Laravel : Middleware Issue - laravel

I have middleware UKM I want if the Auth::id() in the table ukm, hen can access the next request. But not working, if Auth::id() no in the table user can access.
public function handle($request, Closure $next)
{
$query = DB::table('ukm')->where('id_user',Auth::id())->get();
foreach($query as $key){
$cek = $key->id_user;
}
if ($cek != NULL) {
return $next($request);
}
return redirect('/');
}


try this...
public function handle($request, Closure $next)
{
$query = DB::table('ukm')->where('id_user',Auth::id())->first();
if ($query != NULL) {
return $next($request);
}
return redirect('/');
}


how about this ....
public function handle($request, Closure $next)
{
$query = DB::table('ukm')->pluck('id_user')->toArray();
if(in_array( Auth::user()->id, $query )
{
return $next($request);
}
return redirect('/');
}

Related

Trying to get property 'headers' of non-object (middleware role authentication)

i want to make two authentication roles(admin and user). every thing work fine, but for example when i am logged as user and i try to access the admin dashboard i want want redirected to the user dashboard instead cause i must not have access to it as a user... the problem is when i try to access the admin dashboard as a user i get this error : Trying to get property 'headers' of non-object
this my two middlewares...
Admin middleware:
public function handle(Request $request, Closure $next)
{
if (Auth::check() && Auth::user()->role == 'admin'){
return $next($request);
}else{
redirect()->route('login');
}
}
User middleware:
public function handle(Request $request, Closure $next)
{
if (Auth::check() && Auth::user()->role == 'user'){
return $next($request);
}else{
redirect()->route('login');
}
}
and i did edit the RedirectIfAuthenticated middleware to this.
public function handle(Request $request, Closure $next, ...$guards)
{
$guards = empty($guards) ? [null] : $guards;
foreach ($guards as $guard) {
/*if (Auth::guard($guard)->check()) {
return redirect(RouteServiceProvider::HOME);
}*/
if (Auth::guard($guard)->check() && Auth::user()->role == 'user') {
return redirect()->route('user.dashboard');
}
elseif (Auth::guard($guard)->check() && Auth::user()->role == 'admin'){
return redirect()->route('admin.dashboard');
}
}
return $next($request);
}

In middleware, it is important to handle all cases and return the redirects accordingly :
return redirect()->route('login');

You should return the redirect
Admin middleware:
public function handle(Request $request, Closure $next)
{
if (Auth::check() && Auth::user()->role == 'admin'){
return $next($request);
}else{
return redirect()->route('login');
}
}
User middleware:
public function handle(Request $request, Closure $next)
{
if (Auth::check() && Auth::user()->role == 'user'){
return $next($request);
}else{
return redirect()->route('login');
}
}

Call to a member function hasAnyRole() on null

I am new on laravel. I am actually having a problem with my middleware. I already registered it on Kernel.php file.
public function handle($request, Closure $next){
$user = Auth::user();
if($user->hasAnyRole('school'))
{
return $next($request);
}
return redirect('login');
}
here is my User model
public function roles(){
return $this->belongsToMany('App\Role');
}
public function hasAnyRoles(){
return null !== $this->roles()->whereIn('name', $roles)->first();
}
public function hasAnyRole(){
return null !== $this->roles()->where('name', $role)->first();
}

Try flipping the logic and also checking if logged in.
Do a (Auth::check() :
public function handle($request, Closure $next){
if (Auth::check()) {
$user = Auth::user();
if($user->hasAnyRole('school'))
{
return $next($request);
}
} else {
return redirect('login');
}
}

how to use same routes in two different route groups

Please i have two route::group, the first is for normal staff and the second is for hod and normal staff.
//staff
Route::group(['middleware' => 'App\Http\Middleware\lecturerMiddleware','as'=>'staff::'], function() {
Route::match(['post','get'],'application', ['as'=>'application','LeavessController#index'])->name('application');
});
//HOD and Provost
Route::group(['middleware' => 'App\Http\Middleware\hodProvostMiddleware'], function() {
Route::match(['post','get'],'application', 'LeavessController#index')->name('application');
Route::match(['post','get'],'applied', 'LeavesController#applied');
Route::match(['post','get'],'approval/{id}', 'LeavesController#approval');
});
If i access application route as Hod its working but when i try to access as a normal staff its nt working
//HodProvostMiddleware
public function handle($request, Closure $next) {
$user = $request->user();
if ($user && ($user->user_access_id == '3' or $user->user_access_id == '2')) {
return $next($request);
}else return new Response(view('unauthorized')->with('role', 'HOD'));
}
// staffMiddleware
public function handle($request, Closure $next) {
if ($request->user() && $request->user()->user_access_id == '1') {
return $next($request);
}else return new Response(view('unauthorized')->with('role', 'LECTURER'));
}
}

Having an issue with Multiple middleware in laravel

I am trying to process 2 middleware before routing it to controller. Laravel won't give me an error on the following code but it only processes the 1st middleware 'CheckReferer' and won't process the 2nd middleware 'CheckCart'. It process the 1st middleware even if you change the sequence (e.g 'CheckCart', 'CheckReferer').
web.php
Route::prefix($language)->middleware('CheckReferer', 'CheckCart')->group(function() {
Route::get('/', 'HomeController#getIndex')->name('home');
});
CheckReferer.php (Middleware)
class CheckReferer
{
public function handle($request, Closure $next)
{
$Referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null;
if($Referer != null) {
$url_parsed = parse_url($Referer);
if ($url_parsed['host'] == 'www.example.com') {
$Referer = true;
Session::put('Referer', $Referer);
}
}
return $next($request);
}
}
CheckCart.php (Middleware)
class CheckCart
{
public function handle(Request $request, Closure $next)
{
$oldCart = Session::has('Cart') ? Session::get('Cart') : null;
return $next($request);
}
}

Pass them as array...
Route::prefix($language)->middleware(['CheckReferer', 'CheckCart'])->group(function() {
Route::get('/', 'HomeController#getIndex')->name('home');
});

Role Middleware Dynamic Parameters Laravel 5.4

I have a role middleware that passes a parameter to the middleware.
public function __construct(UserInterface $user, RoleInterface $role, MaritalStatusInterface $maritalStatus, CityInterface $city){
$this->middleware('auth');
//$this->middleware('role:System Admin'); I changed it to 6 for the id.
$this->middleware('role:6');
}
My RoleMiddleware is this
public function handle($request, Closure $next, ...$params)
{
$roles = $request->user()->roles()->get();
$roles = $roles->map(function($item){
return $item->id;
});
foreach ($params as $value) {
if( ! in_array($value, $roles->toArray())){
return redirect()->action('NavController#home');
}
}
return $next($request);
}
As you can see I it is very tied to 6. What if I want to add 7... I want to make it dynamically. My tables are Users Role_User and Roles. What table do I need and how to execute it.

since you want it dynamically you should have a database for the allowed roles .. then in the same controller you should do
$allowedRoles = AllowedRoles::all();
$loop=1;
foreach($allowedRoles as $role)
{
$roleString = $loop == 1 ? $role->value : $roleString.'|'.$role->value;
// where value is equivalent to the role of your role id in role database
$loop++;
}
$this->middleware('role:'.$roleString);
then in your middleware you should explode the roleString
public function handle($request, Closure $next, $roles)
{
$roles = explode('|',$roles);
$user = User::find($request->user()->id);
foreach($user->intRoles as $myRole)
{
if(in_array($myRole->role_id, $roles))
{
return $next($request);
}
}
// Redirect
return redirect()->back();
}

Resources