I'm starting a new app in 5.3 and want to implement the solution for the auth check as stated here
I'm using the register and login models out of the box for 5.3. I've only worked a month on Laravel so struggling to fully interpret the solution.
I moved the HomeController.php to the Auth folder under controllers and added the following use statements: use App\User;
use Illuminate\Support\Facades\Auth;
I editd the HomeController constructor as follow:
public function __construct()
{
//$this->middleware('auth');
$this->middleware(function ($request, $next) {
$this->user= Auth::user();
return $next($request);
});
}
Here's my controller screenshot.
Still get the "Session store not set on request." error when I try to register.
I read this answer as well, but need more guidance please. Just want to get 5.3 out of the box authentication to work.
Here is my Auth folder structure.
Here is my routes/web.php
RouteServiceProvider.php
<?php
namespace App\Providers;
use Illuminate\Support\Facades\Route;
use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider;
class RouteServiceProvider extends ServiceProvider
{
protected $namespace = 'App\Http\Controllers';
/**
* Define your route model bindings, pattern filters, etc.
*
* #return void
*/
public function boot()
{
//
parent::boot();
}
/**
* Define the routes for the application.
*
* #return void
*/
public function map()
{
$this->mapApiRoutes();
$this->mapWebRoutes();
//
}
/**
* Define the "web" routes for the application.
*
* These routes all receive session state, CSRF protection, etc.
*
* #return void
*/
protected function mapWebRoutes()
{
Route::group([
'middleware' => 'web',
'namespace' => $this->namespace,
], function ($router) {
require base_path('routes/web.php');
});
}
/**
* Define the "api" routes for the application.
*
* These routes are typically stateless.
*
* #return void
*/
protected function mapApiRoutes()
{
Route::group([
'middleware' => 'api',
'namespace' => $this->namespace,
'prefix' => 'api',
], function ($router) {
require base_path('routes/api.php');
});
}
}
The Kernel:
<?php
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
/**
* The application's global HTTP middleware stack.
*
* These middleware are run during every request to your application.
*
* #var array
*/
protected $middleware = [
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
];
/**
* The application's route middleware groups.
*
* #var array
*/
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'api' => [
'throttle:60,1',
'bindings',
],
];
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* #var array
*/
protected $routeMiddleware = [
'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
];
}
Related
in laravel 7.x I have some problem.
I have an url: https://domain/manage/home and only admin can access this url with admin role but when I access, it redirect to https://domain
I don't know how it's work.
There is my code in config/auth.php:
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Admin::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
There is my code in App\Admin.php:
<?php
namespace App;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
class Admin extends Authenticatable
{
use Notifiable;
protected $guard = 'admin';
protected $table = 'users';
protected $fillable = [
'name', 'username', 'email', 'password',
];
protected $hidden = [
'password', 'remember_token',
];
protected $casts = [
'email_verified_at' => 'datetime',
];
}
There is my code in App\Http\Controllers\Admin\ManageController.php:
<?php
namespace App\Http\Controllers\Admin;
use App\TypeProduct;
use Illuminate\Http\Request;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Support\Facades\Auth;
use App\Http\Controllers\Controller;
class ManageController extends Controller {
use AuthenticatesUsers;
public function __construct()
{
$this->middleware('auth:admin');
}
public function guard()
{
return Auth::guard('admin');
}
public function index()
{
return view('menu/manage/manage_home');
}
}
There is my code in App\Providers\RouteServiceProvider.php:
namespace App\Providers;
use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider;
use Illuminate\Support\Facades\Route;
class RouteServiceProvider extends ServiceProvider
{
/**
* This namespace is applied to your controller routes.
*
* In addition, it is set as the URL generator's root namespace.
*
* #var string
*/
protected $namespace = 'App\Http\Controllers';
/**
* The path to the "home" route for your application.
*
* #var string
*/
public const HOME = '/';
/**
* Define your route model bindings, pattern filters, etc.
*
* #return void
*/
public function boot()
{
//
parent::boot();
}
/**
* Define the routes for the application.
*
* #return void
*/
public function map()
{
$this->mapApiRoutes();
$this->mapWebRoutes();
$this->mapAdminRoutes();
}
/**
* Define the "web" routes for the application.
*
* These routes all receive session state, CSRF protection, etc.
*
* #return void
*/
protected function mapWebRoutes()
{
Route::middleware('web')
->namespace($this->namespace)
->group(base_path('routes/web.php'));
}
/**
* Define the "api" routes for the application.
*
* These routes are typically stateless.
