CODEWITHSUNDEEP
laravelauthenticationrouteslaravel-5
Nathan Prins
Nathan Prins

Reputation: 403

Only exposing certain auth routes in Laravel

In Laravel 5.2 authentication is made dead simple and one of the ways it makes authentication simpler is by adding all routes necessary for authentication through one method, this method is Route::auth().

Which is great, but what is the best way of only exposing the ones necessary for login and logout actions and not the registration ones, because I want to have one master login, which can make other accounts to admin the website. But I don't want 'users' in the normal sense.

Upvotes: 2

Views: 5071

Answers (3)

Davit Gyulnazaryan
Davit Gyulnazaryan

Reputation: 811

Method 1.

Add routes in web.php file. For example when your app need only login and logout routes

Route::get('login', 'Auth\AuthController@showLoginForm');
Route::post('login', 'Auth\AuthController@login');
Route::get('logout', 'Auth\AuthController@logout');

Method 2 - There is a better way. Just use the Auth::routes() method and add additional parameters. Same example - App needs just login and logout routes

Auth::routes(['register' => false, 'reset' => false])

Upvotes: 5

Nathan Prins
Nathan Prins

Reputation: 403

If you run have the Route::auth() method in your routes.php and run the php artisan route:list command you can see which routes it defines.

In this case they're: 

+--------+----------+-------------------------+------+----------------------     -------------------------------------------+------------+
| Domain | Method   | URI                     | Name | Action                                                           | Middleware |
+--------+----------+-------------------------+------+-----------------------------------------------------------------+------------+
|        | GET|HEAD | /                       |      | Closure                                                         | web        |
|        | GET|HEAD | home                    |      | App\Http\Controllers\HomeController@index                       | web,auth   |
|        | GET|HEAD | login                   |      | App\Http\Controllers\Auth\AuthController@showLoginForm          | web,guest  |
|        | POST     | login                   |      | App\Http\Controllers\Auth\AuthController@login                  | web,guest  |
|        | GET|HEAD | logout                  |      | App\Http\Controllers\Auth\AuthController@logout                 | web        |
|        | POST     | password/email          |      | App\Http\Controllers\Auth\PasswordController@sendResetLinkEmail | web,guest  |
|        | POST     | password/reset          |      | App\Http\Controllers\Auth\PasswordController@reset              | web,guest  |
|        | GET|HEAD | password/reset/{token?} |      | App\Http\Controllers\Auth\PasswordController@showResetForm      | web,guest  |
|        | GET|HEAD | register                |      | App\Http\Controllers\Auth\AuthController@showRegistrationForm   | web,guest  |
|        | POST     | register                |      | App\Http\Controllers\Auth\AuthController@register               | web,guest  |
+--------+----------+-------------------------+------+-----------------------------------------------------------------+------------+

You can clearly see which are necessary in the URI colum; login (get), login (post) and logout (get).

Remove the Route::auth() method from routes.php and add the following:

Route::get('login', 'Auth\AuthController@showLoginForm');
Route::post('login', 'Auth\AuthController@login');
Route::get('logout', 'Auth\AuthController@logout');

If you do want the already registered admins to be able to manually change their password you would also include those:

Route::post('password/email', 'Auth\PasswordController@sendResetLinkEmail');
Route::post('password/reset', 'Auth\PasswordController@reset');
Route::get('password/reset/{token?}', 'Auth\PasswordController@showResetForm');

Don't forget the tools given to you :)

Upvotes: 2

marcin.g
marcin.g

Reputation: 365

You can add to routes.php without registration route of course.

// Authentication Routes...
//Login Routes...
Route::get('login','AdminAuth\AuthController@showLoginForm');
Route::post('login','AdminAuth\AuthController@login');
Route::get('logout','AdminAuth\AuthController@logout');


// Registration Routes...
Route::get('register', 'Auth\AuthController@showRegistrationForm');


// Password Reset Routes...
Route::get('password/reset/{token?}','Auth\PasswordController@showResetForm');

Upvotes: 3

Related Questions