defining route with 'auth:web' middleware in laravel service provider boot() method - laravel

im using a package called https://github.com/garygreen/pretty-routes
there is line in its service provider boot() method (here the code)
it is defining a get route with middlewares from its config file(link to the code) I just added 'auth:web' to its config file but it seems the 'auth:web' middleware is called as soon as code reaches the line before Laravel bootstraps its session and etc. when the auth('web')->user() is yet null
What I can not understand is that I do the same exact thing (here the code)with laravel/telescope but it works. why ???
also changing :
Route::get(config('pretty-routes.url'), 'PrettyRoutes\PrettyRoutesController#show')
->name('pretty-routes.show')
->middleware(config('pretty-routes.middlewares'));
to :
$this->app['router']->get(config('pretty-routes.url'), 'PrettyRoutes\PrettyRoutesController#show')
->name('pretty-routes.show')
->middleware(config('pretty-routes.middlewares'));
in service provider seems to solve the problem and make this code behave like the way telescope package use 'auth:web' as middleware.
what's happening ?

You need to have the web middleware applied to any routes you need sessions for, which is what the default authentication system is using. When you apply the auth middleware without this it can't possibly resolve a user since there is no session to be authenticated against.
You need to apply the web middleware and then what ever other middleware you want:
'middlewares' => [
'web', 'auth:web',
],
If you look at the telescope example you provided you will see they also add the web middleware. So you didn't quite "do the same exact thing" as the telescope config.

Related

Laravel Multi-Tenant Multi-Database Multi-Domain - Problem with default route

I'm studying about multi-tenant with Laravel and I'm having a problem with the routes. The main application works fine, however the main client domain (route / ) returns the 401 error configured in the middleware I created, but the other routes (login, register, etc) work perfectly.
If I put a prefix on the main application routes, then the / client route works normally, but I need the main application not to have a prefix since I want to use it to create the service submission and hiring system.
Anyone who has knowledge on this subject and can take a look at my code and help me find out why only the route is returning this error I will be very grateful.
If i access app.mydefaultapp works
If i access app.myclientapp doesn't works
If i access app.myclientapp/login(or any other route) works
https://pastebin.com/bHHux9sY
I solved the problem by creating a Provider with the same Middleware identification logic, and when accessing the main domain it dynamically loads the routes of the main domain.
$manager = app(ManagerTenant::class);
if ($manager->domainIsMain())
{
$this->registerTenantRoutes();
$this->registerTenantAdminRoutes();
}
https://pastebin.com/20SCsgfL

Laravel and GraphQL : How to use Passport of Laravel for Authentication when using laravel-graphql?

I want to use GraphQL in Laravel,I chose the package laravel-graphql ,my question is:
How to use Passport of Laravel for Authentication when using laravel-graphql?
I haven't used the package myself before, but from looking at the code I would say you can add a middleware in the configuration file config/graphql.php that performs the authentication and/or permission check:
/*
* Any middleware for the 'graphql' route group
*/
'middleware' => ['auth:api'], // or 'auth' for normal authentication
If this doesn't work for you, there is also the possibility to override the controller used by the package. The configuration for this is also in the same configuration file. You could for example extend the existing controller to achieve what you want. Or you write an entirely new one.
at first you have to install laravel passport step by step after install passport then you have to use
#middleware(checks:["auth:api"])
in schema.graphql file

Laravel Passport Password Reset API route

I'm all set up with Passport in 5.5 and have the auto generated Auth\ForgotPasswordController and Auth\ResetPasswordController controllers.
However whereas /oauth/token was provided magically for me, there don't appear to be such routes for password reset when using the API.
What should my API routes look like?
Currently I've experimented with
Route::group(['prefix' => 'password'], function () {
Route::post('/email', 'Auth\ForgotPasswordController#sendResetLinkEmail');
Route::post('/reset', 'Auth\ResetPasswordController#reset');
});
but I found these in the vendor files when looking at the traits and aren't sure if this is the correct way.
The /password/email route also fails with "message": "Route [password.reset] not defined."
since you don't see any route other then 2 custom, therefore i am assumin you havn't run artisan auth command. First run that. it will add lot of routes in ur project.
Then set api driver to passport.

Laravel & PHPUnit: Getting 500 when unit testing "Passport" restricted route

I have a Laravel 5.3 app.
Inside my api.php file, there's a route for posting an answer within a poll.
Route::group(['middleware' => 'auth:api'], function () {
Route::post('/poll/answer', 'API\PollsController#createAnswer');
});
The route is part of a group, restricted by the auth:api middleware, using Laravel's Passport engine.
When calling this route from Postman or any other tool to test APIs, I get 401 which is ok because I'm not attaching the token.
But when unit testing this call using PHPUnit, it returns 500. I have no idea why.
$this->postJson('api/poll/answer');
I'm probably missing a configuration or setup instruction.
Any ideas?
The 500 error was occurring because I forgot to add an app key to the .env.testing file.
It got solved after adding that.

Laravel 5.2 Session not passing

I have a simple success message on store to DB.
\Session::flash('info', 'Success! Words created');
now if I var_dump the session and return that, great.
As soon as I move to another view. Session info is gone!
I've tried all sorts, I'm on laravel 5.1.
looked into the middleware groups but i just get blank pages when adding routes in here..
This is a breaking problem with the 5.2 upgrade. What's happening is the middleware which is responsible for making that errors variable available to all your views is not being utilized because it was moved from the global middleware to the web middleware group.
There are two ways to fix this:
In your kernel.php file(app/Http/Kernel.php), you can move the middleware \Illuminate\View\Middleware\ShareErrorsFromSession::class back to the protected $middleware property.
Wrap all your web routes with a route group and apply the web middleware to them:
Route::group(['middleware' => 'web'], function() {
// Place all your web routes here...(Cut all `Route` which are define in `Route file`, paste here)
});

Resources