I'll try to explain this weird behavior as detailed as possible. The problem is, that the user is logged out after login. So, the login actually happens, session file is set in storage folder, but after another click it's logging me out. It is interesting that this is happening only on production/shared hosting, on localhost it is working fine. What I've tried so far:
Changed the file to database in session.php
Changed the session name - it works, but only for couple of hours!
Debugged Exceptions/handler.php unauthenticated method
Fiddled with Kernel.php and tried every possible way that came up in Google
Tried redefining and regrouping middleware groups
Here is my route file:
Route::group(['middleware' => ['web']], function () {
Route::prefix('admin')->group(function () {
/**
* Auth
*/
Route::get('/login', 'Admin\Auth\LoginController#showLoginForm');
Route::post('/login', 'Admin\Auth\LoginController#login');
Route::get('/logout', 'Admin\Auth\LoginController#logout');
Route::get('/', 'Admin\AdminController#index');
/**
* Structure
*/
Route::prefix('structure')->group(function () {
Route::resource('menu', 'Admin\Structure\MenuController');
Route::resource('template-group', 'Admin\Structure\TemplateGroupController');
Route::resource('property', 'Admin\Structure\PropertyController');
Route::resource('property-type', 'Admin\Structure\PropertyTypeController');
Route::resource('property-value', 'Admin\Structure\PropertyValueController');
Route::resource('property-value-order', 'Admin\Structure\PropertyValueOrderController');
Route::resource('template', 'Admin\Structure\TemplateController');
});
Route::resource('structure', 'Admin\StructureController');
/**
* Content
*/
Route::prefix('content')->group(function () {
Route::resource('page', 'Admin\Content\PageController');
});
Route::resource('content', 'Admin\ContentController');
});
});
Related
In my laravel(7.x) application, I am trying to bind two routes admin/ and admin/dashboard with same name. While running the php artisan route:list command, I am getting an error that Unable to prepare route [admin/dasboard] for serialization. Another route has already been assigned name [admin.dashboard].
Web.php
Route::group([ 'prefix' => 'admin' ], function() {
...
/**
* Dashboard
*/
Route::get('/', 'Backend\DashboardController#index')->name('admin.dashboard');
Route::get('/dasboard', 'Backend\DashboardController#index')->name('admin.dashboard');
});
It was working fine in the previous versions of laravel.
How to fix this..?
You are using named routes i.e. ->name(admin.dashboard) twice but named route must be unique that is why you are getting error
Route::get('/', 'Backend\DashboardController#index')->name('admin.dashboard');
Route::get('/dasboard', 'Backend\DashboardController#index')->name('admin.dashboard');
To solve this change any one of your route to something else for e.g
Route::get('/', 'Backend\DashboardController#index')->name('admin'); // changed admin.dashboard to admin
Route::get('/dasboard', 'Backend\DashboardController#index')->name('admin.dashboard');
You can't have two routes with the same names.
Route::group([ 'prefix' => 'admin' ], function() {
...
/**
* Dashboard
*/
Route::get('/', 'Backend\DashboardController#index')->name('home.dashboard');
Route::get('/dasboard', 'Backend\DashboardController#index')->name('admin.dashboard');
});
Thank you #Sehdev...
Here is the final code that I am using. Although, even with both routes mentioned in the web.php, you can only see the route in the browser, that is written at end, which in my case is /dashboard. However, both (/, /dashboard) route are working now.
Route::namespace('Backend')->prefix('admin')->group(function() {
...
/**
* Dashboard
*/
Route::get('/', 'DashboardController#index')->name('admin.dashboard');
Route::get('/dashboard', 'DashboardController#index')->name('admin.dashboard');
});
Many thanks again :)
i'm using laravel 6 and have 2 route in my app; index and dashboard.
My routes/web is:
Auth::routes();
Route::middleware(['auth'])->group(function () {
Route::get('/index', 'todoApp\TodoController#index')->name('index');
Route::get('/dashboard', 'todoApp\Dashboard#dashboard')->name('dashboard');
});
i added dashboard route recently.
