I am trying to set up routing for different roles in my application but I am encountering an error. I want to know if the approach I am using is correct. I would like to specify the routes for each role and I am unsure if my method is the right one to achieve this.
This is my web.php file:
<?php
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Route;
/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| contains the "web" middleware group. Now create something great!
|
*/
//guest pages
Route::get('/', function () {
return redirect()->route('login');
});
Auth::routes();
route::middleware('auth')->group(function () {
Route::get('/home', [App\Http\Controllers\HomeController::class, 'index'])->name('home');
Route::middleware('hasRole:Super Admin')->prefix('SuperAdmin')->group(function () {
Route::prefix('users')->group(function () {
//users routes
Route::get('', [\App\Http\Controllers\UserController::class, 'index'])->name('users.index');
Route::get('profile/{id}', [\App\Http\Controllers\ProfileController::class, 'show'])->name('profile.show');
Route::put('profile/{id}', [\App\Http\Controllers\ProfileController::class, 'update'])->name('profile.update');
Route::delete('/delete_user/{id}', [\App\Http\Controllers\UserController::class, 'destroy'])->name('users.destroy');
Route::get('ajouter_utilisateur', [App\Http\Controllers\UserController::class, 'create'])->name('user.create');
Route::post('ajouter_utilisateur', [App\Http\Controllers\UserController::class, 'store'])->name('user.store');
});
Route::prefix('fournisseurs')->name('fournisseur.')->group(function () {
//fournisseurs routes
Route::get('', [App\Http\Controllers\FournisseurController::class, 'index'])->name('index');
Route::delete('{id}', [App\Http\Controllers\FournisseurController::class, 'destroy'])->name('destroy');
Route::get('edit_fournisseur/{id}', [\App\Http\Controllers\FournisseurController::class, 'edit'])->name('edit');
Route::put('fournisseurs/{id}', [\App\Http\Controllers\FournisseurController::class, 'update'])->name('update');
Route::get('ajouter_fournisseur', [App\Http\Controllers\FournisseurController::class, 'create'])->name('create');
Route::post('ajouter_fournisseur', [App\Http\Controllers\FournisseurController::class, 'store'])->name('store');
});
Route::prefix('factures')->name('facture.')->group(function () {
//factures routes
Route::get('', [App\Http\Controllers\FactureController::class, 'index'])->name('index');
Route::delete('{id}', [App\Http\Controllers\FactureController::class, 'destroy'])->name('destroy');
Route::get('ajouter_facture', [App\Http\Controllers\FactureController::class, 'create'])->name('create');
Route::post('ajouter_facture', [App\Http\Controllers\FactureController::class, 'store'])->name('store');
Route::get('download/{id}', [App\Http\Controllers\FactureController::class, 'downloadFacture'])->name('downloadFacture');
});
});
Route::middleware('hasRole:Admin')->prefix('Admin')->group(function () {
Route::prefix('users')->group(function () {
//users routes
Route::get('', [\App\Http\Controllers\UserController::class, 'index'])->name('users.index');
Route::get('profile/{id}', [\App\Http\Controllers\ProfileController::class, 'show'])->name('profile.show');
Route::put('profile/{id}', [\App\Http\Controllers\ProfileController::class, 'update'])->name('profile.update');
Route::delete('/delete_user/{id}', [\App\Http\Controllers\UserController::class, 'destroy'])->name('users.destroy');
Route::get('ajouter_utilisateur', [App\Http\Controllers\UserController::class, 'create'])->name('user.create');
Route::post('ajouter_utilisateur', [App\Http\Controllers\UserController::class, 'store'])->name('user.store');
});
Route::prefix('fournisseurs')->name('fournisseur.')->group(function () {
//fournisseurs routes
Route::get('', [App\Http\Controllers\FournisseurController::class, 'index'])->name('index');
});
Route::prefix('factures')->name('facture.')->group(function () {
//factures routes
Route::get('', [App\Http\Controllers\FactureController::class, 'index'])->name('index');
Route::get('download/{id}', [App\Http\Controllers\FactureController::class, 'downloadFacture'])->name('downloadFacture');
});
});
});
And with this solution i get the error message
Optimization failed (See output console for more details)
Can someone help me to find out the solution for this issue or suggest me the right way to do it?
for role management in Laravel I suggest you use "spatie/Laravel-permission".
this is documention link:
https://spatie.be/docs/laravel-permission/v5/introduction
after install this package you must create middleware for each role and then check those on web.php
Related
I'm doing some tests with Middleware to prevent the user not logged into the system from accessing pages that only logged in people can access. Apparently when I enter http://127.0.0.1:8000/fighter it returns to http://127.0.0.1:8000/login.
