Exclude route from Laravel authentication

Question

After running php artisan make:auth all the required routes are in the route.php file, but is it possible to remove one (I want to remove the register route)?

Currently I have

Route::group(['middleware' => 'web'], function () {
    Route::auth();
});

I know that Route::auth() is a shortcut to add all the routes. Should I specify the routes myself instead of using the shortcut?

Answer 1

In the new releases you can do it like so (in your web.php file):

Auth::routes(['register'=>false]);

Answer 2

You can add a redirect to the /register route like so:

<?php

Auth::routes();

// prevent registration, this needs to be after Auth::routes()
Route::redirect('register', '/home', 301);

Answer 3

I just YOLO and change this in the RegisterController.php

public function __construct()
{
    $this->middleware('guest');
}

to this

public function __construct()
{
    $this->middleware('auth');
}

This makes the register page require you to be loged in to reach it.

It's a hack. But it is a good hack.

EDIT: and just add this to your seeder to make life easier:

    $u1= new App\User;
    $u1->name = 'Your name';
    $u1->email = 'your@mail.com';
    $u1->password = bcrypt('yourPassword');
    $u1->save();

Answer 4

As Mark Davidson said, it's not possible out of the box. But this is how I have handled.

Now it might be overkill, but I pass along an array of what is needed. If no parameters are passed, then default routes are created.

// Include the authentication and password routes
Route::auth(['authentication', 'password']);

/**
 * Register the typical authentication routes for an application.
 *
 * @param array $options
 * @return void
 */
public function auth(array $options = [])
{
    if ($options) {
        // Authentication Routes...
        if (in_array('authentication', $options)) {
            $this->get('login', 'Auth\AuthController@showLoginForm');
            $this->post('login', 'Auth\AuthController@login');
            $this->get('logout', 'Auth\AuthController@logout');
        }

        // Registration Routes...
        if (in_array('registration', $options)) {
            $this->get('register', 'Auth\AuthController@showRegistrationForm');
            $this->post('register', 'Auth\AuthController@register');
        }

        // Password Reset Routes...
        if (in_array('password', $options)) {
            $this->get('password/reset/{token?}', 'Auth\PasswordController@showResetForm');
            $this->post('password/email', 'Auth\PasswordController@sendResetLinkEmail');
            $this->post('password/reset', 'Auth\PasswordController@reset');
        }
    } else {
        // Authentication Routes...
        $this->get('login', 'Auth\AuthController@showLoginForm');
        $this->post('login', 'Auth\AuthController@login');
        $this->get('logout', 'Auth\AuthController@logout');

        // Registration Routes...
        $this->get('register', 'Auth\AuthController@showRegistrationForm');
        $this->post('register', 'Auth\AuthController@register');

        // Password Reset Routes...
        $this->get('password/reset/{token?}', 'Auth\PasswordController@showResetForm');
        $this->post('password/email', 'Auth\PasswordController@sendResetLinkEmail');
        $this->post('password/reset', 'Auth\PasswordController@reset');
    }
}

For your case, you can probably just pass a boolean as parameter instead of an array. If the boolean is true then do not load the register routes, otherwise load everything.

Hope it helps.

Answer 5

Unfortunately you can't exclude register with the current implementation of Route::auth().

You would have to specify all the routes manually so

// Authentication Routes...
$this->get('login', 'Auth\AuthController@showLoginForm');
$this->post('login', 'Auth\AuthController@login');
$this->get('logout', 'Auth\AuthController@logout');

// Password Reset Routes...
$this->get('password/reset/{token?}', 'Auth\PasswordController@showResetForm');
$this->post('password/email', 'Auth\PasswordController@sendResetLinkEmail');
$this->post('password/reset', 'Auth\PasswordController@reset');

I think this is a fairly common thing to want to do it would be nice if there was a parameter to the auth method to say without register maybe you could submit a pull-request to the project.