I have guard 'admin'.
how I know in Laraver guard work as multi auth(I can log in as a user and as Admin at once).
but I pretty surprise when I have an error about ERR_TOO_MANY_REDIRECTS when I log in as admin and try to check the page with auth middleware. Like admin this si no auth user no auth?
Have code like this
Route::group([ 'namespace' => 'Shop','middleware' => ['auth'], 'prefix' => 'shop'], function () {
Route::get('/', 'MainController#index')->name('shop');
Route::get('/search', 'MainController#search')->name('shop.search');
Route::get('/ajax-search', 'MainController#ajaxSearch')->name('shop.ajax-search');
Route::get('autocomplete', 'MainController#autocomplete')->name('shop.autocomplete');
Route::get('/searchbyname', 'MainController#searchbyname')->name('shop.searchbyname');
});
Route::group(['prefix' => 'cart','middleware' => ['auth:admin'], 'namespace' => 'Shop'], function () {
Route::get('/','CartController#index')->name('shop.cart');
Route::get('/add','CartController#add')->name('cart.add');
Route::get('/details','CartController#details')->name('cart.details');
Route::delete('/{id}','CartController#delete')->name('cart.delete');
});
how I can resolve this issue if I wanna that admin has all access as Authentication user + admin routes?
You can declare 2 middlewares in the Route::group. E.g.:
Route::group([ 'namespace' => 'Shop','middleware' => ['auth', 'auth:admin'], 'prefix' => 'shop'], function () {
...
});
maybe this helps you
Route::get('/', function () {
...})->middleware('first', 'second');
multiple middleware to the route
Related
i just want to group all my admin routes in my laravel. I'm a beginner in laravel and i want to synchronize all my admin routes in one group, my question is, why i cant put the post route inside the group of my admin routes?
Here is my routes:
Route::group(['as' => 'admin::', 'prefix' => 'admin'], function () {
Route::get('login', [
'as' => 'login',
'uses' => 'admin\AdminLoginController#index'
]);
Route::post('login', 'admin\AdminLoginController#auth')->name('admin.login');
});
my above code was returning error , where laravel says admin.login route doesn't exist. Then i tried to put the post route outside the group and it works. Why?.
Here is the code where returns no error:
Route::group(['as' => 'admin::', 'prefix' => 'admin'], function () {
Route::get('login', [
'as' => 'login',
'uses' => 'admin\AdminLoginController#index'
]);
});
Route::post('login', 'admin\AdminLoginController#auth')->name('admin.login');
Because you use as in your route group and it's admin:: and you may link to admin.
Now it goes to admin::login and you need admin.login
What is the best and correct way to write the following routing:
Route::group(['middleware' => ['web']],function (){
Route::prefix('user')->group(function () {
//this address shows the login page
Route::any('login', 'User#login_page');
//others address that control the login action
Route::prefix('login')->group(function (){
Route::get('google', 'User#check_user_login_with_google');
Route::post('form', 'User#check_user_login_with_form');
Route::get('google-url', 'User#redirect_to_google_url');
});
//these address control the registration actions
Route::any('register','User#register');
Route::any('register/check','User#check_user_registration');
});
});
You can do it all in one shot:
Route::group(['prefix' => 'user', 'as' => 'user.', 'middleware' => ['web']], function() {
Route::any('login', 'User#login_page');
...
})
You can use all these in a separate associated array and assign this array to the group here is how to do that .
Route::group(['prefix' => 'user', 'as' => 'user.', 'middleware' => ['web']], function() {
Route::any('login', 'User#login_page');
...
})
Hope this may help you
I'm in the process of upgrading our web app from laravel 4.2 to laravel 5.2. I've managed to solve most of the problems but this particular problem is leading me in loops.
This is how the route group for admin dashboard looks like:
Route::group(['middleware' => 'web','prefix' => 'adm'], function ()
{
Route::get('login', ['as' => 'admin.login.view', 'uses' => 'AdminLoginController#loginView']);
Route::post('login', ['as' => 'admin.login.attempt', 'uses' => 'AdminLoginController#attempt']);
Route::get('logout', ['as' => 'admin.logout', 'uses' => 'AdminLoginController#logout']);
...other routes pertaining to admin dashboard
}
The login functions and all functions within the admin panel work as expected. The only problem is when the user logs out, any one can access the remaining routes in the admin panel (no login required). I have placed Auth::check() and checked for auth in various controllers, the login and logout work as expected.