The problem occurs that when logging in I am redirected to http://127.0.0.1:8000/fighter and not to http://127.0.0.1:8000/dashboard which would be the correct.
<?php
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\FighterController;
use App\Http\Controllers\MasterController;
use App\Http\Controllers\DojoController;
/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| contains the "web" middleware group. Now create something great!
|
*/
Route::get('/', function () {
return view('welcome');
});
Route::get('/dashboard', function () {
return view('dashboard');
})->middleware(['auth'])->name('dashboard');
// fighter folder
Route::middleware('auth')->group(function(){
Route::controller(FighterController::class)->group(function() {
Route::get('/fighter', 'index')->name('fighter.index');
Route::get('/add-fighter', 'create')->name('fighter.create');
Route::post('/add-fighter', 'store')->name('fighter.store');
Route::get('/update-fighter/{id}', 'edit')->name('fighter.edit');
Route::patch('/update-fighter/{id}', 'update')->name('fighter.update');
Route::delete('/delete-fighter/{id}', 'destroy')->name('fighter.destroy');
});
});
// master folder
Route::middleware('auth')->group(function(){
Route::controller(MasterController::class)->group(function() {
Route::get('/master', 'index')->name('master.index');
Route::get('/add-master', 'create')->name('master.create');
Route::post('/add-master', 'store')->name('master.store');
Route::get('/update-master/{id}', 'edit')->name('fighter.edit');
Route::patch('/update-master/{id}', 'update')->name('fighter.update');
Route::delete('/delete-master/{id}', 'destroy')->name('fighter.destroy');
});
});
// dojo folder
Route::middleware('auth')->group(function(){
Route::controller(DojoController::class)->group(function() {
Route::get('/dojo', 'index')->name('dojo.index');
Route::get('/add-dojo', 'create')->name('dojo.create');
Route::post('/add-dojo', 'store')->name('dojo.store');
Route::get('/update-dojo/{id}', 'edit')->name('dojo.edit');
Route::patch('/update-dojo/{id}', 'update')->name('dojo.update');
Route::delete('/delete-dojo/{id}', 'destroy')->name('dojo.destroy');
});
});
require __DIR__.'/auth.php';
I could not run the in a resource route, Controller > Update function. When I try send a form to the update, the page is return to back. Even if the update functions is completely empty. But the functions has not be triggered.
My codes:
// Controller
public function update(UserRequest $r, $id)
{
die('asdasd');
}
// HTML
<form class="ban-form" style="visibility: hidden" action="{{ route('user.update', $user->id) }}" method="POST">
#method('PUT')
#csrf
</form>
The problem is probably in your UserRequest file.
Your request doesn't not pass the validation. Therefore you are redirected back to your form.
First, try to replace UserRequest with a simple Request in order to check if that's the problem and if it is, triple check your validations and dump the content of the $errors (using {{ dump($errors) }}) variable that is injected in your view when the validation is failling.
This is the full documentation on this topic: https://laravel.com/docs/8.x/validation#quick-displaying-the-validation-errors.
