I have developed an application using Laravvel-5.8.
I have developed the application for just a single company whereby each table have a company_id derived from the company table as shown below:
class Company extends Model
{
protected $table = 'companies';
protected $fillable = [
'id',
'company_name',
'subdomain',
];
}
class User extends Authenticatable
{
protected $fillable = [
'name',
'company_id',
'email',
];
}
and the route/web.php looks like this:
Route::get('/', ['as' => '/', 'uses' => 'IndexController#getLogin']);
Auth::routes();
Route::get('/dashboard', 'HomeController#index')->name('dashboard');
// Config Module
Route::group(['prefix' => 'config', 'as' => 'config.', 'namespace' => 'Config', 'middleware' => ['auth']], function () {
Route::resource('countries', 'ConfigCountriesController');
Route::resource('nationalities', 'ConfigNationalitiesController');
});
// HR Module
Route::group(['prefix' => 'hr', 'as' => 'hr.', 'namespace' => 'Hr', 'middleware' => ['auth']], function () {
Route::resource('designations', 'HrDesignationsController');
Route::resource('departments', 'HrDepartmentsController');
Route::resource('employee_categories', 'HrEmployeeCategoriesController');
});
The main route is :
Route::get('/', ['as' => '/', 'uses' => 'IndexController#getLogin']);
which gives localhost:8888/myapp
config/app.php:
'env' => env('APP_ENV', 'production'),
'url' => env('APP_URL', 'localhost:8888/myapp'),
'asset_url' => env('ASSET_URL', null),
I'm asked to add sub-domains where each will see the data based on the company_id in each table
localhost:8888/myapp
localhost:8888/company1.myapp
localhost:8888/company2.myapp
All will use:
Route::get('/', ['as' => '/', 'uses' => 'IndexController#getLogin']);
After successful login will redirect to:
Route::get('/dashboard', 'HomeController#index')->name('dashboard');
Also each will only see it's data based on company_id
companies table:
id | company_name | subdomain
1 | Main |
2 | Company1 | company1
3 | Company2 | company2
Main=> localhost:8888/myapp
Company1=>localhost:8888/company1.myapp
Company2=>localhost:8888/company2.myapp
How do I modify:
route/web.php
config/app.php
to achieve this?
Thanks
There are two methods by which It can be done.
By Middleware
As per your question, login page urls can be localhost:8888/myapp, localhost:8888/company1.myapp, or localhost:8888/company2.myapp
Using middleware, we will keep the company name in the session using middleware. You can use it from session.
php artisan make:middleware VerifyDomain
will create a domain
<?php
namespace App\Http\Middleware;
use Closure;
class VerifyDomain
{
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure $next
* #return mixed
*/
public function handle($request, Closure $next)
{
$domain == "myapp"; // your company app name
$path = $request->getPathInfo(); // should return /company1.myapp or /company2.myapp or /myapp
if (strpos($path, ".") !== false) { // if path has dot.
list($subdomain, $main) = explode('.', $path);
if(strcmp($domain, $main) !== 0){
abort(404); // if domain is not myapp then throw 404 page error
}
} else{
if(strcmp($domain, $path) !== 0){
abort(404); // if domain is not myapp then throw 404 page error
}
$subdomain = ""; // considering for main domain value is empty string.
}
$company = Company::where('company_name', $subdomain)->firstOrFail(); // if not found then will throw 404
$request->session()->put('company_name', $company); //store it in session
return $next($request);
}
}
Then add it to route middleware.
In your controller you can redirect to different dashboards as per the company names stored in session.
In route groups
Route::domain('localhost:8888/myapp')->group(function () {
Route::get('/', function ($id) {
//
});
});
Route::domain('localhost:8888/{company_name}.myapp')->group(function () {
Route::get('/', function ($company_name, $id) {
$company = Company::where('company_name', $company_name)->firstOrFail();
// send the value of $company to data to send different view data
});
});
Related
I am using Laravel 8 with the Jetstream and Fortify authentication module. All the auth module works, on the other hand I was in the process of making the site in multi-languages, and I found myself with errors in authentication.
My problem today is the following, when the user finishes registering, he must check his email, or Laravel tells me the following error :
> Illuminate\Routing\Exceptions\UrlGenerationException
Missing required parameter for [Route: verification.verify] [URI: {locale}/email/verify/{id}/{hash}] [Missing parameter: locale].
