I am using backpack for laravel V4, Laravel 6, I defined roles and permissions and assigned file-manager permission and manager role to a user. When I try to use it in route middleware I get Forbidden Error 403, what I tried:
in routes/backpack/custom.php
'middleware' => ['web', config('backpack.base.middleware_key', 'admin'), 'can:file-manager']
when I use as instructed in spatie/laravel-permission documentation :
Route::group(['middleware' => ['role:manager']], function () {
//
});
I receive Target class [role] does not exist error.
I searched different places but no luck, please advise the right way to use permission manager in routes.
I ran into the same issue.
You must add the RoleMiddleware to your config, in app/Http/Kernel.php :
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
// [...]
'role' => \Spatie\Permission\Middlewares\RoleMiddleware::class,
];
My answer is a bit late, but I hope it will help others :)
Related
I've followed the instructions at https://github.com/strebl/ldap-auth with a brand new laravel project and I can't seem to get it to work. I have done the following:
Added the following line to app.php
Ccovey\LdapAuth\LdapAuthServiceProvider::class
Changed the driver to LDAP in auth.php
'providers' => [
'users' => [
'driver' => 'ldap',
'model' => App\User::class,
]
],
I've also created a adladap.php file that I haven't posted here.
I have also added middleware group in order to make sure the user was authenticated.
Route::group(['middleware' => 'auth'], function () {
Route::get('/test', function(){ return "Test";});
}
However when I try to go to the test route I get the following error
InvalidArgumentException in CreatesUserProviders.php line 40:
Authentication user provider [ldap] is not defined.
I'm sure there's some simple configuration that I've been looking over but for the life of me I can't figure out what it is.
If you are trying to do adminless LDAP, this might be of interest:
laravel-simple-ldap-auth
I have used Entrust for laravel, everything works fine until I used the middleware route filter.
Like I said everything works fine apart from the middlware filter. I have added the routemiddleware array to kernel. So this is basically what the filter looks like, same thing that is found in the docs:
Route::group(['prefix' => 'admin', 'middleware' => ['role:admin']], function() {
Route::get('/', 'AdminController#welcome');
Route::get('/manage', ['middleware' => ['permission:manage-admins'], 'uses' => 'AdminController#manageAdmins']);
});
But I've got this error:
ReflectionException in Container.php line 779: Class role:admin does
not exist
after you finish installation, you need run composer dump-autoload ,and make sure you follow every step of the doc
I followed the official JWT-Auth installation https://github.com/tymondesigns/jwt-auth/wiki/Installation.
I now have a middleware in my controller:
$this->middleware('jwt-auth', ['only' => ['postChange', 'postChoose']]);
I have also add Tymon\JWTAuth\Providers\JWTAuthServiceProvider::class to providers array in config/app.php
However when I make a request to the API I get this error message:
ReflectionException in Container.php line 737:
Class jwt-auth does not exist
Any help at all will be appreciated.
I have the same problem to use the middlewares you will have to register them in app/Http/Kernel.php under the $routeMiddleware property:
protected $routeMiddleware = [
...
'jwt.auth' => 'Tymon\JWTAuth\Middleware\GetUserFromToken',
'jwt.refresh' => 'Tymon\JWTAuth\Middleware\RefreshToken',
];
I have been facing a similar issue.
You have to add exactly
protected $routeMiddleware = [
.......
'jwt.auth' => \Tymon\JWTAuth\Middleware\GetUserFromToken::class,
'jwt.refresh' => \Tymon\JWTAuth\Middleware\RefreshToken::class,
];
Remember the "\" at the begining.
Laravel 5.2
I had the same problem and turned out that "\" is required on the begin of the path (per analogy to the other middleware entries) :
'jwt.auth' => \Tymon\JWTAuth\Providers\JWTAuthServiceProvider::class
and this resolved my problem (Laravel 5.1.4)
How to create login for different users like admin,users and managers to redirect to different dashboards .
