I have made a quiz when the user unlocks the quiz then only the user can access the quiz page suppose 127.0.0.1:8000/quiz1. But I have unlocked the quiz, then too my middleware takes me to /home page.
I have tried this logic but it didn't worked.
<?php
namespace App\Http\Middleware;
use Closure;
use App\Theme_User;
use App\User;
use Auth;
class UnlockMiddleware
{
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure $next
* #return mixed
*/
public function handle($request, Closure $next)
{
$user = auth()->user()->id;
$theme_user = Theme_User::find($user);
if($theme_user->unlocked == 1){
return $next($request);
}
else {
return redirect('/login');
}
}
}
In my Theme_User there is user_id and unlocked stored but that is not working for me.
You need to check if they are logged in first, like so with \Auth::check()...
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure $next
* #return mixed
*/
public function handle($request, Closure $next)
{
if(\Auth::check()) {
$user = \Auth::user()->id;
$theme_user = Theme_User::find($user);
if($theme_user->unlocked == 1){
return $next($request);
}
// Logged in but not unlocked
}
else {
return redirect('/login');
}
}
I have no idea what the logic is meant to be behind logged in but not unlocked, you'll need to fill that gap
It might be worth checking if user is logged in before trying to get user id from auth.
public function handle($request, Closure $next)
{
if(auth()->check()) {
$user = auth()->user()->id;
$theme_user = Theme_User::find($user);
if($theme_user->unlocked == 1){
return $next($request);
}else{
return redirect('whatever_page_if_user_is_logged_in_but_not_unlocked');
}
}else {
//this only happens if user is not logged in
return redirect('/login');
}
}
Related
Hello please can explain me why it happedned . i hve make middleware and was work ok but suddenly stop and redirect me any way problem in method where Authenticate .php
class Authenticate extends Middleware
{
/**
* Get the path the user should be redirected to when they are not authenticated.
*
* #param \Illuminate\Http\Request $request
* #return string|null
*/
protected function redirectTo($request)
{
if (! $request->expectsJson()) {
return route('login');
}
}
}
this return me to login if i logged not allow for user he have permisson to go this
middleware
class AdminMiddleware
{
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse) $next
* #return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
*/
public function handle(Request $request, Closure $next)
{
if (Auth::check()){
if (Auth::user()->user_type == 1){ //Any Manger Can Access only Not Users
return $next($request);
}else{
return redirect()->back();
// abort(403);
}
}else{
return redirect()->back();
}
}
}
and user_type == 1 was try in middle ware dd(Auth::user()); but if put it in side method redirectTo
dd(Auth::user());
return info bout user but not return nothing direct go to login in Authenticate ,
Route::group(['middleware' => 'auth:admin'], function () {
Route::get('admin/dashboard', function () {
return view('admin.index');
})->name('admin.dashboard');
and befor it was work ok . what problem !
I am trying to handle roles in my application but I have a problem: when I clear cache or logout from the app and log in again I want to be redirected to the login but it sends me the following error
Trying to get property 'rol' of non-object.
<?php
namespace App\Http\Middleware;
use Closure;
class Admin
{
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure $next
* #return mixed
*/
public function handle($request, Closure $next)
{
if (\Auth::user()->rol == 'Admin') {
return $next($request);
}
return redirect()->guest('login');
}
}
you have to check if user is logged in, and then ask if user have rol
use Illuminate\Support\Facades\Auth;
public function handle($request, Closure $next)
{
if (Auth::check()) {
if (Auth::user()->rol == 'Admin') {
return $next($request);
}
return redirect()->guest('login');
}
return redirect()->guest('login');
}
I wish to authenticate the user after the request with my own middleware:
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Auth\Middleware\Authenticate;
class AuthenticateAfter extends Authenticate
{
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure $next
* #param string[] ...$guards
* #return mixed
*
* #throws \Illuminate\Auth\AuthenticationException
*/
public function handle($request, Closure $next, ...$guards)
{
$response = $next($request);
$this->authenticate($request, $guards);
return $response;
}
}
I extend Illuminate\Auth\Middleware\Authenticate and modify the handle method to run as after middleware.
It's then declared in my kernel and on the correct route.
But I always get kicked back to the page I was previously on after logging in.
I want to control the page I go to, so before the middleware kicks in I do:
$request->session()->put('url.intended', 'my-test-url');
But it fails to redirect to this route.
How can I get it to redirect to a custom route?
Try this,
public function handle($request, Closure $next, ...$guards)
{
$response = $next($request);
$this->authenticate($request, $guards);
return redirect('/your_page_path');
}
Just for reference, here what I use to authenticate a user:
public function handle($request, Closure $next)
{
if (auth()->user() && auth()->user()->type != 'admin')
{
return redirect('/unauthorized');
}
return $next($request);
}
Try with: return redirect('view') or return redirect()->to('/route')
I have used make:auth command to create basic register and login. I have created an extra field in register page which gets user type*(admin,employee or visitor)*.
Now my problem is I need to navigate to three different page for each of them by accessing that user type from the users table in database. Any help any suggestion are most welcome.
As far as I know, Laravel 5 comes with \App\Http\Middleware\RedirectIfAuthenticated middleware class which intended to do redirection once user logged in.
So in this case, the handle function of the middleware would be
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure $next
* #param string|null $guard
* #return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
if (Auth::guard($guard)->check()) {
$userType = Auth::user()->type;
if ($userType == 'admin') {
return redirect('/admin');
} else if ($userType == 'employee') {
return redirect('/employee');
} else if ($userType == 'visitor') {
return redirect('/visitor');
}
}
return $next($request);
}
Laravel too, has leave out a blank authenticated method which you can fill out on \App\Http\Controllers\Auth\LoginController which is inherited from Illuminate\Foundation\Auth\AuthenticatesUsers trait
/**
* The user has been authenticated.
*
* #param \Illuminate\Http\Request $request
* #param mixed $user
* #return mixed
*/
protected function authenticated(Request $request, $user)
{
$userType = $user->type;
if ($userType == 'admin') {
return redirect('/admin');
} else if ($userType == 'employee') {
return redirect('/employee');
} else if ($userType == 'visitor') {
return redirect('/visitor');
}
}
I am creating an Admin Panel and I have problem with the access , I am using One-to-Many relation and I have the table user with role_id=3.
This middleware works correctly but I need to protect the routes correctly.
class Administrador
{
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure $next
* #param string|null $guard
* #return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
if (Auth::guard($guard)->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect()->guest('/administrador');
}
}
return $next($request);
}
}
The routes are correctly set, but I don't know how to send the user's role in this Middleware.
...
EDIT
If you want to combine in one middleware Administrador it would be:
class Administrador
{
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure $next
* #param string|null $guard
* #return mixed
*/
public function handle($request, Closure $next, $roles = null, $guard = null)
{
if (Auth::guard($guard)->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect()->guest('/administrador');
}
}
$roles = explode('|', $roles);
if (! in_array(Auth::guard($guard)->user()->role_id, $roles) {
return response('Unauthorized.', 401);
}
return $next($request);
}
}
Example usage on route:
Route::group(['middleware' => 'administrador:1|2'], function () {});
administrador:1|2 replace the value with your role ids separated by |, if you want to use another guard then you can pass it as second parameter, example: administrador:1|2,custom_guard. This way you can define multiple roles that able to access your admin screen.
If you would rather want to use one fixed role:
class Administrador
{
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure $next
* #param string|null $guard
* #return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
if (Auth::guard($guard)->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect()->guest('/administrador');
}
}
if (Auth::guard($guard)->user()->role_id !== 3) {
return response('Unauthorized.', 401);
}
return $next($request);
}
}