overridden authenticated method in Login Controlle

I'm trying to override the authenticated method in the Login Controller but somehow it isn't working. I just tried to simply dd(); but still it doesn't work.

Below is my function code:

public function authenticated(Request $request, $user)
{
    dd("hi");
}

What I actually wish to do is as below, but just for simplicity sake, I have dd(); in the function.

public function authenticated(Request $request, $user)
{
    if (!$user->verified) {
        auth()->logout();
        return back()->with('warning', 'You need to confirm your account. We have sent you an activation code, please check your email.');
    }
    return redirect()->intended($this->redirectPath());
}

Whole controller:

<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Auth;
use App\Mail\WelcomeMail;
use Illuminate\Support\Facades\Mail;

class LoginController extends Controller
{
/*
|--------------------------------------------------------------------------
| Login Controller
|--------------------------------------------------------------------------
|
| This controller handles authenticating users for the application and
| redirecting them to your home screen. The controller uses a trait
| to conveniently provide its functionality to your applications.
|
*/

use AuthenticatesUsers;

/**
 * Where to redirect users after login.
 *
 * @var string
 */

protected $redirectTo = '/home';

/**
 * Create a new controller instance.
 *
 * @return void
 */
public function __construct()
{
    $this->middleware('guest')->except('logout');
}

public function login(Request $request)
{
    if (Auth::attempt(['email' => $request->email, 'password' => $request->password, 'isActive' => '1']))
    {
        return view('homepage');
    }
    else
    {
        return $this->sendFailedLoginResponse($request, 'auth.failed_status');
    }
}


protected function authenticated(Request $request, $user)
{
    dd("HI");
  // auth()->logout();
  return back()->with('warning', 'You need to confirm your account. We have sent you an activation code, please check your email.');

// if(!$user->verified)
// {
//   auth()->logout();
//   // Auth::logout();
//   // \Auth::guard('web')->logout();
//   // added logout here
//   return back()->with('warning', 'You need to confirm your account. We have sent you an activation code, please check your email.');
// }
// return redirect()->intended($this->redirectPath());
 }
}

Kindly ignore the extra commented code in the authenticated function in the controller.

That's because you are overwriting the login function, hence the authenticated function is never called.

If you take a look at the trait:

public function login(Request $request)
{
    $this->validateLogin($request);

    // If the class is using the ThrottlesLogins trait, we can automatically throttle
    // the login attempts for this application. We'll key this by the username and
    // the IP address of the client making these requests into this application.
    if ($this->hasTooManyLoginAttempts($request)) {
        $this->fireLockoutEvent($request);

        return $this->sendLockoutResponse($request);
    }

    if ($this->attemptLogin($request)) {
        return $this->sendLoginResponse($request);
    }

    // If the login attempt was unsuccessful we will increment the number of attempts
    // to login and redirect the user back to the login form. Of course, when this
    // user surpasses their maximum number of attempts they will get locked out.
    $this->incrementLoginAttempts($request);

    return $this->sendFailedLoginResponse($request);
}

As you can see, the function sendLoginResponse is the one that is calling the authenticated function.

protected function sendLoginResponse(Request $request)
{
    $request->session()->regenerate();

    $this->clearLoginAttempts($request);

    return $this->authenticated($request, $this->guard()->user())
            ?: redirect()->intended($this->redirectPath());
}

Therefore, in your case, it should be something like this, to regenerate the session and clear the attempts:

return $this->sendLoginResponse($request);

Or if you want to skip directly to the authenticated function:

return $this->authenticated($request, auth()->user());

And your function should look like this:

public function login(Request $request)
{
    if (Auth::attempt(['email' => $request->email, 'password' => $request->password, 'isActive' => '1']))
    {
        // Updated this line
        return $this->sendLoginResponse($request);

        // OR this one
        // return $this->authenticated($request, auth()->user());
    }
    else
    {
        return $this->sendFailedLoginResponse($request, 'auth.failed_status');
    }
}