<?php
use Illuminate\Support\Facades\Route;
/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| contains the "web" middleware group. Now create something great!
|
*/
class_alias('App\Http\Controllers\HomeController', 'HomeController');
class_alias('App\Http\Controllers\AdminController', 'AdminController');
class_alias('App\Http\Controllers\FormController', 'FormController');
class_alias('App\Http\Controllers\ActionController', 'ActionController');
class_alias('App\Http\Controllers\UserController', 'UserController');
Route::get('/', 'HomeController#index')->name('home');
Route::get('giris-yap', 'HomeController#login')->name('user.login');
Route::get('kayit-ol', 'HomeController#register')->name('user.register');
Route::get('sifremi-unuttum', 'HomeController#forgotPassword')->name('user.forgot-password');
Route::get('hesabim', 'HomeController#account')->name('user.account');
Route::get('satin-al/{id}', 'HomeController#buy')->where('id','[0-9]+')->name('user.buy');
Route::get('satin-al/adim/2', 'HomeController#pay')->name('pay');
Route::get('{slug}', 'HomeController#slug')->name('slug');
Route::prefix('action')->group(function()
{
Route::get('logout', 'ActionController#logout')->name('user.logout');
});
Route::prefix('form')->group(function()
{
Route::post('login', 'FormController#login')->name('form.user.login');
Route::post('forgot-password', 'FormController#forgotPassword')->name('form.user.forgot-password');
Route::post('pay/{method}', 'FormController#pay')->where('method','(transfer|credit-card|crypto-currency)')->name('form.user.pay');
Route::post('contact', 'FormController#contact')->name('form.contact');
Route::post('update/pp', 'FormController#updatePP')->name('form.user.update.pp');
Route::post('update/profile', 'FormController#updateProfile')->name('form.user.update.profile');
});
Route::prefix('admin')->group(function()
{
Auth::routes();
Route::get('/index', 'App\Http\Controllers\AdminController#index')->name('admin.login');
Route::group(['middleware' => 'auth'], function () {
Route::resource('user', 'UserController');
Route::get('profile', ['as' => 'profile.edit', 'uses' => 'App\Http\Controllers\ProfileController#edit']);
Route::put('profile', ['as' => 'profile.update', 'uses' => 'App\Http\Controllers\ProfileController#update']);
Route::get('upgrade', function () {return view('pages.upgrade');})->name('upgrade');
Route::put('profile/password', ['as' => 'profile.password', 'uses' => 'App\Http\Controllers\ProfileController#password']);
});
});
I've been creating authentification for users and for admins with Laravel Hesto / multi Auth...
I've also created other views that can be reached only by admins. I also created the routes to access those pages...
Route::group(['prefix' => 'admin'], function () {
Route::get('/', function (){
return redirect('/admin/login');
});
Route::get('/login', 'AdminAuth\LoginController#showLoginForm')->name('login');
Route::post('/login', 'AdminAuth\LoginController#login');
Route::post('/logout', 'AdminAuth\LoginController#logout')->name('logout');
Route::get('/register', 'AdminAuth\RegisterController#showRegistrationForm')->name('register');
Route::post('/register', 'AdminAuth\RegisterController#register');
Route::post('/password/email', 'AdminAuth\ForgotPasswordController#sendResetLinkEmail')->name('password.request');
Route::post('/password/reset', 'AdminAuth\ResetPasswordController#reset')->name('password.email');
Route::get('/password/reset', 'AdminAuth\ForgotPasswordController#showLinkRequestForm')->name('password.reset');
Route::get('/password/reset/{token}', 'AdminAuth\ResetPasswordController#showResetForm');
// Routes settings admin
Route::resource('/settings/langs', 'Admin\LangController');
// Route core application
Route::resource('/mappings/sectors', 'Admin\SectorController');
});
My problem is that the route for settings/langs and mapping/sectors can be reached by not logged users ... And those page should be restricted...
Just wrapp them under auth middleware
Route::group(['prefix' => 'admin'], function () {
Route::get('/', function (){
return redirect('/admin/login');
});
Route::get('/login', 'AdminAuth\LoginController#showLoginForm')->name('login');
Route::post('/login', 'AdminAuth\LoginController#login');
Route::post('/logout', 'AdminAuth\LoginController#logout')->name('logout');
Route::get('/register', 'AdminAuth\RegisterController#showRegistrationForm')->name('register');
Route::post('/register', 'AdminAuth\RegisterController#register');
Route::post('/password/email', 'AdminAuth\ForgotPasswordController#sendResetLinkEmail')->name('password.request');
Route::post('/password/reset', 'AdminAuth\ResetPasswordController#reset')->name('password.email');
Route::get('/password/reset', 'AdminAuth\ForgotPasswordController#showLinkRequestForm')->name('password.reset');
Route::get('/password/reset/{token}', 'AdminAuth\ResetPasswordController#showResetForm');
Route::group(['middleware'=>'auth'], function(){
// Routes settings admin
Route::resource('/settings/langs', 'Admin\LangController');
// Route core application
Route::resource('/mappings/sectors', 'Admin\SectorController');
});
});
This will prevent non-auth users to access those routes.