But, for the others routes like /en/login, /en/register, /en/user/profile ..., they work fine ! The error is just for the email validation, please help, thanks. To have control over my authentication routes, I ignored the default JetStream & Fortify routes in the app/providers
routes/web.php
<?php
use Illuminate\Support\Facades\Route;
Route::get('/', function(){
return redirect()->route('home-locale', app()->getLocale());
})->name('home');
Route::group([
'prefix' => '{locale}',
'where' => ['locale' => '[a-zA-Z]{2}']], function(){
Route::get('/', 'HomeController#index')->name('home-locale');
Auth::routes();
});
Route::get('/index', 'HomeController#index');
Route::post('/map-agents','MapController#ajaxRequestMap')->name('*','map.agents');
Route::post('/map-agents/agents','MapController#ajaxRequestAgent');
Route::group([
'middleware' => ['auth:sanctum', 'verified'],
'prefix' => '{locale}',
'where' => ['locale' => '[a-zA-Z]{2}']],
function (){
Route::get('/dashboard', 'DashboardController#index')->name('dashboard');
});
Route::group([
'middleware' => ['auth'],
'prefix' => '{locale}',
'where' => ['locale' => '[a-zA-Z]{2}']],
function (){
Route::resource('agents', AgentsController::class);
});
routes/fortify.php
<?php
use Illuminate\Support\Facades\Route;
use Laravel\Fortify\Features;
use Laravel\Fortify\Http\Controllers\AuthenticatedSessionController;
use Laravel\Fortify\Http\Controllers\ConfirmablePasswordController;
use Laravel\Fortify\Http\Controllers\ConfirmedPasswordStatusController;
use Laravel\Fortify\Http\Controllers\EmailVerificationNotificationController;
use Laravel\Fortify\Http\Controllers\EmailVerificationPromptController;
use Laravel\Fortify\Http\Controllers\NewPasswordController;
use Laravel\Fortify\Http\Controllers\PasswordController;
use Laravel\Fortify\Http\Controllers\PasswordResetLinkController;
use Laravel\Fortify\Http\Controllers\ProfileInformationController;
use Laravel\Fortify\Http\Controllers\RecoveryCodeController;
use Laravel\Fortify\Http\Controllers\RegisteredUserController;
use Laravel\Fortify\Http\Controllers\TwoFactorAuthenticatedSessionController;
use Laravel\Fortify\Http\Controllers\TwoFactorAuthenticationController;
use Laravel\Fortify\Http\Controllers\TwoFactorQrCodeController;
use Laravel\Fortify\Http\Controllers\VerifyEmailController;
Route::group([
'middleware' => config('fortify.middleware', ['web']),
'prefix' => '{locale}',
'where' => ['locale' => '[a-zA-Z]{2}']],
function () {
$enableViews = config('fortify.views', true);
// Authentication...
if ($enableViews) {
Route::get('/login', [AuthenticatedSessionController::class, 'create'])
->middleware(['guest'])
->name('login');
}
$limiter = config('fortify.limiters.login');
$twoFactorLimiter = config('fortify.limiters.two-factor');
Route::post('/login', [AuthenticatedSessionController::class, 'store'])
->middleware(array_filter([
'guest',
$limiter ? 'throttle:'.$limiter : null,
]));
Route::post('/logout', [AuthenticatedSessionController::class, 'destroy'])
->name('logout');
// Password Reset...
if (Features::enabled(Features::resetPasswords())) {
if ($enableViews) {
Route::get('/forgot-password', [PasswordResetLinkController::class, 'create'])
->middleware(['guest'])
->name('password.request');
Route::get('/reset-password/{token}', [NewPasswordController::class, 'create'])
->middleware(['guest'])
->name('password.reset');
}
Route::post('/forgot-password', [PasswordResetLinkController::class, 'store'])
->middleware(['guest'])
->name('password.email');
Route::post('/reset-password', [NewPasswordController::class, 'store'])
->middleware(['guest'])
->name('password.update');
}
// Registration...
if (Features::enabled(Features::registration())) {
if ($enableViews) {
Route::get('/register', [RegisteredUserController::class, 'create'])
->middleware(['guest'])
->name('register');
}
Route::post('/register', [RegisteredUserController::class, 'store'])
->middleware(['guest']);
}
// Email Verification...
