I am new on laravel. I am actually having a problem with my middleware. I already registered it on Kernel.php file.
public function handle($request, Closure $next){
$user = Auth::user();
if($user->hasAnyRole('school'))
{
return $next($request);
}
return redirect('login');
}
here is my User model
public function roles(){
return $this->belongsToMany('App\Role');
}
public function hasAnyRoles(){
return null !== $this->roles()->whereIn('name', $roles)->first();
}
public function hasAnyRole(){
return null !== $this->roles()->where('name', $role)->first();
}
Try flipping the logic and also checking if logged in.
Do a (Auth::check() :
public function handle($request, Closure $next){
if (Auth::check()) {
$user = Auth::user();
if($user->hasAnyRole('school'))
{
return $next($request);
}
} else {
return redirect('login');
}
}
Related
i want to make two authentication roles(admin and user). every thing work fine, but for example when i am logged as user and i try to access the admin dashboard i want want redirected to the user dashboard instead cause i must not have access to it as a user... the problem is when i try to access the admin dashboard as a user i get this error : Trying to get property 'headers' of non-object
this my two middlewares...
Admin middleware:
public function handle(Request $request, Closure $next)
{
if (Auth::check() && Auth::user()->role == 'admin'){
return $next($request);
}else{
redirect()->route('login');
}
}
User middleware:
public function handle(Request $request, Closure $next)
{
if (Auth::check() && Auth::user()->role == 'user'){
return $next($request);
}else{
redirect()->route('login');
}
}
and i did edit the RedirectIfAuthenticated middleware to this.
public function handle(Request $request, Closure $next, ...$guards)
{
$guards = empty($guards) ? [null] : $guards;
foreach ($guards as $guard) {
/*if (Auth::guard($guard)->check()) {
return redirect(RouteServiceProvider::HOME);
}*/
if (Auth::guard($guard)->check() && Auth::user()->role == 'user') {
return redirect()->route('user.dashboard');
}
elseif (Auth::guard($guard)->check() && Auth::user()->role == 'admin'){
return redirect()->route('admin.dashboard');
}
}
return $next($request);
}
In middleware, it is important to handle all cases and return the redirects accordingly :
return redirect()->route('login');
You should return the redirect
Admin middleware:
public function handle(Request $request, Closure $next)
{
if (Auth::check() && Auth::user()->role == 'admin'){
return $next($request);
}else{
return redirect()->route('login');
}
}
User middleware:
public function handle(Request $request, Closure $next)
{
if (Auth::check() && Auth::user()->role == 'user'){
return $next($request);
}else{
return redirect()->route('login');
}
}
i have in my LoginController function:
protected $redirectTo = '/';
protected function authenticated(Request $request, $user) {
if ($user->is_admin == true) {
return redirect('/home');
}
return redirect('/');
}
and in RedirectIfAuthenticated middleware:
public function handle($request, Closure $next, $guard = null)
{
if (Auth::guard($guard)->check()) {
return redirect('/');
}
if (Auth::guard($guard)->check() && Auth::user()->is_admin == true) {
return redirect('/home');
}
return $next($request);
}
I tried too use in both places:
return redirect()->intended();
and
return redirect()->back();
but every time it brings me under
localhost/
Focusing on the user part, I'm trying to do a login redirect to the previous URL. Could someone please help me to correct this redirect?
Thank you
After I changed this
protected $redirectTo = '/';
to this
protected function redirectTo()
{
return redirect()->back();
}
protected function authenticated(Request $request, $user) {
if ($user->is_admin == true) {
return redirect('/home');
}
return redirect()->back();
}
i got error:
The localhost page caused too many redirects.
Looking at the docs:
If the redirect path needs custom generation logic you may define a
redirectTo method instead of a redirectTo property
So instead of protected $redirectTo = '/';
Try
protected function redirectTo()
{
return url()->previous();
}
Web.php
Route::group(['middleware'=>'auth:admin'], function(){
Route::resource('dashboard', 'DashboardController');
Route::group(['prefix'=>'users','namespace'=>'User','as'=>'u.'], function(){
Route::resource('list', 'ListController');
Route::resource('segments', 'SegmentController');
});
Route::group(['prefix'=>'sales','namespace'=>'Sales','as'=>'s.'], function(){
Route::resource('credits', 'CreditController');
Route::resource('packages', 'PackageController');
});
});
RedirectIfAuthenticated
class RedirectIfAuthenticated
{
public function handle($request, Closure $next, $guard)
{
if(Session::has('admin_session')){
return redirect('admin/dashboard');
}
// if (Auth::guard($guard)->check()) {
// return redirect(RouteServiceProvider::HOME);
// }
return $next($request);
}
}
AuthController
public function login(Request $request)
{
$serviceAccount = ServiceAccount::fromJsonFile(__DIR__.'/firebaseKey.json');
$firebase= (new Factory)->withServiceAccount($serviceAccount)->create();
$this->database = $firebase->getDatabase();
$auth = $firebase->getAuth();
// if (Auth::guard('admin')->attempt(['email' => $request->email, 'password' => $request->password])) {
// return redirect('admin/dashboard');
// }
try {
if($user = $auth->verifyPassword($request->email,$request->password)){
Session::put('admin_session',$user);
return redirect('admin/dashboard');
}
} catch (\Kreait\Firebase\Exception\Auth\InvalidPassword $e) {
echo 'wrong password'; die();
} catch (\Kreait\Firebase\Auth\SignIn\FailedToSignIn $e) {
echo 'invalid email'; die();
}
}
How to put only session authentication on above-mentioned routes?
