I have faced some problem when i am going to use middleware group of Laravel 5.2 framework.
My routes.php file is:
Route::group(['prefix' => 'categories'], function () {
Route::get('all', ['as' => 'allCategory' , 'uses' => 'CategoryController#index']);
Route::get('add', ['as' => 'addCategory', 'uses' => 'CategoryController#create']);
Route::get('edit/{id}', ['as' => 'editCategory', 'uses' => 'CategoryController#edit']);
Route::post('save', ['as' => 'saveCategory', 'uses' => 'CategoryController#store']);
Route::put('update', ['as' => 'updateCategory', 'uses' => 'CategoryController#update']);
Route::get('delete/{id}', ['as' => 'deleteCategory', 'uses' => 'CategoryController#destroy']);
});
Route::group(['middleware' => ['web']], function () {
Route::get('/', function () {
return view('welcome');
});
Route::auth();
Route::get('/home', 'HomeController#index');
});
I am using here laravel defaults login/registration authentication.Using php artisan make:auth command.I want to give user restricted for some routes such as categories route group.So,
How can i restrict a user for categories route group?
If i use Route::group(['middleware' => ['auth']], function () { }); then i got an error. So what is the difference between 'web'
and 'auth' middleware ?
Thanks.
N.B : If you need to know about any files then just comment me below i will add those files.
This is a feature of laravel 5.2. 2 default middleware is web and api.
You need place category group route inside web middleware.
Web middleware make your request contains cookies, session, csrf_token used for authentication. Otherwise, api middleware used for application that simple query get or post without request header, assume mobile app.
Auth middleware based on web middleware.
Related
I'm trying to prevent people from accessing the /dashboard route unless they're authenticated(logged in). I looked at the laravel docs and here's what I thought I was supposed to do to accomplish this.
Route::group(['middleware' => 'auth'], function (){
Route::get('/dashboard', [
'uses' => 'UserController#getDashboard',
'as' => 'dashboard'
]);
});
You don't need to add that extra middleware in the route. Just use the group and you'll be fine. You can see here: https://laravel.com/docs/5.1/routing#route-groups
Route::group(['middleware' => 'auth'], function () {
// User needs to be authenticated to enter here.
Route::get('/', function () {
// Uses Auth Middleware
});
Route::get('user/profile', function () {
// Uses Auth Middleware
});
});
I created a new laravel project and laravel flash seems to not be working as i want. The moment I return to a route the flash is gone. I have controller method that does absolutly nothing but flash and return to a route.
Like so
public function activateContract(Request $request ){
return redirect()->to('test')->with('status', 'test');
}
My routes file
Route::group(['middleware' => 'web'], function () {
Route::auth();
Route::get('/', function(){
return redirect()->intended(route('contract.index'));
});
Route::group(['middleware' => 'auth'], function () {
Route::group(['prefix' => 'contract'], function(){
Route::get('', ['as' => 'contract.index' , 'uses' => 'User\ContractController#index']);
Route::post('', ['as' => 'contract.index' , 'uses' => 'User\ContractController#activateContract']);
Route::get('mijn', ['as' => 'user.contract.index' , 'uses' => 'User\ContractController#userContracts']);
});
});
Route::get('test', function(){
dd(session('status'));
});
c});
Here is the ouput of the die dump in the test route witch magicaly lost the flash message.
null
You need to send the message with the redirect like so:
return redirect()->to('test')->with('status', 'test');
And then you can access it with the session helper function:
session('status');
docs
Edit: Place your Route::get('test') into your group with middleware 'web'.
See more about HTTP Middleware here
Laravel 5.2 changed middleware document as :Keep in mind, the web middleware group is automatically applied to your default routes.php file by the RouteServiceProvider.
It means that if you keep a route in another ['middleware' => 'web'], the data set by session()->flash() would be lost by executed web middleware twice.
It is also the answer someone asked why web executed twice.