*
* #return void
*/
protected function mapApiRoutes()
{
Route::prefix('api')
->middleware('api')
->namespace($this->namespace)
->group(base_path('routes/api.php'));
}
protected function mapAdminRoutes()
{
Route::middleware('web')
->namespace($this->namespace . '\Admin')
->group(base_path('routes/admin.php'));
}
}
There is my code in routes\admin.php:
<?php
use Illuminate\Support\Facades\Route;
use Illuminate\Support\Facades\App;
Route::prefix('manage')->group(function () {
Route::get('/home', 'ManageController#index')->name('manage.index');
});
Laravel middle-ware keeps redirecting me to welcome page even if the user is an admin. what i want is if a user is an admin,then he/she can view the routes for the admin, otherwise the user should be redirected to the root page "('/').
I believe i have done everything correctly but somehow i can not view the admin pages, i am redirected to the root page even if a user is an admin.
please assist me fix this bug.
Admin middle-ware class
class Admin
{
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure $next
* #return mixed
*/
public function handle($request, Closure $next)
{
if(Auth::user()->isAdmin()){
return $next($request);
}
return redirect('/');
}
}
User Model
<?php
namespace App;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
class User extends Authenticatable
{
use Notifiable;
/**
* The attributes that are mass assignable.
*
* #var array
*/
protected $fillable = [
'name', 'email', 'password', 'role_id','photo_id','gender'
];
/**
* The attributes that should be hidden for arrays.
*
* #var array
*/
protected $hidden = [
'password', 'remember_token',
];
/**
* The attributes that should be cast to native types.
*
* #var array
*/
protected $casts = [
'email_verified_at' => 'datetime',
];
//A role Belongs to a User//
public function role(){
return $this->belongsTo('App\Role');
}
public function photo(){
return $this->belongsTo('App\Photo');
}
public function isAdmin(){
if($this->role->name =='Administrator'){
return true;
}
return false;
}
}
Routes(web.php)
<?php
use Illuminate\Support\Facades\Route;
/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| contains the "web" middleware group. Now create something great!
|
*/
Auth::routes();
Route::group(['middleware'=>'web'],function(){
Route::get('/', function () {
return view('welcome');
});
Route::get('/', [
'uses'=>'HomeController#index',
'as'=>'welcome'
]);
});
Route::group(['middleware'=>['admin']],function(){
Route::resource('/admin/users','AdminUsersController');
Route::get('admin',[
'uses'=>'AdminUsersController#dashboard',
'as'=>'admin.index'
]);
Route::get('admin/users',[
'uses'=>'AdminUsersController#index',
'as'=>'admin.users'
]);
Route::get('admin/users/edit/{id}',[
'as'=>'admin.users.edit',
'uses'=>'AdminUsersController#edit'
]);
Route::get('admin/users/create',[
'as'=>'admin.users.create',
'uses'=>'AdminUsersController#create'
]);
});
Kernel.php
<?php
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
/**
* The application's global HTTP middleware stack.
*
* These middleware are run during every request to your application.
*
* #var array
*/
protected $middleware = [
\App\Http\Middleware\TrustProxies::class,
\Fruitcake\Cors\HandleCors::class,
\App\Http\Middleware\CheckForMaintenanceMode::class,
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
\App\Http\Middleware\TrimStrings::class,
\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
];
/**
* The application's route middleware groups.
*
* #var array
*/
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
// \Illuminate\Session\Middleware\AuthenticateSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'api' => [
'throttle:60,1',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
];
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* #var array
*/
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'admin' => \App\Http\Middleware\Admin::class,
];
}
Following is my middleware where I am setting some content on every request. For example cms_content in 'cms' session which I need to access in a helper to show the content in blade template.
<?php
namespace App\Http\Middleware;
use App\Repositories\EloquentCountryRepository;
use App\Repositories\EloquentCmsContentRepository;
use Closure;
use Location;
use Session;
class SetDefaultLanguage
{
// Instance of App\Repositories\EloquentCountryRepository;
public $country;
// Instance of App\Repositories\EloquentCmsContentRepository;
public $cmsContent;
/**
*
* Initialize dependencies
*/
public function __construct(EloquentCountryRepository $country, EloquentCmsContentRepository $cmsContent)
{
$this->country = $country;
$this->cmsContent = $cmsContent;
}
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure $next
* #return mixed
*/
public function handle($request, Closure $next)
{
//$location = Location::get(request()->ip());
//$location = Location::get('146.185.171.157'); // Netherlands IP
$location = Location::get('103.255.106.250'); // Indian IP
$country = $this->country->getCountryByCode($location->countryCode);
if($country->language_id){
$contents = $this->cmsContent->getContentByLanguageId($country->language_id);
}
if($contents->isEmpty()){
$contents = $this->cmsContent->getContentByLanguageId(1); // Default id for English
}
$contents = $contents->toArray();
foreach($contents as $content){
$cms[$content['meta_key']] = $content['meta_value'];
}
// Store CMS content into session
session(['cms' => $cms, 'country_id' => $country->id]);
//dd(session('cms'));
return $next($request);
}
}
Following is my helper method where i am accessing session data which i set in middleware.
public static function showDefault($key, $default_text = NULL){
if(isset(session('cms')[$key])){
return session('cms')[$key];
}else{
return $default_text;
}
}
When I dd() session on the same middleware it seems working but in helper it is not showing latest data which i have set in middleware.
