Please i have two route::group, the first is for normal staff and the second is for hod and normal staff.
//staff
Route::group(['middleware' => 'App\Http\Middleware\lecturerMiddleware','as'=>'staff::'], function() {
Route::match(['post','get'],'application', ['as'=>'application','LeavessController#index'])->name('application');
});
//HOD and Provost
Route::group(['middleware' => 'App\Http\Middleware\hodProvostMiddleware'], function() {
Route::match(['post','get'],'application', 'LeavessController#index')->name('application');
Route::match(['post','get'],'applied', 'LeavesController#applied');
Route::match(['post','get'],'approval/{id}', 'LeavesController#approval');
});
If i access application route as Hod its working but when i try to access as a normal staff its nt working
//HodProvostMiddleware
public function handle($request, Closure $next) {
$user = $request->user();
if ($user && ($user->user_access_id == '3' or $user->user_access_id == '2')) {
return $next($request);
}else return new Response(view('unauthorized')->with('role', 'HOD'));
}
// staffMiddleware
public function handle($request, Closure $next) {
if ($request->user() && $request->user()->user_access_id == '1') {
return $next($request);
}else return new Response(view('unauthorized')->with('role', 'LECTURER'));
}
}
Related
I have this route, that should work for both middlewares
Route::middleware(['company', 'consultant'])->group(function () {
Route::resource('/tasks', TaskController::class);
});
If I do
Route::middleware(['consultant'])->group(function () {
Route::resource('/tasks', TaskController::class);
});
Or
Route::middleware(['company'])->group(function () {
Route::resource('/tasks', TaskController::class);
});
Both work, yet the first example with both it does work just for the company.
In routeMiddleware I have as expected
'consultant' => \App\Http\Middleware\IsConsultant::class,
'company' => \App\Http\Middleware\IsCompany::class,
And in the Middleware folder
class IsCompany
{
public function handle(Request $request, Closure $next)
{
if (Auth::user() && Auth::user()->type == 2) {
return $next($request);
}
return redirect('dashboard')->with('error','You have not admin access');
}
}
class IsConsultant
{
public function handle(Request $request, Closure $next)
{
if (Auth::user() && Auth::user()->type == 1) {
return $next($request);
}
return redirect('dashboard')->with('error','You have not admin access');
}
}
If you want both of the middleware to succeed and pass the request, they won't. They are mutually exclusive, since one needs Auth::user()->type == 2 and other Auth::user()->type == 1
If one succeeds, the other has to fail by definition.
You can rather have a single middleware with in_array(Auth::user()->type, [1, 2], true) that'd work when the user type is either 1 or 2, if that's what you're looking for.
i want to make two authentication roles(admin and user). every thing work fine, but for example when i am logged as user and i try to access the admin dashboard i want want redirected to the user dashboard instead cause i must not have access to it as a user... the problem is when i try to access the admin dashboard as a user i get this error : Trying to get property 'headers' of non-object
this my two middlewares...
Admin middleware:
public function handle(Request $request, Closure $next)
{
if (Auth::check() && Auth::user()->role == 'admin'){
return $next($request);
}else{
redirect()->route('login');
}
}
User middleware:
public function handle(Request $request, Closure $next)
{
if (Auth::check() && Auth::user()->role == 'user'){
return $next($request);
}else{
redirect()->route('login');
}
}
and i did edit the RedirectIfAuthenticated middleware to this.
public function handle(Request $request, Closure $next, ...$guards)
{
$guards = empty($guards) ? [null] : $guards;
foreach ($guards as $guard) {
/*if (Auth::guard($guard)->check()) {
return redirect(RouteServiceProvider::HOME);
}*/
if (Auth::guard($guard)->check() && Auth::user()->role == 'user') {
return redirect()->route('user.dashboard');
}
elseif (Auth::guard($guard)->check() && Auth::user()->role == 'admin'){
return redirect()->route('admin.dashboard');
}
}
return $next($request);
}
In middleware, it is important to handle all cases and return the redirects accordingly :
return redirect()->route('login');
You should return the redirect
Admin middleware:
public function handle(Request $request, Closure $next)
{
if (Auth::check() && Auth::user()->role == 'admin'){
return $next($request);
}else{
return redirect()->route('login');
}
}
User middleware:
public function handle(Request $request, Closure $next)
{
if (Auth::check() && Auth::user()->role == 'user'){
return $next($request);
}else{
return redirect()->route('login');
}
}
how to create middleware redirect about role. I have 2 middleware, first Admin, next User. Need redirect after login, if role Admin, example redirect to /admin, if User redirect to /user.