if (Features::enabled(Features::emailVerification())) {
if ($enableViews) {
Route::get('/email/verify', [EmailVerificationPromptController::class, '__invoke'])
->middleware(['auth'])
->name('verification.notice');
}
Route::get('/email/verify/{id}/{hash}', [VerifyEmailController::class, '__invoke'])
->middleware(['auth', 'signed', 'throttle:6,1'])
->name('verification.verify');
Route::post('/email/verification-notification', [EmailVerificationNotificationController::class, 'store'])
->middleware(['auth', 'throttle:6,1'])
->name('verification.send');
}
// Profile Information...
if (Features::enabled(Features::updateProfileInformation())) {
Route::put('/user/profile-information', [ProfileInformationController::class, 'update'])
->middleware(['auth'])
->name('user-profile-information.update');
}
// Passwords...
if (Features::enabled(Features::updatePasswords())) {
Route::put('/user/password', [PasswordController::class, 'update'])
->middleware(['auth'])
->name('user-password.update');
}
// Password Confirmation...
if ($enableViews) {
Route::get('/user/confirm-password', [ConfirmablePasswordController::class, 'show'])
->middleware(['auth'])
->name('password.confirm');
Route::get('/user/confirmed-password-status', [ConfirmedPasswordStatusController::class, 'show'])
->middleware(['auth'])
->name('password.confirmation');
}
Route::post('/user/confirm-password', [ConfirmablePasswordController::class, 'store'])
->middleware(['auth']);
// Two Factor Authentication...
if (Features::enabled(Features::twoFactorAuthentication())) {
if ($enableViews) {
Route::get('/two-factor-challenge', [TwoFactorAuthenticatedSessionController::class, 'create'])
->middleware(['guest'])
->name('two-factor.login');
}
Route::post('/two-factor-challenge', [TwoFactorAuthenticatedSessionController::class, 'store'])
->middleware(array_filter([
'guest',
$twoFactorLimiter ? 'throttle:'.$twoFactorLimiter : null,
]));
$twoFactorMiddleware = Features::optionEnabled(Features::twoFactorAuthentication(), 'confirmPassword')
? ['auth', 'password.confirm']
: ['auth'];
Route::post('/user/two-factor-authentication', [TwoFactorAuthenticationController::class, 'store'])
->middleware($twoFactorMiddleware);
Route::delete('/user/two-factor-authentication', [TwoFactorAuthenticationController::class, 'destroy'])
->middleware($twoFactorMiddleware);
Route::get('/user/two-factor-qr-code', [TwoFactorQrCodeController::class, 'show'])
->middleware($twoFactorMiddleware);
Route::get('/user/two-factor-recovery-codes', [RecoveryCodeController::class, 'index'])
->middleware($twoFactorMiddleware);
Route::post('/user/two-factor-recovery-codes', [RecoveryCodeController::class, 'store'])
->middleware($twoFactorMiddleware);
}
});
routes/jetstream.php
<?php
use Illuminate\Support\Facades\Route;
use Laravel\Jetstream\Http\Controllers\CurrentTeamController;
use Laravel\Jetstream\Http\Controllers\Livewire\ApiTokenController;
use Laravel\Jetstream\Http\Controllers\Livewire\PrivacyPolicyController;
use Laravel\Jetstream\Http\Controllers\Livewire\TeamController;
use Laravel\Jetstream\Http\Controllers\Livewire\TermsOfServiceController;
use Laravel\Jetstream\Http\Controllers\Livewire\UserProfileController;
use Laravel\Jetstream\Http\Controllers\TeamInvitationController;
use Laravel\Jetstream\Jetstream;
Route::group(
[
'middleware' => config('jetstream.middleware', ['web']),
'prefix' => '{locale}',
'where' => ['locale' => '[a-zA-Z]{2}']],
function () {
if (Jetstream::hasTermsAndPrivacyPolicyFeature()) {
Route::get('/terms-of-service', [TermsOfServiceController::class, 'show'])->name('terms.show');
Route::get('/privacy-policy', [PrivacyPolicyController::class, 'show'])->name('policy.show');
}
Route::group(['middleware' => ['auth', 'verified']], function () {
// User & Profile...
