Laravel auth on all requests (global auth?)

Question

I am working on a Laravel project which is only intended to be used by backend admin staff. So, there is no separation of "standard user" and "admin user". So, I want to implement some sort of global auth filter on the entire project.

What I have so far is this on by app/routes.php

 'home', function () {
    return View::make('hello');
}))->before('auth');

/*
 * Global Auth Filter - All Guests Go To Login
 */
Route::filter('auth', function($route, $request) {
    if (Auth::guest())
        return Redirect::guest('login')
            ->with('login_error', 'Login required!');
});

/*
 * Login Route Handler
 */ 
Route::get('login', array('as' => 'login', function () {
    if (Auth::check())
        return Redirect::route('home');
    return View::make('login');
}))->before('guest');

/*
 * Login Post Event Handler
 */
Route::post('login', function ()
{
    // Parse form data
    $user = array(
        'username' => Input::get('username'),
        'password' => Input::get('password')
    );

    // Try to login user
    if (Auth::attempt($user))
    {
        // login success
        return Redirect::route('home');
    }
    else
    {
        // Login error
        return Redirect::route('login')
            ->withInput()
            ->with('login_error', 'Invalid username and/or password!');
    }
});

/*
 * Logout Route Handler
 */
Route::get('logout', array('as' => 'logout', function () {
    Session::flush();
    return Redirect::route('home');
}))->before('auth');

This works fine. If I got to the / page, it redirects me to /login route and from there I can login. Once logged in, I have a /logout link on the hello view and that also works (i.e. logging out).

This code above is my test code. In the real application I am working on (taking over the project from previous developer), the routes app/routes.php are setup like this:



My question #1 is, how do I apply a "global" auth on requests with this app/routes.php? As the real application routes code seems to be different from what I have worked out in my test code..

Question #2 - Looking at my test code, can someone tell me at which point this filter gets executed:

Route::filter('auth', function($route, $request) { ... });


This code concept was taken out of a tutorial I was reading, but I noticed that my test code continues to work fine - even if I remove this code block. So, I am not entirely sure in which scenario the above code block is being executed.

Laurence · Accepted Answer

Route filters are disabled when in the testing environment. To enable them, add Route::enableFilters() to your test.

To add a global auth filter - you could do this:

Route::get('/login')... //rest of code here
Route::get('logout')... //rest of code here

Route::group(array('before' => 'auth'), function()
{
    Route::controller('dev', 'DevController');
    Route::controller('orders', 'OrdersController');
    ...
    Route::controller('api/notes', 'NotesAPIController');
    Route::get('/', function() {
           return View::make('dashboard');
    });
});

Laravel auth on all requests (global auth?)

Answers (1)

Related Questions