Auth::check() fails if user is not logged in and passes if user has logged in.
How do I make sure all the routes within this group are accessible only to logged in users. I have tried creating another middleware called authAdmin and tried to use that instead of the web middleware. In that case I can't even login.
I create new middleware for login and in the page look like this
namespace App\Http\Middleware;
use Closure;
class Login
{
public function handle($request, Closure $next)
{
$messages = config('message');
if ($request->session()->has('userId')) {
return $next($request);
}
return redirect('/')->withErrors("Please login first");
}
}
In Kenel.php register Login class
protected $routeMiddleware = [
'login' => \App\Http\Middleware\Login::class,
...
In route file
Route::group(['middleware' => ['web'],'prefix' => 'adm'], function () {
Route::get('login', ['as' => 'admin.login.view', 'uses' => 'AdminLoginController#loginView']);
Route::post('login', ['as' => 'admin.login.attempt', 'uses' => 'AdminLoginController#attempt']);
Route::get('logout', ['as' => 'admin.logout', 'uses' => 'AdminLoginController#logout']);
Route::group(['middleware' => 'login'], function () {
[Your other route here]
});
)};
Hope this help
I'm trying to implement a simple CMS with Laravel 5.2 which basically handles two kinds of routes. The first one is used to browse a website view, that has to be {view}.html. The controller iterates the database records and if it can't find that page, will return a 404 error page:
Route::get('/{page}', [
'as' => 'page',
'uses' => 'Website\WebsiteController#showPage'
])->where(['page' => '.+(\.html)']);
For example these routes will match:
www.mydomain.ext/homepage.html
www.mydomain.ext/about.html
www.mydomain.ext/news.html
www.mydomain.ext/contact.html
and so on. The second one is a route group for the admin control panel:
Route::group([
'prefix' => env('ADMIN_PREFIX', 'admin'),
'as' => env('ADMIN_PREFIX', 'admin') . '::',
'middleware' => ['auth']
], function() {
/*
* ADMIN ROUTES
*/
});
So all the routes in this group will be something like:
www.mydomain.ext/admin/dashboard
www.mydomain.ext/admin/user/1
www.mydomain.ext/admin/page/2
and so on.
From what I've found here:
Laravel matches routes from the top down. So all you need to do is put 'campaigns/add' above the wildcard route.
And that's what I've done:
routes.php
Route::group([
'prefix' => Localization::setLocale(),
'middleware' => ['localeSessionRedirect', 'localizationRedirect']
// LaravelLocalization (https://github.com/mcamara/laravel-localization)
], function() {
Route::auth();
// admin routes
Route::group([
'prefix' => env('ADMIN_PREFIX', 'admin'),
'as' => env('ADMIN_PREFIX', 'admin') . '::',
'middleware' => ['auth']
], function() {
/*
* ADMIN ROUTES
*/
});
Route::get('/{page}', [
'as' => 'page',
'uses' => 'Website\WebsiteController#showPage'
])->where(['page' => '.+(\.html)']);
});
But when I try to call an admin route, Laravel throws this error:
Missing argument 1 for App\Http\Controllers\Website\Core\WebsiteCoreController::showPage()
So I suppose I'm doing something wrong... Any suggestions on how to fix my code?
Thanks everyone in advance
I have the following routes in place:
Route::group(['prefix' => 'api/v1', 'middleware' => 'api'], function() {
Route::resource('authenticate', 'AuthenticateController', ['only' => ['index']]);
Route::post('authenticate', 'AuthenticateController#authenticate');
Route::resource('users', 'UserController');
});
The UserController has a test to ensure that when a user is submitted via POST, that it validates the input correctly. This should return a 422 when invalid, but it actually returns a 302. In Postman, it raises a CSRF token error, suggesting the web middleware group is being applied, which is not the behaviour I want.
How can I prevent this happening?
In RouteServiceProvider.php change
$router->group([
'namespace' => $this->namespace, 'middleware' => 'web',
], function ($router) {
require app_path('Http/routes.php');
});
to:
$router->group([
'namespace' => $this->namespace,
], function ($router) {
require app_path('Http/routes.php');
});
And then wrap your web routes with Route::group(['middleware' => 'web']) in routes.php. So api routes will be not affected by web middleware.