Route::get('/user/profile', [UserProfileController::class, 'show'])
->name('profile.show');
// API...
if (Jetstream::hasApiFeatures()) {
Route::get('/user/api-tokens', [ApiTokenController::class, 'index'])->name('api-tokens.index');
}
// Teams...
if (Jetstream::hasTeamFeatures()) {
Route::get('/teams/create', [TeamController::class, 'create'])->name('teams.create');
Route::get('/teams/{team}', [TeamController::class, 'show'])->name('teams.show');
Route::put('/current-team', [CurrentTeamController::class, 'update'])->name('current-team.update');
Route::get('/team-invitations/{invitation}', [TeamInvitationController::class, 'accept'])
->middleware(['signed'])
->name('team-invitations.accept');
}
});
});
app/Http/Kernel.php
<?php
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
/**
* The application's global HTTP middleware stack.
*
* These middleware are run during every request to your application.
*
* #var array
*/
protected $middleware = [
// \App\Http\Middleware\TrustHosts::class,
\App\Http\Middleware\TrustProxies::class,
\Fruitcake\Cors\HandleCors::class,
\App\Http\Middleware\PreventRequestsDuringMaintenance::class,
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
\App\Http\Middleware\TrimStrings::class,
\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
];
/**
* The application's route middleware groups.
*
* #var array
*/
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Laravel\Jetstream\Http\Middleware\AuthenticateSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
\App\Http\Middleware\SetLocale::class,
],
'api' => [
'throttle:api',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
];
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* #var array
*/
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
];
}
app/Http/Middleware/setLocale.php
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
class SetLocale
{
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure $next
* #return mixed
*/
public function handle(Request $request, Closure $next)
{
$languages = array_keys(config('app.languages'));
$route = $request->route();
if (request('change_language')) {
session()->put('language', request('change_language'));
$language = request('change_language');
if (array_key_exists('locale', $route->parameters) && $route->parameters['locale'] != $language)
{
$route->parameters['locale'] = $language;
if (in_array($language, $languages)) {
app()->setLocale($language);
}
return redirect(route($route->getName(), $route->parameters));
}
} elseif (session('language')) {
$language = session('language');
if (array_key_exists('locale', $route->parameters) && $route->parameters['locale'] != $language && in_array($route->parameters['locale'], $languages))
{
$language = $route->parameters['locale'];
session()->put('language', $language);
}
} elseif (config('app.locale')) {
$language = config('app.locale');
}
if (isset($language) && in_array($language, $languages)) {
app()->setLocale($language);
}
return $next($request);
}
}
In my Laravel-5.8 application, I have a multi-company application using a single database. Each table have a company_id derived from the company table as shown below:
id | company_name | subdomain
1 | Main |
2 | Company1 | company1
3 | Company2 | company2
Main=> localhost:8888/myapp
Company1=>localhost:8888/company1.myapp
Company2=>localhost:8888/company2.myapp
I created a middleware:
class VerifyDomain
{
public function handle($request, Closure $next)
{
$domain == "myapp"; // your company app name
$path = $request->getPathInfo(); // should return /company1.myapp or /company2.myapp or /myapp
if (strpos($path, ".") !== false) { // if path has dot.
list($subdomain, $main) = explode('.', $path);
if(strcmp($domain, $main) !== 0){
abort(404); // if domain is not myapp then throw 404 page error
}
} else{
if(strcmp($domain, $path) !== 0){
abort(404); // if domain is not myapp then throw 404 page error
}
$subdomain = ""; // considering for main domain value is empty string.
}
$company = Company::where('subdomain', $subdomain)->firstOrFail(); // if not found then will throw 404
$request->session()->put('subdomain', $company); //store it in session
return $next($request);
}
}
Already, I have two (2) route groups in the route/web.php wgich looks like this:
Route::get('/', ['as' => '/', 'uses' => 'IndexController#getLogin']);
Auth::routes();
Route::get('/dashboard', 'HomeController#index')->name('dashboard');
// Config Module
Route::group(['prefix' => 'config', 'as' => 'config.', 'namespace' => 'Config', 'middleware' => ['auth']], function () {
Route::resource('countries', 'ConfigCountriesController');
Route::resource('nationalities', 'ConfigNationalitiesController');
});
// HR Module
Route::group(['prefix' => 'hr', 'as' => 'hr.', 'namespace' => 'Hr', 'middleware' => ['auth']], function () {
Route::resource('designations', 'HrDesignationsController');
Route::resource('departments', 'HrDepartmentsController');
Route::resource('employee_categories', 'HrEmployeeCategoriesController');
});
I have 2 issues:
If subdomain field is null, then the route should be for main domain: Main=> localhost:8888/myapp else localhost:8888/company1.myapp or localhost:8888/company2.myapp
2.How do I accomodate the route groups above into this:
Route::domain('localhost:8888/myapp')->group(function () {
Route::get('/', function ($id) {
//
});
});
Route::domain('localhost:8888/{subdomain}.myapp')->group(function () {
Route::get('/', function ($company_name, $id) {
$company = Company::where('subdomain', $subdomain)->firstOrFail();
// send the value of $company to data to send different view data
});
});
I'm not really sure that i understand you clearly. But, I hope you'll understand me :)
First thing is you're "domain". I suppose it's not real domain, but just uri. And maybe you should use it something like that:
Auth::routes();
$defaultDomain = config('myconfig.default_domain_name', 'myapp');
// I'm not reccomend to you use localhost:8888 here.