I'm new to the laravel framework. I bought a project and I installed it but when I try to login to the admin panel localhost/admin/home it redirects me to the first page. Why is this? Is the problem in the authentication?
The template is adminLTE.
This is routes.php:
<?php
/*
|--------------------------------------------------------------------------
| Application Routes
|--------------------------------------------------------------------------
|
| Here is where you can register all of the routes for an application.
| It's a breeze. Simply tell Laravel the URIs it should respond to
| and give it the controller to call when that URI is requested.
|
*/
Route::group(['middleware' => ['web']], function () {
Route::auth();
Route::get('/', function () {
// $user = Auth::user();
// if($user->id == 2){
return view('welcome');
/* }else{
echo "Site En cours de mise a jours .. Veuillez patienter quelques minutes";
die();
}*/
});
Route::post('/post_login', 'HomeController#post_login');
Route::get('/admin/home', 'AdminController#index');
Route::get('/contact', 'HomeController#contact');
});
Route::group(['middleware' => 'web'], function () {
Route::get('/load_coup/{code}', 'HomeController#load_coup');
Route::get('/get_coup_div/{code}', 'HomeController#get_coup_div');
Route::get('/reset_coupon_div', 'HomeController#reset_coupon_div');
Route::get('/validate_coup/{price}/{type}', 'HomeController#validate_coup');
Route::get('/back', 'HomeController#back');
Route::get('/save/{price}', 'HomeController#save');
Route::get('/get_solde', 'HomeController#get_solde');
Route::get('/bet_list', 'HomeController#bet_list');
Route::get('/bet_list/{code}', 'HomeController#bet_details');
Route::get('/coupon/{id}', 'HomeController#print_coupon');
Route::get('/transaction/', 'HomeController#add_transaction');
Route::post('/transaction/', 'HomeController#store_transaction');
Route::get('/transaction_list/', 'HomeController#transaction_list');
Route::get('/profile/', 'HomeController#profile');
Route::post('/profile/', 'HomeController#edit_profile');
});
Route::group(['prefix' => 'admin', 'middleware' => ['web']], function () {
//Route::auth();
Route::get('/users', 'AdminController#user');
Route::get('/users/{id}', 'AdminController#edit_user');
Route::post('/update_user/', 'AdminController#update_user');
Route::post('/add_transaction/', 'AdminController#add_transaction');
Route::get('/match', 'AdminController#match');
//Route::post('/match', 'AdminController#match');
Route::get('/coupon', 'AdminController#coupon');
Route::get('/coupons/{id}', 'AdminController#edit_coupon');
});
Looks like you don't have admin or correction role. Because of that you are redirected to /.
Look at the post_login function in the HomeController there will be a return view or return redirect. You can change it to go to the view you wish.
I Want to skip the middleware for a particular route in a route group. How can I do this?
Route::group(['prefix' => 'testgroup','middleware' => ['login.oauth']],function (){
Route :: get('/', 'testController#index');
Route :: get('/api','testController#apiCall');
});
I want to skip the 'login.oauth' middleware for the Route :: get('/api','testController#apiCall')
Please keep that testgroup function must be accessible to all routes and middleware function to particular(some other route) in the same function
Route::group(['prefix' => 'testgroup'], function () {
Route::group(['middleware' => ['login.oauth'], function() {
Route :: get('/', 'testController#index');
});
Route :: get('/api','testController#apiCall');
});
Just create a second group without the middleware:
Route::group(['prefix' => 'testgroup','middleware' => ['login.oauth']],function (){
Route :: get('/', 'testController#index');
});
Route::group(['prefix' => 'testgroup'],function (){
Route :: get('/api','testController#apiCall');
});