As I want to put firebase authentication so laravel's wouldn't work here,
So I just want to implement simple isset(session('admin_session')) functionality which will be common for all routes...
Anyone, please suggest me how to implement it... it keeps redirecting!
Change the middleware group to a new middleware name:
Web.php
Route::group(['middleware'=>'role'], function(){ //or the name you want to use
Route::resource('dashboard', 'DashboardController');
Route::group(['prefix'=>'users','namespace'=>'User','as'=>'u.'], function(){
Route::resource('list', 'ListController');
Route::resource('segments', 'SegmentController');
});
Route::group(['prefix'=>'sales','namespace'=>'Sales','as'=>'s.'], function(){
Route::resource('credits', 'CreditController');
Route::resource('packages', 'PackageController');
});
});
Create a new middleware by php artisan make:middleware Role :
Role.php (Middleware)
<?php
namespace App\Http\Middleware;
use Session;
use Closure;
class Role
{
public function handle($request, Closure $next)
{
if(Session::has('admin_session')) {
return $next($request);
}
return redirect()->route('login');
}
}
Modify the RedirectIfAuthenticated middleware to this:
RedirectIfAuthenticated.php
class RedirectIfAuthenticated
{
public function handle($request, Closure $next, $guard = null)
{
if (Session::has('admin_session')) {
return redirect('admin/dashboard');
}
return $next($request);
}
}
Modify AuthController to this:
AuthController.php
public function login(Request $request)
{
if ($auth = $this->firebase->getAuth()) {
try {
$user = $auth->verifyPassword($request->email, $request->password);
Session::put('admin_session',$user);
return redirect('admin/dashboard');
}
catch (\Kreait\Firebase\Exception\Auth\InvalidPassword $e) {
return back(); // code for wrong password
}
catch (\Kreait\Firebase\Auth\SignIn\FailedToSignIn $e) {
return back(); //code for user doesn't exists
}
}
return back(); // something went wrong
}
I have middleware UKM I want if the Auth::id() in the table ukm, hen can access the next request. But not working, if Auth::id() no in the table user can access.
public function handle($request, Closure $next)
{
$query = DB::table('ukm')->where('id_user',Auth::id())->get();
foreach($query as $key){
$cek = $key->id_user;
}
if ($cek != NULL) {
return $next($request);
}
return redirect('/');
}
try this...
public function handle($request, Closure $next)
{
$query = DB::table('ukm')->where('id_user',Auth::id())->first();
if ($query != NULL) {
return $next($request);
}
return redirect('/');
}
how about this ....
public function handle($request, Closure $next)
{
$query = DB::table('ukm')->pluck('id_user')->toArray();
if(in_array( Auth::user()->id, $query )
{
return $next($request);
}
return redirect('/');
}
I am trying to process 2 middleware before routing it to controller. Laravel won't give me an error on the following code but it only processes the 1st middleware 'CheckReferer' and won't process the 2nd middleware 'CheckCart'. It process the 1st middleware even if you change the sequence (e.g 'CheckCart', 'CheckReferer').
web.php
Route::prefix($language)->middleware('CheckReferer', 'CheckCart')->group(function() {
Route::get('/', 'HomeController#getIndex')->name('home');
});
CheckReferer.php (Middleware)
class CheckReferer
{
public function handle($request, Closure $next)
{
$Referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null;
if($Referer != null) {
$url_parsed = parse_url($Referer);
if ($url_parsed['host'] == 'www.example.com') {
$Referer = true;
Session::put('Referer', $Referer);
}
}
return $next($request);
}
}
CheckCart.php (Middleware)
class CheckCart
{
public function handle(Request $request, Closure $next)
{
$oldCart = Session::has('Cart') ? Session::get('Cart') : null;
return $next($request);
}
}
Pass them as array...
Route::prefix($language)->middleware(['CheckReferer', 'CheckCart'])->group(function() {
Route::get('/', 'HomeController#getIndex')->name('home');
});