, so Git doesn't ignore this change.
I have added this functions:
public function register() {
return redirect('/');
}
public function showRegistrationForm() {
return redirect('/');
}
and it works correctly.
In Laravel 5.5 is very simple, if you are using CRUD route system.
Go to app/http/controllers/RegisterController there is namespace: Illuminate\Foundation\Auth\RegistersUser
You need to go to the RegistersUser: Illuminate\Foundation\Auth\RegistersUser
There is the method call showRegistrationForm change this: return view('auth.login'); for this: return redirect()->route('auth.login'); and remove from you blade page route call register. It may look like that:
<li role="presentation">
<a class="nav-link" href="{{ route('register') }}">Register</a>
</li>
All I did was replace register blade code with login blade code. That way register still goes to login.
resources/views/auth/register.blade.php is replaced with resources/views/auth/login.blade.php
In Laravel 5.5
I was trying to accomplish the same problem in Laravel 5.5. Instead of using Auth::routes() in the web.php routes file, I only included the login/logout routes:
Route::get('login', 'Auth\LoginController@showLoginForm')->name('login');
Route::post('login', 'Auth\LoginController@login');
Route::post('logout', 'Auth\LoginController@logout')->name('logout');
LAravel 5.6
Auth::routes([
'register' => false, // Registration Routes...
'reset' => false, // Password Reset Routes...
'verify' => false, // Email Verification Routes...
]);
This might be new in 5.7, but there is now an options array to the auth method. Simply changing
Auth::routes();
to
Auth::routes(['register' => false]);
in your routes file after running php artisan make:auth will disable user registration.
For Laravel 5.6+, paste the below methods in app\Http\Controller\Auth\RegisterController
/*
* Disabling registeration.
*
*/
public function register()
{
return redirect('/');
}
/*
* Disabling registeration.
*
*/
public function showRegistrationForm()
{
return redirect('/');
}
Now you're overriding those methods in RegistersUser trait, whenever you change your mind remove these methods. You may also comment the register links in welcome.blade.php and login.blade.php views.
On laravel 5.6 and above you can edit in web.php file
Auth::routes(['verify' => true, 'register' => false]);
and you can make it true if you change your mind, i see it easy this way
I found this to be the easiest solution in laravel 5.6! It redirects anyone who tries to go to yoursite.com/register to yoursite.com
routes/web.php
// redirect from register page to home page
Route::get('/register', function () {
return redirect('/');
});
In laravel 5.3 don't have AuthController.
to disable register route you should change in constructor of RegisterController like this:
You can change form:
public function __construct()
{
$this->middleware('guest');
}
to:
use Illuminate\Support\Facades\Redirect;
public function __construct()
{
Redirect::to('/')->send();
}
Note: for use Redirect don't forget to user Redirect;
So user access to https://host_name/register it's redirect to "/".
When we use php artisan make:auth it's added Auth::route();
automatically.
Please Override Route in /routes/web.php.
You can change it's like this:
* you need to comment this line: Auth::routes();
<?php
/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| This file is where you may define all of the routes that are handled
| by your application. Just tell Laravel the URIs it should respond
| to using a Closure or controller method. Build something great!
|
*/
// Auth::routes();
Route::get('/login', 'Auth\LoginController@showLoginForm' );
Route::post('/login', 'Auth\LoginController@login');
Route::post('/logout', 'Auth\LoginController@logout');
Route::get('/home', 'HomeController@index');
Thanks! I hope it's can solve your problems.
Overwriting the getRegister and postRegister is tricky - if you are using git there is a high possibility that .gitignore is set to ignore framework files which will lead to the outcome that registration will still be possible in your production environment (if laravel is installed via composer for example)
Another possibility is using routes.php and adding this line:
Route::any('/auth/register','HomeController@index');
This way the framework files are left alone and any request will still be redirected away from the Frameworks register module.
If you're using Laravel 5.2 and you installed the auth related functionality with php artisan make:auth then your app/Http/routes.php file will include all auth-related routes by simply calling Route::auth().