Auth::user() is null when i dump it in dashboard route but doesn't in index. What's the
Your Controller is instantiated before the middleware stack has ran; this is how Laravel can know what middleware you have set via the constructor. Because of this you will not have access to the authenticated user or sessions at this point. Ex:
public function __construct()
{
$this->user = Auth::user(); // will always be null
}
If you need to assign such a variable or access this type of information you would need to use a controller middleware which will run in the stack after the StartSession middleware:
public function __construct()
{
$this->middleware(function ($request, $next) {
// this is getting executed later after the other middleware has ran
$this->user = Auth::user();
return $next($request);
});
}
When the dashboard method is called, the middleware stack has already passed the Request all the way through to the end of the stack so all the middleware needed for Auth to be functioning and available has already ran at that point which is why you have access to Auth::user() there.
I think that this has something to do with the 'web' middleware. If you take a look into the Kernel.php (In app\Http) you will find the web middleware group.
This will show you that it actually calls a middleware called StartSession. Based on your route file (where web is not included as a middleware) I would think that you don't have a session in your Controller and there for no access to it.
I don't quite understand why this only happens in your /dashboard route, because the issue should also be in your /index route (unless you added the web middleware somewhere in your TodoController).
I think that this should do the trick:
Route::middleware(['web', 'auth'])->group(function () {
Route::get('/index', 'todoApp\TodoController#index')->name('index');
Route::get('/dashboard', 'todoApp\Dashboard#dashboard')->name('dashboard');
});
If you fire php artisan make:auth command.
It's doesn't matter where you define because of it's only define auth route
Route::middleware(['auth'])->group(function () {
Route::get('/index', 'todoApp\TodoController#index')->name('index');
Route::get('/dashboard', 'todoApp\Dashboard#dashboard')->name('dashboard');
});
Auth::routes();
I am using Larave 5 for my project. In my project i am using laravel default auth which use this command php artisan make:auth. And i set middleware in my route.php as shown
Route::group(['middleware' => 'web'], function () {
// Authentication Routes...
Route::auth();
Route::get('/', 'Auth\AuthController#getLogin');
Route::post('auth/login', 'Auth\AuthController#postLogin');
Route::get('auth/logout', 'Auth\AuthController#getLogout');
// Admin Roles Routes...
Route::get('admin/roles', 'AdminController#showRoles');
});
Now my question is if i user is logout and click on browser back button user login and user can access like add, edit, delete view after logout. So how can i handle this situation. Please help i think some code i miss out.
First of all, your Route::auth() does already has login and logout functions, if you run 'php artisan route:list' in your terminal you can see which routes are available etc..
Second of all you can create a group like shown below for your admin stuff:
Route::group(['middleware' => 'web'], function () {
// Authentication Routes...
Route::auth();
// Admin Roles Routes...
Route::group(['prefix'=>'admin', 'middleware'=>'auth'], function() {
Route::get('roles', 'AdminController#showRoles');
});
});
I hope this works for you ;)
Btw, the Laravel docs tell you a lot..., so make sure you watch them first ;)
First thing is you don't need to apply web middleware as it already applied to your routes by RouteServiceProvider, see https://laravel.com/docs/5.2/middleware#registering-middleware
Secondly, when use Route:auth() it is a shortcut for:
$this->get('login', 'Auth\AuthController#showLoginForm');
$this->post('login', 'Auth\AuthController#login');
$this->get('logout', 'Auth\AuthController#logout');
$this->get('register', 'Auth\AuthController#showRegistrationForm');
$this->post('register', 'Auth\AuthController#register');
$this->get('password/reset/{token?}', 'Auth\PasswordController#showResetForm');
$this->post('password/email', 'Auth\PasswordController#sendResetLinkEmail');
$this->post('password/reset', 'Auth\PasswordController#reset');
So you don't need to define these routes:
Route::post('auth/login', 'Auth\AuthController#postLogin');
Route::get('auth/logout', 'Auth\AuthController#getLogout');
Lastly, why you put login on your home page?