Laravel 5.2 : Web middleware is applied twice
I'm trying to define routes to access to some views, but it doesn't work :/
Route::group(['prefix' => 'messages'], function () {
Route::get('/', ['as' => 'messages', 'uses' => 'MessagesController#index']);
Route::get('create', ['as' => 'messages.create', 'uses' => 'MessagesController#create']);
Route::post('/', ['as' => 'messages.store', 'uses' => 'MessagesController#store']);
Route::get('{id}', ['as' => 'messages.show', 'uses' => 'MessagesController#show']);
Route::put('{id}', ['as' => 'messages.update', 'uses' => 'MessagesController#update']);
});
I'm always redirected to the home view ('/') of my project when I'm logged.
If I try to access as guest for example : http://myproject.dev/messages I receive a 404 error !
The package that I try to put in my project is : https://github.com/cmgmyr/laravel-messenger
I've installed it on a fresh installation of laravel 5.1 and it's work, but on my project it doesn't work !
My project is in local with MAMP PRO.
With the command php artisan route:list, I can see that routes exists !
EDIT : My routes for authentification was bad !
Route::controller('/','Auth\AuthController') is not a good solution !
To use the MessagesController the user must be authenticated. That means that the user must be logged. The idea is that if a user is not logged he must be redirect to the login page. To make this you must add the auth middleware to the Route::group. The auth middleware will detect if the user is logged and if is not logged it will be redirect to the login page.
Route::group(['middleware' => 'auth', 'as' => 'messages.', 'prefix' => 'messages'], function () {
Route::get('', ['as' => 'index', 'uses' => 'MessagesController#index']);
Route::get('create', ['as' => 'create', 'uses' => 'MessagesController#create']);
Route::post('', ['as' => 'store', 'uses' => 'MessagesController#store']);
Route::get('{id}', ['as' => 'show', 'uses' => 'MessagesController#show']);
Route::put('{id}', ['as' => 'update', 'uses' => 'MessagesController#update']);
});
I think that is this the error
I still can't comment, so I'll write an answer.
I never was able to put a 'root' route inside a Route's group. Laravel need's something there, you can't use "/" or "".
Seeing your code, I suggest you to use a resource view.
Route::resource('messages', 'MessagesController');
It will generate all your routes. I hope it helps.
I've set up sub-domains in Laravel 5.1 and they work fine when manually going to the URL of the route, but when I try to redirect from my controller using a named route, the basic user home route will always be loaded regardless of the sub-domain that sent the request.
Route::group(['domain' => 'admin.myapp.app'], function()
{
Route::get('/home', ['as' => 'home', 'uses' => 'AdminController#getHome']);
});
Route::group(['domain' => 'basic.myapp.app'], function()
{
Route::get('/home', ['as' => 'home', 'uses' => 'BasicController#getHome']);
});
One work around I found was to use
redirect()->to(route('home', [], false));
which will just return the URL of the named route. Anyone know if there is a better solution for this?
Let's say I have 2 urls:
localhost/backend/admin
localhost/backend/admin/users
In my routes.php, I would have a route that looks like this:
Route::group(array('prefix' => 'backend', 'before' => 'auth'), function(){
// Some methods I have on this controller are: getIndex, postUpdate, etc...
Route::controller('admin', 'AppBackend\Controllers\Admin\AdminController');
// Some methods I have on this controller are: getIndex, postUpdate, etc...
Route::controller('admin/users', 'AppBackend\Controllers\Admin\Users\UsersController');
});
The problem is that when I enter admin/users into the browser, Laravel thinks that I'm trying to call a method on the AdminController and finds it doesn't exist among the methods I have for this controller. It seems it would be more ideal, if a method is not found, for Laravel to continue down the routes file and hit my admin/users route and call UsersController.
2 Possible solution that I'm not fully satisfied with:
Reverse the order of the routes. This won't read as naturally as I would like it to, from top to bottom. Plus, I don't know how this solution will hold up over time with every case I have in the future.