The auth() method can be found in vendor/laravel/framework/src/Illuminate/Routing/Router.php. So if you want to do as some people suggest here and disable registration by removing unwanted routes (probably a good idea) then you have to copy the routes you still want from the auth() method and put them in app/Http/routes.php (replacing the call to Route::auth()). So for instance:
<?php
// This is app/Http/routes.php
// Authentication Routes...
Route::get('login', 'Auth\AuthController@showLoginForm');
Route::post('login', 'Auth\AuthController@login');
Route::get('logout', 'Auth\AuthController@logout');
// Registration Routes... removed!
// Password Reset Routes...
Route::get('password/reset/{token?}', 'Auth\PasswordController@showResetForm');
Route::post('password/email', 'Auth\PasswordController@sendResetLinkEmail');
Route::post('password/reset', 'Auth\PasswordController@reset');
If you're using lower version than 5.2 then it's probably different, I remember things changed quite a bit since 5.0, at some point artisan make:auth was even removed IIRC.
In order not too change the code as it is, just create a middleware to detect if the request url is url('register'), then redirect to 404 or do wherever.
This has been mentioned in earlier comments but I would like to clarify that there are multiple ways to access the auth routes in your web.php file in Laravel ^5.7. depending on your version it might look a little different but they achieve the same result.
First option
Route::auth([
'register' => false, // Registration Routes...
'reset' => false, // Password Reset Routes...
'verify' => false, // Email Verification Routes...
]);
Second option
Auth::routes([
'register' => false, // Registration Routes...
'reset' => false, // Password Reset Routes...
'verify' => false, // Email Verification Routes...
]);
In laravel 5.3, you should override the default showRegistrationForm() by including the code below into the RegisterController.php file in app\Http\Controllers\Auth
/**
* Show the application registration form.
*
* @return \Illuminate\Http\Response
*/
public function showRegistrationForm()
{
//return view('auth.register');
abort(404); //this will throw a page not found exception
}
since you don't want to allow registration, it's better to just throw 404 error so the intruder knows he is lost. And when you are ready for registraation in your app, uncomment //return view('auth.register'); then comment abort(404);
\\\\\\\\\\\\\\\\\\\\JUST AN FYI///////////////////////////////
If you need to use multiple authentication like create auth for users, members, students, admin, etc. then i advise you checkout this hesto/multi-auth its an awesome package for unlimited auths in L5 apps.
You can read more abouth the Auth methodology and its associated file in this writeup.
If you are using Laravel 8 with Laravel Breeze, these auth routes are all explicitly listed in routes/auth.php. The registration routes are the first two at the top.
Just comment out the ones you don't want and Laravel takes care of the rest, eg. if you comment out the routes for forgot-password then there will be no "Forgot password?" link shown on the login window.
add
use \Redirect;
at the top of the file
You can find all routes which are registered through Auth::routes() in the class \Illuminate\Routing\Router in the method auth()
it looks like this:
/**
* Register the typical authentication routes for an application.
*
* @return void
*/
public function auth()
{
// Authentication Routes...
$this->get('login', 'Auth\LoginController@showLoginForm')->name('login');
$this->post('login', 'Auth\LoginController@login');
$this->post('logout', 'Auth\LoginController@logout')->name('logout');
// Registration Routes...
$this->get('register', 'Auth\RegisterController@showRegistrationForm')->name('register');
$this->post('register', 'Auth\RegisterController@register');
// Password Reset Routes...
$this->get('password/reset', 'Auth\ForgotPasswordController@showLinkRequestForm')->name('password.request');
$this->post('password/email', 'Auth\ForgotPasswordController@sendResetLinkEmail')->name('password.email');
$this->get('password/reset/{token}', 'Auth\ResetPasswordController@showResetForm')->name('password.reset');
$this->post('password/reset', 'Auth\ResetPasswordController@reset');
}
Just copy the routes that you want/need and you are fine!
In routes.php, just add the following:
if (!env('ALLOW_REGISTRATION', false)) {
Route::any('/register', function() {
abort(403);
});
}
Then you can selectively control whether registration is allowed or not in you .env file.
In Laravel 5.5
Working on a similar issue and setting the middleware argument from guest to 'auth' seemed like a more elegant solution.