Admin middleware:
if(Auth::check() && Auth::user()->isRole() == "Admin"){
return $next($request);
}
return redirect('login');
User middleware:
if(Auth::check() && Auth::user()->isRole() == "User"){
return $next($request);
}
return redirect('login');
WEB routes
Route::group(['middleware' => ['auth']], function () {
Route::get('/', 'DashboardController#index');
Route::group(['middleware' => ['auth' => 'admin']], function (){
Route::resource('/admin', 'AdminController');
});
Route::group(['middleware' => ['auth' => 'user']], function (){
Route::resource('/user', 'AdminController');
});
});
You can make your admin/user middleware to inherit laravel's Authenticate middleware: Illuminate\Auth\Middleware\Authenticate, then have their definitions as below.
Admin Middleware-
public function handle($request, Closure $next, ...$guards)
// Ensure auth - this will automagically re-direct if not authed.
$this->authenticate($request, $guards);
if(Auth::user()->isRole() == "Admin")
return $next($request);
return redirect('/user-default-page')
}
// You can define this for your un-authenticated redirects
protected function redirectTo($request)
{
return '/login';
}
User middleware will then be:-
public function handle($request, Closure $next, ...$guards)
// Ensure auth - this will automagically re-direct if not authed.
$this->authenticate($request, $guards);
if(Auth::user()->isRole() == "User")
return $next($request);
return redirect('/admin-default-page')
}
// You can define this for your un-authenticated redirects
protected function redirectTo($request)
{
return '/login';
}
For routes:
Route::group(['middleware' => 'admin'], function () {
// Put here admin routes, e.g
Route::resource('/admin', 'AdminController');
}
Route::group(['middleware' => 'user'], function () {
// Put here user routes, e.g
Route::resource('/users', 'UserController');
}
// You can still use the default auth routes, say for routes that (somehow), both admin and user can access
Route::group(['middleware' => 'auth'], function () {
Route::resource('/dashboard', 'DashboardController');
}
// Admin Middleware
public function handle($request, Closure $next)
{
if(Auth::check() && Auth::user()->role->id == 1)
{
return $next($request);
}else {
return redirect()->route('login');
}
}
// User Middleware
public function handle($request, Closure $next)
{
if(Auth::check() && Auth::user()->role->id == 2 )
{
return $next($request);
}else {
return redirect()->route('login');
}
}
// Admin Route Group
Route::group(['as'=>'admin.','prefix'=>'admin','namespace'=>'Admin','middleware'=>['auth','admin']], function (){
Route::get('dashboard','DashboardController#index')->name('dashboard');
})
// User Middleware
Route::group(['as'=>'user.','prefix'=>'user','namespace'=>'Author','middleware'=>['auth','user']], function (){
Route::get('dashboard','DashboardController#index')->name('dashboard');
});
I have middleware UKM I want if the Auth::id() in the table ukm, hen can access the next request. But not working, if Auth::id() no in the table user can access.
public function handle($request, Closure $next)
{
$query = DB::table('ukm')->where('id_user',Auth::id())->get();
foreach($query as $key){
$cek = $key->id_user;
}
if ($cek != NULL) {
return $next($request);
}
return redirect('/');
}
try this...
public function handle($request, Closure $next)
{
$query = DB::table('ukm')->where('id_user',Auth::id())->first();
if ($query != NULL) {
return $next($request);
}
return redirect('/');
}
how about this ....
public function handle($request, Closure $next)
{
$query = DB::table('ukm')->pluck('id_user')->toArray();
if(in_array( Auth::user()->id, $query )
{
return $next($request);
}
return redirect('/');
}
I am trying to process 2 middleware before routing it to controller. Laravel won't give me an error on the following code but it only processes the 1st middleware 'CheckReferer' and won't process the 2nd middleware 'CheckCart'. It process the 1st middleware even if you change the sequence (e.g 'CheckCart', 'CheckReferer').
web.php
Route::prefix($language)->middleware('CheckReferer', 'CheckCart')->group(function() {
Route::get('/', 'HomeController#getIndex')->name('home');
});
CheckReferer.php (Middleware)
class CheckReferer
{
public function handle($request, Closure $next)
{
$Referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null;
if($Referer != null) {
$url_parsed = parse_url($Referer);
if ($url_parsed['host'] == 'www.example.com') {
$Referer = true;
Session::put('Referer', $Referer);
}
}
return $next($request);
}
}
CheckCart.php (Middleware)
class CheckCart
{
public function handle(Request $request, Closure $next)
{
$oldCart = Session::has('Cart') ? Session::get('Cart') : null;
return $next($request);
}
}
Pass them as array...
Route::prefix($language)->middleware(['CheckReferer', 'CheckCart'])->group(function() {
Route::get('/', 'HomeController#getIndex')->name('home');
});