Route::get('/', 'Auth\AuthController#getLogin');
This example should be work:
Route::group(['middleware' => 'auth'], function () {
Route::get('/', function () {
return 'Hello! You are logged in.';
});
// Admin Roles Routes...
Route::get('admin/roles', 'AdminController#showRoles');
});
Route::auth();
With the routes above when unauthenticated user trying to access your home page http://yoursite.com and http://yoursite.com/admin/roles, user will be redirected to http://yoursite.com/login since those pages are protected by auth middleware.
An addition to #Rick answer.
You can also manually set a middleware inside the __construct() function of your controller.
Example:
// SomeController.php
public function __construct()
{
$this->middleware('auth');
}
Documentation
I am using Laravel version 5. I have a route file for my project which contains plenty of lines. I need to put authentication like Redirect to login page if the user is not logged in. And I also want to prevent direct URL access if the user not logged in. What can I do?
And I have used below code
Route::group(array('before' => 'auth'), function(){
Route::get('/', 'HomeController#index');
});
But this prevents only for home page. I need to protect All my routes. And also suggest me how to reduce route file lines.
You can put as many routes in a Group as you like to
Route::group(array('before' => 'auth'), function(){
Route::get('/', 'HomeController#index');
Route::post('store', 'HomeController#store');
Route::get('show', 'AnotherController#index');
// ...
});
If you really need to protect all your routes, you could add
public function __construct()
{
$this->middleware('auth');
}
To your main controller class, Http/Controllers/Controller
Edit for your comment, taken from the docs, you may use
return redirect()->intended('view');
/**
* Handle an authentication attempt.
*
* #return Response
*/
public function authenticate()
{
if (Auth::attempt(['email' => $email, 'password' => $password]))
{
return redirect()->intended('dashboard');
}
}
}
i am new to laravel,
i have code in my controller's __construct like
if(Auth::check())
{
return View::make('view_page');
}
return Redirect::route('login')->withInput()->with('errmessage', 'Please Login to access restricted area.');
its working fine, but what i wants is. its really annoying to put these coding in each and every controller, so i wish to put this Verify Auth and redirect to login page in one place, may be in router.php or filters.php.
I have read some posts in forum as well as in stackoverflow, and added code in filters.php like below but that's too not working.
Route::filter('auth', function() {
if (Auth::guest())
return Redirect::guest('login');
});
Please help me to resolve this issue.
Laravel 5.4
Use the built in auth middleware.
Route::group(['middleware' => ['auth']], function() {
// your routes
});
For a single route:
Route::get('profile', function () {
// Only authenticated users may enter...
})->middleware('auth');
Laravel docs
Laravel 4 (original answer)
That's already built in to laravel. See the auth filter in filters.php. Just add the before filter to your routes. Preferably use a group and wrap that around your protected routes:
Route::group(array('before' => 'auth'), function(){
// your routes
Route::get('/', 'HomeController#index');
});
Or for a single route:
Route::get('/', array('before' => 'auth', 'uses' => 'HomeController#index'));
To change the redirect URL or send messages along, simply edit the filter in filters.php to your liking.
To avoid code repetition, You can use it in middleware. If you are using the Laravel build in Auth, You can directly use the auth middleware as given,
Route::group(['middleware' => ['auth']], function() {
// define your route, route groups here
});
or, for a single route,
Route::get('profile', function () {
})->middleware('auth');
If you are building your own, custom Authentication system. You should use the middleware which will check the user is authenticated or not. To create custom middleware, run php artisan make:middleware Middelware_Name_Here and register the newly created middleware.
It's absolutely correct what other people have replied.
This solution is for Laravel 5.4
But just in case, if you have more than one middleware applying to routes, make sure 'auth' middleware comes in the end and not at the start.
Like this:
Route::prefix('/admin')->group(function () {
Route::group(['middleware' => 'CheckUser', 'middleware' => 'auth'], function(){
});
});
Route::middleware(['auth'])->group(function () {
Route::get('dashboard','BackendController#dashboard')->name('dashboard');
});
This entry in the web.php route will take the user [who is not logged in] to the login page if (s)he tries to access a 'protected' URL, "dashboard" in this case.