Route::domain('localhost:8888')
->group([
'middleware' => ['veryfy_domain'] // Add your VerifyDomain Middleware here
], function () {
// Here you already have a 'subdomain' param in session
// If you need special logic for default domain, you can out it here
Route::group(['prefix' => '/' . $defaultDomain], function () {
Route::get('/', function ($id) {
//
});
});
// Code below will work only with companies.
Route::group(['prefix' => '/{test}.' . $defaultDomain], function () {
Route::get('/', ['as' => '/', 'uses' => 'IndexController#getLogin']);
Route::get('/dashboard', 'HomeController#index')->name('dashboard');
// Config Module
Route::group(['prefix' => 'config', 'as' => 'config.', 'namespace' => 'Config', 'middleware' => ['auth']], function () {
Route::resource('countries', 'ConfigCountriesController');
Route::resource('nationalities', 'ConfigNationalitiesController');
});
// HR Module
Route::group(['prefix' => 'hr', 'as' => 'hr.', 'namespace' => 'Hr', 'middleware' => ['auth']], function () {
Route::resource('designations', 'HrDesignationsController');
Route::resource('departments', 'HrDepartmentsController');
Route::resource('employee_categories', 'HrEmployeeCategoriesController');
});
});
});
And about your middleware. I see it smth like that:
class VerifyDomain
{
public function handle($request, Closure $next)
{
$request->get('domain_name', $this->getBaseDomain());
$company = Company::where('subdomain', $subdomain)->firstOrFail();
$request->session()->put('subdomain', $company);
return $next($request);
}
// Better to store it in config
protected function getBaseDomain()
{
return config('myconfig.default_domain_name', 'myapp');
}
}
If you really want to use different domains, I think you need in your nginx something like this:
server_name *.myapp myapp;
And of course in your hosts file.
Than you can check it like that:
http://company.myapp
http://company1.myapp
http://myapp
Config example:
Create new file your_project_dir/app/config/myconfig.php (name it as you want)
Put this code in the file:
return [
'default_domain_name' => 'myapp'
];
Now you can use in in youre code as i suggest:
config('myconfig.default_domain_name');
I can't understand what is happening here. on my local server its working fine but when I put everything on my live server I'm having this error
My web Route
Auth::routes(['verify' => true]);
Route::get('/', function(){
return view('auth.login');
})->name('auth.login')->middleware('auth');
Route::resource('/register', 'Auth\registerController#index')->name('register');
Route::group( ['middleware' => 'auth' ], function()
{
Route::get('/home', 'HomeController#index')->name('home');
Route::group(['namespace' => 'dashboard', 'prefix' => 'dashboard'], function() {
Route::get('/', 'DashboardController#index');
});
SO ON...
}
My RegisterController
class RegisterController extends Controller
{
use RegistersUsers;
protected $redirectTo = '/home';
public function __construct()
{
$this->middleware('guest');
}
public function index(Request $request)
{
$referral = '';
$keyword = $request->get('search');
$referral = Referral::where([
['code', $keyword],
['status', 0]
])->first();
if (is_null($keyword))
return view ( 'Auth.register');
elseif ($referral)
return view ( 'Auth.register', compact('referral', $referral))
->withDetails ( $referral )
->withQuery ( $keyword );
else
return view ( 'Auth.register')->withMessage ( 'The code you provided is not existing or already been taken.' );
}
protected function create(array $data)
{
$user = User::create([
'name' => $data['name'],
'country_code' => $data['country_code'],
'phone_number' => $data['phone_number'],
'email' => $data['email'],
'password' => Hash::make($data['password']),
]);
}
}
registerController Path
what do you this causing this?