I read about middleware in laravel documentation but didnt got how to do.
i referred following link
http://laravel.com/docs/5.1/middleware#registering-middleware
http://laravel.com/docs/5.1/authentication#protecting-routes
Please help me.
Thank you in advance
You need to create a middleware for your route.
Use php artisan make:middleware AdminMiddleware.
You will find in your middleware folder a new file with this name.
Put your logic in your middleware e.g
public function handle($request, Closure $next)
{
if(Auth::check())
{
return $next($request);
}
else
{
return view('auth.login')->withErrors('You are not logged in');
}
}
Once you have done your logic in your middleware, you can either call it in the route or make the middleware apply to all routes.
if you want to add it to all routes go to Kernal.php and add it to the $middleware array e.g
protected $middleware = [
'Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode',
'Illuminate\Cookie\Middleware\EncryptCookies',
'Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse',
'Illuminate\Session\Middleware\StartSession',
'Illuminate\View\Middleware\ShareErrorsFromSession',
'App\Http\Middleware\VerifyCsrfToken',
'App\Http\Middleware\AdminMiddleware',
];
If you want to add it to specific routes only, add it to the $routeMiddleware variable and add the alis to the route. e.g.
protected $routeMiddleware = [
'auth' => 'App\Http\Middleware\Authenticate',
'auth.basic' => 'Illuminate\Auth\Middleware\AuthenticateWithBasicAuth',
'guest' => 'App\Http\Middleware\RedirectIfAuthenticated',
'admin' => 'App\Http\Middleware\AdminMiddleware',
];
You can then add it to a route, as a filter e.g.
Route::get('admin/profile', ['middleware' => 'admin', function()
{
}]);
Note::this answer is given by stackoverflow user #Chris Townsend
Ref::
Roles with laravel 5, how to allow only admin access to some root
There is no need to provide different login for different users - you can simple login user and then check his role.
Suggest using Zizaco/Confide (https://github.com/Zizaco/confide) for users auth and Zizaco/Entrust (https://github.com/Zizaco/entrust/) for roles.
UPDATE
as OP doesn't want to use external packages:
route would look like this (for instance):
Route::put('post/{id}', ['middleware' => 'role:admin', function ($id) {
//
}]);
and in the middleware something to check if the user has a role:
if (! $request->user()->hasRole($role)) {
// whatever
}
UPDATE #2
Here is tutorial (based on Laravel 5.0 but should work):
http://heera.it/laravel-5-0-acl-using-middleware
For Laravel 5.1 Multiple Auth
https://github.com/Kbwebs/MultiAuth
You can use multiAuth for multiple authentication types
https://github.com/ollieread/multiauth
For Laravel 5
https://github.com/sboo/multiauth
You can achieve multiple authentication in laravel by using this package
https://packagist.org/packages/sarav/laravel-multiauth
Here I have already answered this question How to use authentication for multiple tables in Laravel 5
Answered same question here multiple login authentication
Create Controller and Middleware for multiple useres.
I used this method in my own project it's working.
You can try this.
I want to restrict some routes of my application and only allow that to only my authenticated user.
I tried check using the auth:check() function but it doesn't seem to work.
// Route Restriction
if (Auth::check()){
//Web Directory
Route::get('web-directory','WebDirectoryController#index');
}
When I got to mysite/web-directory I still get 404 Error - even if I'm currently log-in.
What is the best way to restrict any routes in Laravel 5.0 ?
All right, so I figured out the solution to my own question.
I restrict my routes by doing this
// Route group
$router->group(['middleware' => 'auth'], function() {
//Web Directory
Route::get('web-directory','WebDirectoryController#index');
}
Now, I can go to my route fine, and 404 Error will only kick in when the user is not yet log-in.
I hope this help someone.
This can be achieved by restricting routes individually too:
Route::get('web-directory', [
'middleware' => 'auth',
'uses' => 'WebDirectoryController#index'
]);