Switch to using resource routes. I don't like using PUT/DELETE when it's not supported by some browsers. I like having my own set of action words (and simply renaming and adding to the default resources is not enough or becomes clunky). See also What is the value of using PUT/DELETE with Laravel?
Are there any other good solutions?
The best way of doing routes until now is to make them all manually one by one. In this article Phil Sturgeon pushed me to start to do that and I finally realized that I was having too much trouble using resourceful and restful for a little gain.
It's better to have control of your route listing. Resourceful controllers add too much info, like route parameters, and, to make resourceful controllers not create a bunch of routes I don't use I have to filter what should be generated. In the end it was simply easier to create one route every time I was creating a functionality on my application.
As far as I can tell, to process all your routes in the correct order, Laravel builds a list of your routes, exactly the same way if we were doing it manually. So, there is no performance penalty in doing them manually.
This is an example of my routes in an application I'm just starting:
// Firewall Blacklisted IPs blocked from all routes
Route::group(['before' => 'fw-block-bl'], function()
{
Route::group(['namespace' => 'Application\Controllers'], function()
{
// Pretty error message goes to this route
Route::get('error', ['as' => 'error', 'uses' => 'Error#show']);
Route::get('coming/soon', ['as' => 'coming.soon', 'uses' => 'ComingSoon#index']);
Route::post('coming/soon', ['as' => 'coming.soon.post', 'uses' => 'ComingSoon#register']);
Route::get('coming/soon/register', ['as' => 'coming.soon.register', 'uses' => 'ComingSoon#register']);
Route::post('coming/soon/audit', ['as' => 'coming.soon.audit', 'uses' => 'ComingSoon#audit']);
Route::get('coming/soon/activate/{code}', ['as' => 'coming.soon.activate', 'uses' => 'ComingSoon#activate']);
// Whitelisted on firewall will have access to those routes,
// otherwise will be redirected to the coming/soon page
Route::group(['before' => 'fw-allow-wl'], function()
{
Route::get('user/activate/{code}', ['as' => 'user/activate', 'uses' => 'User#activate']);
Route::get('user/activation/send/{email?}', ['as' => 'user/activation', 'uses' => 'User#sendActivation']);
Route::get('login', ['as' => 'login', 'uses' => 'Logon#loginForm']);
Route::post('login', ['as' => 'login', 'uses' => 'Logon#doLogin']);
Route::get('logout', ['as' => 'logout', 'uses' => 'Logon#doLogout']);
Route::get('register', ['as' => 'register', 'uses' => 'Register#registerForm']);
Route::get('user/recoverPassword/{code}', ['as' => 'user/recoverPassword', 'uses' => 'User#recoverPassword']);
Route::post('user/changePassword', ['as' => 'user/changePassword', 'uses' => 'User#changePassword']);
// Must be authenticated
Route::group(['before' => 'auth'], function()
{
Route::get('/', ['as' => 'home', 'uses' => 'Home#index']);
Route::get('profile', ['as' => 'profile', 'uses' => 'User#profile']);
Route::group(['prefix' => 'offices'], function()
{
Route::get('/', ['uses' => 'Offices#index']);
Route::get('create', ['uses' => 'Offices#create']);
});
Route::group(['prefix' => 'users'], function()
{
Route::get('/', ['uses' => 'Users#index']);
Route::get('create', ['uses' => 'Users#create']);
});
});
});
});
});
All controllers will be namespaced in Application\Controllers and all methods (or subroutes) are prefixed.
EDIT
I'm starting to think I dont name my routes too, I'm not really using them, but I'm still not certain of this, so routes names are not really clear in this raw example. Some also have a 'uses' that could be removed and they will as soon as I decide myself by using names or not.
EDIT 2
I don't do ->before() in routes, because I like to read my routes files sometimes and this method may only be visible after a big list of routes.