first(); if (!$user || $user->pass !== md5($credentials['password'])) { return ['success' => false, 'error_key' => 'mail', 'error_msg' => __('auth.failed')]; } // Log the user in manually Auth::login($user); $request->session()->regenerate(); if ($user->status != User::STATUS_ACTIVE) { Auth::logout(); return ['success' => false, 'error_key' => 'mail', 'error_msg' => __('auth.inactive')]; } return ['success' => true, 'user' => $user]; } public function logout(Request $request): void { Auth::logout(); $request->session()->invalidate(); $request->session()->regenerateToken(); } public function getRedirectRouteForUser(User $user): string { if ($user->first_login == User::FIRST_LOGIN_TRUE) { return route('user.change_password'); } return route('user.dashboard'); } }