Edit File: app->http->Controllers->Auth->RegisterController.php
public function __construct()
{
//replace this
//$this->middleware('guest');
//with this argument.
$this->middleware('auth');
}
I could be wrong though...but it seems more slick than editing the routing with more lines and less shity than simply redirecting the page...at least in this instance, wanting to lock down the registration for guests.
Heres my solution as of 5.4:
//Auth::routes();
// Authentication Routes...
Route::get('login', 'Auth\LoginController@showLoginForm')->name('login');
Route::post('login', 'Auth\LoginController@login');
Route::post('logout', 'Auth\LoginController@logout')->name('logout');
// Registration Routes...
//Route::get('register', 'Auth\RegisterController@showRegistrationForm')->name('register');
//Route::post('register', 'Auth\RegisterController@register');
// Password Reset Routes...
Route::get('password/reset', 'Auth\ForgotPasswordController@showLinkRequestForm')->name('password.request');
Route::post('password/email', 'Auth\ForgotPasswordController@sendResetLinkEmail')->name('password.email');
Route::get('password/reset/{token}', 'Auth\ResetPasswordController@showResetForm')->name('password.reset');
Route::post('password/reset', 'Auth\ResetPasswordController@reset');
Notice I've commented out Auth::routes() and the two registration routes.
Important: you must also make sure you remove all instances of route('register') in your app.blade layout, or Laravel will throw an error.
I guess this would rather be a better solution.
Override the following methods as below mentioned in
App\Http\Controller\Auth\RegisterController.php
use Illuminate\Http\Response;
.
.
.
public function showRegistrationForm()
{
abort(Response::HTTP_NOT_FOUND);
}
public function register(Request $request)
{
abort(Response::HTTP_NOT_FOUND);
}
As of Laravel 5.7 you can pass an array of options to Auth::routes(). You can then disable the register routes with:
Auth::routes(['register' => false]);
You can see how this works from the source code: src/Illuminate/Routing/Router.php.
I had to use:
public function getRegister()
{
return redirect('/');
}
Using Redirect::to() gave me an error:
Class 'App\Http\Controllers\Auth\Redirect' not found
Set Register route false in your web.php.
Auth::routes(['register' => false]);
For Laravel 5.3 and 5.4, here is the proper way to do it:
You have to change:
public function __construct()
{
$this->middleware('guest');
}
to
public function __construct()
{
$this->middleware('auth');
}
in app/Http/Controller/Auth/RegisterController.php
The following method works great:
Copy all the routes from /vendor/laravel/framework/src/Illuminate/Routing/Router.php and paste it into web.php and comment out or delete Auth::routes().
Then setup a conditional to enable and disable registration from .env.
Duplicate the 503.blade.php file in views/errors and create a 403 forbidden or whatever you like.
Add ALLOW_USER_REGISTRATION= to .env and control user registration by setting its value to true or false.
Now you have full control of routes and Vendor files remain untouched.
web.php
//Auth::routes();
// Authentication Routes...
Route::get('login', 'Auth\LoginController@showLoginForm')->name('login');
Route::post('login', 'Auth\LoginController@login');
Route::post('logout', 'Auth\LoginController@logout')->name('logout');
// Registration Routes...
if (env('ALLOW_USER_REGISTRATION', true))
{
Route::get('register', 'Auth\RegisterController@showRegistrationForm')->name('register');
Route::post('register', 'Auth\RegisterController@register');
}
else
{
Route::match(['get','post'], 'register', function () {
return view('errors.403');
})->name('register');
}
// Password Reset Routes...
Route::get('password/reset', 'Auth\ForgotPasswordController@showLinkRequestForm')->name('password.request');
Route::post('password/email', 'Auth\ForgotPasswordController@sendResetLinkEmail')->name('password.email');
Route::get('password/reset/{token}', 'Auth\ResetPasswordController@showResetForm')->name('password.reset');
Route::post('password/reset', 'Auth\ResetPasswordController@reset');
This is a combination of some previous answers notably Rafal G. and Daniel Centore.
Source: Stackoverflow.com