Please help me out this, i am trying to solve this issue since last 2 hours but dint get any solution.
Finally i found the solution when i move my SetDefaultLanguage middleware from $middleware to web $middlewareGroups
<?php
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
/**
* The application's global HTTP middleware stack.
*
* These middleware are run during every request to your application.
*
* #var array
*/
protected $middleware = [
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
\App\Http\Middleware\TrimStrings::class,
\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
\App\Http\Middleware\TrustProxies::class,
];
/**
* The application's route middleware groups.
*
* #var array
*/
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
// \Illuminate\Session\Middleware\AuthenticateSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
\App\Http\Middleware\SetDefaultLanguage::class,
],
'api' => [
'throttle:60,1',
'bindings',
],
];
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* #var array
*/
protected $routeMiddleware = [
'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
];
}
Part of my application does not utilize standard user authentication, and lies outside the auth group in my routes file. I am using Laravel Passport, VueJS2, VueRouter. Laravel is serving two blade files; one for the authenticated part of the application, and the other for the non-authenticated part.
However, I find that when trying to access that part of the application, it still requires me to be authenticated (I get the 401: Unauthorized error).
I have looked through my configuration files, and I can't seem to figure out why this would be displayed.
My api.php file:
<?php
use Illuminate\Http\Request;
Route::group(['middleware' => 'auth'], function () {
// A lot of routes here...
});
// These should not be guarded
// This is the route that triggers the unauthenticated message
Route::post('authenticate', 'TestController#authenticate');
THe JS file that makes the request:
authenticateUser: function() {
var data = {
'id' : this.$route.params.id,
'passcode' : this.state.password,
};
var that = this;
axios({
method: 'post',
url: '/api/authenticate',
withCredentials: true,
data: data,
}).then(function(response) {
swal('Great!', 'You have been authenticated.', 'success');
that.$router.push('/client/create/' + that.$route.params.id);
}, function(error) {
swal('Woah!', 'Wrong password, go away.', 'error');
});
}
Here is my kernel.php file:
<?php
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
/**
* The application's global HTTP middleware stack.
*
* These middleware are run during every request to your application.
*
* #var array
*/
protected $middleware = [
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
\App\Http\Middleware\TrimStrings::class,
\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
];
/**
* The application's route middleware groups.
*
* #var array
*/
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
// \Illuminate\Session\Middleware\AuthenticateSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
\Laravel\Passport\Http\Middleware\CreateFreshApiToken::class,
],
'api' => [
'throttle:60,1',
'bindings',
],
];
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* #var array
*/
protected $routeMiddleware = [
'test.auth' => \App\Http\Middleware\VerifyTestAccess::class,
'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'test.state' => \App\Http\Middleware\VerifyTestState::class,
];
}
I want show the number of unread messages in the header of my site and a few other views. For this I wrote a global middleware, but this middleware can not access of auth info of the signed up user.
<?php
namespace PTA_OIMS\Http\Middleware;
use Illuminate\View\Factory;
use Closure;
use Illuminate\Contracts\Auth\Guard;
use PTA_OIMS\Kartable;
use Session;
class UnreadMessage
{
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure $next
* #return mixed
*/
protected $auth;
protected $view;
public function __construct(Guard $auth, Factory $view)
{
$this->auth = $auth;
$this->view = $view;
}
public function handle($request, Closure $next)
{
$unreadMessage = NULL;
$user = $this->auth->check();
if (!empty($user)) {
$unreadMessage = Kartable::
where('id_reciver', '=',
Session::get('personnel_info.0')->box_id)
->whereBetween('status', [1, 2])
->where('view_date', '=', Null)
->count();
}
$this->view->share('unreadMessage', $unreadMessage);
return $next($request);
}
}
UPDATE:
<?php
namespace PTA_OIMS\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
/**
* The application's global HTTP middleware stack.
*
* These middleware are run during every request to your application.
*
* #var array
*/
protected $middleware = [
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
\PTA_OIMS\Http\Middleware\UnreadMessage::class,
];
/**
* The application's route middleware groups.
*
* #var array
*/
protected $middlewareGroups = [
'web' => [
\PTA_OIMS\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\PTA_OIMS\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'api' => [
'throttle:60,1',
'bindings',
],
];
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* #var array
*/
protected $routeMiddleware = [
'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \PTA_OIMS\Http\Middleware\RedirectIfAuthenticated::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
];
}
Try to use global auth() helper:
$user = auth()->check();