I have strange behavior on one of route groups I have defined e.g
Route::group(['prefix' => 'admin', 'middleware' => ['web','auth']], function (){
//admin routes
}
);
Whenever I defined 'middleware' => ['web','auth'], routes are accessible after login , but without 'web' I am redirected to / home.
What I thought was that , 'web' is default middleware injected ,please correct me if I am wrong. Otherwise there is some other setting that is affecting this behavior ?
Laravel comes with web middleware groups that contains common middleware you may want to apply to web UI routes. the web middleware group is automatically applied to your default routes.php file by the RouteServiceProvider.
The web middleware is default now, but if you have create laravel app skeleton a while ago you have to update the route provider . You can see the changes in this diff
Related
For apis auth I am currently using:
Route::group([
'middleware' => 'auth:api'
], function() {
Route::post('logout', 'AuthController#logout');
Route::get('user', 'AuthController#user');
});
If I want to use same for session based logins do I need to create same routes in web.php file or can I set up middleware in AuthController constructor with something like this or this?
In this answer 'auth:api' means auth is checking for api so do I need to pass anything there to check for sessions like 'auth:api,web' or what?
Create same routes in web.php just ommit the middleware, as web middleware is applied automatically. Same goes for api.php, auth:api is default middleware there.
I am building a system where the user creates a project and then the project has pages and routes.
I am working out the URL structure now and in Laravel is there a good way with middle ware to get the project information. Here's what I am thinking for the route structure:
{project}/
{project}/something
{project}/something/else
{project}/settings
Route::group with a prefix seems like the best way to include all the middleware. Is there a way I can write a middleware class to check if the {project} exists and then send the data to the view?
Route::group([
'prefix' => '{project}',
'middleware' => [
'auth',
'getprojectstuffandthings'
], ], function () {
// project routes
}
]);
I need to configure middleware in Laravel that all controllers will be secured by Auth.
I mean that will redirection for every incoming request if user is not authorized.
You can do the following in your routes file:
Route::group(['prefix' => 'admin'], function () {
Route::group(['middleware' => ['auth'], function() {
...Your routes here
This will apply the auth middleware to all routes prefixed with admin. You can of course also leave the prefix away if you don't need it.
I have a homegrown, Laravel 5.1 base application on top of which I build specific applications. The base application uses a named route for login, naturally called "login", which listens for GET /login.
In one of my specific applications, I attempted to overload that route to send the requests to a different controller. It seemed to work for a while, but then it started going to the base application's controller again. I'm sure I changed something to break it, but the problem is that I can't figure out how to fix it again.
My base application routes are all defined in app/Http/Routes/core.php. The relevant route:
Route::get('login', [
'as' => 'login',
'uses' => '\MyVendor\Core\Http\Controllers\AuthController#getLogin'
]);
My specific application routes are defined in app/Http/Routes/app1.php. The relevant route:
Route::get('login', [
'as' => 'login',
'uses' => 'App1\AuthController#getLogin'
]);
App2 and App3 are defined similarly. My app/Http/routes.php adds these routes like this:
require 'Routes/core.php';
Route::group(['domain' => 'app1.com'], function() {
require 'Routes/app1.php';
});
Route::group(['domain' => 'app2.com', function() {
require 'Routes/app2.php';
});
Route::group(['domain' => 'app3.com', function() {
require 'Routes/app3.php';
});
The problem I am seeing is that visiting app1.com/login, app2.com/login, and app3.com/login all result in the execution of \MyVendor\Core\Http\Controllers\AuthController#getLogin rather than App1\AuthController#getLogin.
EDIT: I have changed the problem description since I was describing it incorrectly as a problem with calls to route('login').
The index of the routes in Laravel follows a "$domain$uri" format, therefore routes with a domain won't overwrite those without. A fallback route without a domain should be declared after the domain group, so it is later in the route collection and won't match before a route with a matching domain.
"the most recent definition for a route is the effective route"
This is not a bug, this is the expected behaviour, a simple example would be setting a variable to value 1 then setting it to value 2, of course the (most) recent value takes place.
I want to restrict some routes of my application and only allow that to only my authenticated user.
I tried check using the auth:check() function but it doesn't seem to work.
// Route Restriction
if (Auth::check()){
//Web Directory
Route::get('web-directory','WebDirectoryController#index');
}
When I got to mysite/web-directory I still get 404 Error - even if I'm currently log-in.
What is the best way to restrict any routes in Laravel 5.0 ?
All right, so I figured out the solution to my own question.
I restrict my routes by doing this
// Route group
$router->group(['middleware' => 'auth'], function() {
//Web Directory
Route::get('web-directory','WebDirectoryController#index');
}
Now, I can go to my route fine, and 404 Error will only kick in when the user is not yet log-in.
I hope this help someone.
This can be achieved by restricting routes individually too:
Route::get('web-directory', [
'middleware' => 'auth',
'uses' => 'WebDirectoryController#index'
]);