Thank you in advance!
this line of code in your web.php file is causing the issue
Route::resource('/register', 'Auth\registerController#index')->name('register');
your class name starts with R but you have written using r. moreover it seems the route is a simple get route but you have written it as resource. change this too. so the route should be like
Route::get('register', 'Auth\RegisterController#index')->name('register');
How did you namespace your registerController?
Because laravel later versions use a rather different namespace than previous versions. Hence change your namespace (and imported files) to this;
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
If you are using laravel 8:
use App\Http\Controllers\Auth\RegisterController;
Auth::routes(['register' => false]);
Route::get('/user_register', [RegisterController::class, 'showRegistrationForm'])->name('register');
However it throws this error when I clean cache:
Unable to prepare route [user_register] for serialization. Another route has already been assigned name [register].
The new route works, but the old route yet it works
Can someone explain me the following behavior, when i enable my routes (login, homepage etc) like so:
Route::group(['middleware' => 'web'], function () {
....
});
A Ajax login modal is working correctly, however when i try the following (enabling middleware in the controllers) which i prefer working with:
class PagesController extends Controller
{
public function __construct()
{
$this->middleware('web');
}
...
}
class AuthController extends Controller
{
public function __construct()
{
$this->middleware('web');
$this->middleware('guest', ['except' => 'logout']);
}
...
}
A TokenMismatchException is trown in VerifyCsrfToken.php line 67.
To my knowledge there shouldn't be a difference in those two approaches, what am i doing wrong here?
csrf token setup:
Base layout:
<meta name="csrf-token" content="{{ csrf_token() }}">
modal js:
var options = {
emulateJSON: true,
headers: {
'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
}
};
I'll give You working example, take from there ideas that will help You:
app/Http/routes.php:
// all routes that start with: "/auth" are not filtered by any middleware
Route::group(['prefix' => 'auth'], function() {
Route::get('/', ['as' => 'auth', 'uses' => 'AuthController#index']);
Route::post('/', ['as' => 'auth.attempt', 'uses' => 'AuthController#attempt']);
Route::delete('/', ['uses' => 'AuthController#destroy']);
Route::any('destroy', ['as' => 'auth.destroy', 'uses' => 'AuthController#destroy']);
});
// all routes that start with: "/billing" will be handled by this group (prefix => 'billing')
// all controllers inside this route group are located in 'Billing' namespace
// all routes in this group are pre-checked by middleware 'HasAccessToBilling'
Route::group(['prefix' => 'billing', 'namespace' => 'Billing', 'middleware' => ['App\Http\Middleware\HasAccessToBilling']], function()
{
Route::any('/', ['as' => 'billing', 'uses' => 'DashboardController#index']);
Route::get('profile', ['as' => 'billing.profile', 'uses' => 'ProfileController#index']);
// TARIFFS
Route::group(['prefix' => 'tariffs'], function() {
Route::get('/', ['as' => 'billing.tariffs', 'uses' => 'TariffsController#index']); // showing page with tariffs paginated
Route::get('all', ['as' => 'billing.tariffs.all', 'uses' => 'TariffsController#all']); // listing all tariffs with json (see controller)
Route::get('create', ['as' => 'billing.tariffs.create', 'uses' => 'TariffsController#create']); // create form
Route::post('/', ['as' => 'billing.tariffs.store', 'uses' => 'TariffsController#store']); // creating
Route::get('{id}', ['as' => 'billing.tariffs.edit', 'uses' => 'TariffsController#edit']); // edit form
Route::post('{id}', ['as' => 'billing.tariffs.update', 'uses' => 'TariffsController#update']); // updating
Route::get('{id}/activate', ['as' => 'billing.tariffs.activate', 'uses' => 'TariffsController#activate']); // active = 1
Route::get('{id}/suspend', ['as' => 'billing.tariffs.suspend', 'uses' => 'TariffsController#suspend']); // active = 0
Route::get('{id}/delete', ['as' => 'billing.tariffs.delete', 'uses' => 'TariffsController#delete']); // deleted = 1
});
app/Http/Middleware/HasAccessToBilling.php:
<?php namespace App\Http\Middleware;
use App\Library\Auth;
use Closure;
use Illuminate\Http\Request;
class HasAccessToBilling
{
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure $next
* #return mixed
*/
public function handle(Request $request, Closure $next)
{
if (Auth::hasAccessTo('billing', $request)) {
return $next($request);
}
return redirect()->route('auth');
}
}
app/Library/Auth.php:
<?php namespace App\Library;
use \App\Models\User;
use Illuminate\Http\Request;
use Crypt;
class Auth
{
public static function recoverSession(Request $request)
{
$rememberToken = $request->cookie('remember-token', null);
if(is_null($rememberToken)) {
return null;
}
try{
$rememberToken = Crypt::decrypt($rememberToken);
$auth = json_decode($rememberToken, true);
$request->session()->set('auth', $auth);
}
catch(\Exception $ex) {}
return $request->session()->get('auth');
}
public static function hasAccessTo($realm, Request $request)
{
$auth = $request->session()->get('auth', null);
if (is_null($auth)) {
$auth = self::recoverSession($request);
}
return (isset($auth['access_to']))?
