Reputation: 1975
Laravel web middleware group shows pages when user not logged in
I'm in the process of upgrading our web app from laravel 4.2 to laravel 5.2. I've managed to solve most of the problems but this particular problem is leading me in loops.
This is how the route group for admin dashboard looks like:
Route::group(['middleware' => 'web','prefix' => 'adm'], function ()
{
Route::get('login', ['as' => 'admin.login.view', 'uses' => 'AdminLoginController@loginView']);
Route::post('login', ['as' => 'admin.login.attempt', 'uses' => 'AdminLoginController@attempt']);
Route::get('logout', ['as' => 'admin.logout', 'uses' => 'AdminLoginController@logout']);
...other routes pertaining to admin dashboard
}
The login functions and all functions within the admin panel work as expected. The only problem is when the user logs out, any one can access the remaining routes in the admin panel (no login required). I have placed Auth::check() and checked for auth in various controllers, the login and logout work as expected.
Auth::check() fails if user is not logged in and passes if user has logged in. How do I make sure all the routes within this group are accessible only to logged in users. I have tried creating another middleware called authAdmin and tried to use that instead of the web middleware. In that case I can't even login.
Upvotes: 0
Views: 2945
Answers (1)
Reputation: 513
I create new middleware for login and in the page look like this
namespace App\Http\Middleware;
use Closure;
class Login
{
public function handle($request, Closure $next)
{
$messages = config('message');
if ($request->session()->has('userId')) {
return $next($request);
}
return redirect('/')->withErrors("Please login first");
}
}
In Kenel.php register Login class
protected $routeMiddleware = [
'login' => \App\Http\Middleware\Login::class,
...
In route file
Route::group(['middleware' => ['web'],'prefix' => 'adm'], function () {
Route::get('login', ['as' => 'admin.login.view', 'uses' => 'AdminLoginController@loginView']);
Route::post('login', ['as' => 'admin.login.attempt', 'uses' => 'AdminLoginController@attempt']);
Route::get('logout', ['as' => 'admin.logout', 'uses' => 'AdminLoginController@logout']);
Route::group(['middleware' => 'login'], function () {
[Your other route here]
});
)};
Hope this help
Upvotes: 1
Related Questions
- Laravel Middleware except with Route::group
- Laravel 7: How to prevent middleware Authenticate from redirecting when user is not authenticated?
- Laravel middleware doesnt work to filter logged users
- Laravel middleware does not recognize user is logged in
- Laravel Blade Display Only if Not Logged In
- Laravel problem with users which are disabled, still can log in
- Auth::guest() returns true for both logged in and logged out users
- Laravel 5.5 group middleware redirected you too many times
- Laravel route group page redirects to home
- No logged in user in Authenticate middleware but in other Middlewares