in_array($realm, $auth['access_to'])
: false;
}
}
and finally example controller:
see namespace 'Billing' must be same with folder, otherwise You'll do manual class aliasing in composer.
app/Http/Controllers/Billing/TariffsController.php:
<?php namespace App\Http\Controllers\Billing;
use Illuminate\Http\Request;
use Redirect;
use App\Http\Controllers\Controller;
use App\Models\Tariff as Model;
class TariffsController extends Controller
{
/**
* Listing records
* #return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function index()
{
$records = Model::paginate();
return view('billing.tariffs.index', compact('records'));
}
/**
* Listing all tariff plans as json
* #return \Illuminate\Http\JsonResponse
*/
public function all()
{
return $this->ok(Model::all());
}
summary:
if You defined middleware in Route::group - so no need for calling middleware inside constructor. Idea of route group is to free You from repeating code when writing routes, when giving accesses using middlewares and etc.
auth controllers must not be guarded by middleware that denies public access if it's not application for intranet. so You can see that in my routes file I've not defined middleware for "/auth" prefix routes.
I don't use csrf tokens (I don't see any reason for it, many years of work I've not ever got the moment where csrf was helpful or saved my life), so I've removed it from Kernel.php.
PROBLEM: AJAX request not working with prefix
Website works great without language prefix. But I need it.. So before (no middleware) and ajax post to domain.com/entitlement worked great.
However, when posting with prefix (domain.com/en/entitlement) and having the pre-fix middleware on throws an error MethodNotAllowedHttpException in RouteCollection.php line 219:
The stackoverflow posts I have seen on prefix routing are focusing on GET related issues. Like Laravel 5 route prefix. I have a POST issue (the GET works fine)
Any ideas?
ROUTES
Route::group(['middleware' => ['web']], function () {
Route::group(
[
'prefix' => LaravelLocalization::setLocale(),
'middleware' => [ 'localeSessionRedirect', 'localizationRedirect' ]
],
function()
{
Route::get('/', array(
'as' => 'home',
'uses' => 'HomeController#getHome'
));
Route::post('/entitlement', array(
'as' => 'entitlement-post',
'uses' => 'HomeController#postEntlitment'
));
}
}
AJAX REQUEST
$.ajax({
type: 'POST',
url: '/entitlement', --> Becomes domain.com/en/entitlement
data: data,
dataType:'json',
beforeSend: function() {
},
...
LocalizationSessionRedirect
<?php namespace Mcamara\LaravelLocalization\Middleware;
use Illuminate\Http\RedirectResponse;
use Closure;
class LocaleSessionRedirect {
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure $next
* #return mixed
*/
public function handle( $request, Closure $next )
{
$params = explode('/', $request->path());
$locale = session('locale', false);
if ( count($params) > 0 && $locale = app('laravellocalization')->checkLocaleInSupportedLocales($params[ 0 ]) )
{
session([ 'locale' => $params[ 0 ] ]);
return $next($request);
}
if ( $locale && app('laravellocalization')->checkLocaleInSupportedLocales($locale) && !( app('laravellocalization')->getDefaultLocale() === $locale && app('laravellocalization')->hideDefaultLocaleInURL() ) )
{
app('session')->reflash();
$redirection = app('laravellocalization')->getLocalizedURL($locale);
return new RedirectResponse($redirection, 302, [ 'Vary' => 'Accept-Language' ]);
}
return $next($request);
}
}
Thanks to tptcat the answer is to take out middleware of Mcmara's redirect.
UPDATED ROUTE
Route::group(
[
'prefix' => LaravelLocalization::setLocale(),
// 'middleware' => [ 'localeSessionRedirect', 'localizationRedirect' ] --> Not included
],
function()
{