I'm wondering if it is possible to make the authentication redirect differently for each of my controllers? Currently, everything redirects to /home. This is intended for my HomeController. But for ClientController, I want it to redirect to /client (if authenticated) and not /home. Do I have to make a new middleware for each of my controllers or is there a way to accomplish this by reusing auth?
RedirectIfAuthenticated.php
if (Auth::guard($guard)->check()) {
return redirect('/home'); //anyway to change this to /client if coming from ClientController?
}
I have this on my ClientController.php
public function __construct()
{
$this->middleware('auth');
}
Thanks in advance! Fairly new to Laravel and Middleware.
Just use this in User model:
protected $redirectTo = '/client';
You can also achieve this by changing Laravel's core file. If you are using Laravel 5.2 go to project_folder\vendor\laravel\framework\src\Illuminate\Foundation\Auth\RedirectsUsers.php
You can find the following code:
public function redirectPath()
{
if (property_exists($this, 'redirectPath')) {
return $this->redirectPath;
}
return property_exists($this, 'redirectTo') ? $this->redirectTo : '/home'; //Change the route in this line
}
Now, change /home to /client. However, I recommend not to change core files. You can use the first one.
Never mind, I was able to make things work with proper routing.
Added ClientController under web middle which is responsible for all of the authentication.
Route::group(['middleware' => ['web']], function () {
Route::resource('client', 'ClientController');
}
And in
ClientController.php, add to use auth middleware.
public function __construct()
{
$this->middleware('auth');
}
public function index()
{
return view('client');
}
Related
I have a ASP.NET Core 2.1 MVC application, and I'm trying to return a separate html view when an exception occurs. The reason for this is that if there are errors, we don't want google to register the redirects to the error page for our SEO (I've omitted development settings to clear things up).
Our startup contained this:
app.UseExceptionHandler("/Error/500"); // this caused a redirect because some of our middleware.
app.UseStatusCodePagesWithReExecute("/error/{0}");
But we want to prevent a redirect, so we need to change the UseExceptionHandler.
I've tried to use the answer from this question like below:
app.UseExceptionHandler(
options =>
{
options.Run(
async context =>
{
context.Response.StatusCode = (int)HttpStatusCode.InternalServerError;
context.Response.ContentType = "text/html";
await context.Response.WriteAsync("sumtin wrong").ConfigureAwait(false);
});
});
But this gives a very ugly page without any styling. Another solution we've tried to use is creating an error handling middle ware, but there we run into the same problem there where we can't add a view.
How can I return a styled view in case of an exception, without redirecting the user?
EDIT: the UseExceptionHandler doesn't cause a redirect, it was caused by a bug in some of our middleware.
How can I return a styled view in case of an exception, without redirecting the user?
You're almost there. You could rewrite(instead of redirect) the path, and then serve a HTML according to current path.
Let's say you have a well-styled sth-wrong.html page in your wwwroot/ folder. Change the code as below:
app.UseExceptionHandler(appBuilder=>
{
// override the current Path
appBuilder.Use(async (ctx, next)=>{
ctx.Request.Path = "/sth-wrong.html";
await next();
});
// let the staticFiles middleware to serve the sth-wrong.html
appBuilder.UseStaticFiles();
});
[Edit] :
Is there anyway where I can make use of my main page layout?
Yes. But because a page layout is a View Feature that belongs to MVC, you can enable another MVC branch here
First create a Controllers/ErrorController.cs file :
public class ErrorController: Controller
{
public IActionResult Index() => View();
}
and a related Views/Error/Index.cshtml file:
Ouch....Something bad happens........
Add a MVC branch in middleware pipeline:
app.UseExceptionHandler(appBuilder=>
{
appBuilder.Use(async (ctx, next)=>{
ctx.Request.Path = "/Error/Index";
await next();
});
appBuilder.UseMvc(routes =>{
routes.MapRoute(
name: "sth-wrong",
template: "{controller=Error}/{action=Index}");
});
});
Demo:
Hi I have loaded the auth component and included the following;
public function beforeFilter(Event $event)
{
parent::beforeFilter($event);
$this->Auth->allow('register', 'verify');
}
If I navigate to register it works correctly, however, if I go to verify it redirects me to login?
Any ideas?
I've setup Laravel's built in authentication feature, but it doesn't have an admin. I've been looking up ways to do this, but many tutorials seem a bit weighty. I wanted as simple, safe solution that takes advantage of the users table I already have.
I've looked at this: https://laracasts.com/discuss/channels/laravel/user-admin-authentication
The instructions come from several users, and it's a bit hard to follow. I've set up a "isAdmin" column to my users database. I have a middleware for the admin, but I'm not sure how to proceed from here.
If I don't forget anything, this should be enough.
Kernel.php:
protected $routeMiddleware = [
//...
'isAdmin' => \App\Http\Middleware\IsAdminMiddleware::class,
];
IsAdminMiddleware:
public function handle($request, Closure $next)
{
if(!\Auth::user()->isAdmin){
return Redirect::route('index');
}
return $next($request);
}
routes.php:
Route::group(['middleware' => ['auth', 'isAdmin']], function () {
Route::get('/', 'AdminController#index')->name('admin.index');
Route::get('/add-user', 'AdminController#addUser')->name('admin.addUser');
});
The lazy solution, not recommended:
In you AdminController, add the following:
public function __construct(){
if(!\Auth::user()->isAdmin){
dd('Redirect user or whatever, this is where all but admin gets stucked');
}
}
I am having trouble creating multi-role application in laravel5 since in laravel 5 the authentication is pre defined so I am not willing to mess around with predefined codes of laravel 5 authentication. I have a constructor that authenticates every controller in my project but I am unable to check user roles for the following roles:-
1. Admin
2. Agent
3. User
I can check manually for every functions but that is not the right process of doing so and if I have a total of around 500 functions I cant go in every function and define manually. please any help
Thank you
Personally I would use middleware and route groups to accomplish the task, which would be similar the way Laravel checks for user authentication.
You just have to determine when you need to run the middleware, which can be done by nesting Route::group's or injecting the middleware from your controller.
So, for an example of nesting you can have something like this in your routes file:
Route::group(['middleware' => ['auth']], function () {
Route::get('dashboard', ['as' => 'dashboard', function () {
return view('dashboard');
}]);
Route::group(['prefix' => 'company', 'namespace' => 'Company', 'middleware' => ['App\Http\Middleware\HasRole'], function () {
Route::get('dashboard', ['as'=>'dashboard', function () {
return view('company.dashboard');
}]);
Route::resource('employees', 'EmployeesController');
...
...
});
});
or you can inject the middleware to your controllers like so:
use Illuminate\Routing\Controller;
class AwesomeController extends Controller {
public function __construct()
{
$this->middleware('hasRole', ['only' => 'update'])
}
}
And then add a one or more Middleware files using something like php artisan make:middleware HasRole which will give you the middleware boiler plate which you could then add your role checking logic:
<?php namespace App\Http\Middleware;
use Closure;
class HasRole {
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure $next
* #return mixed
*/
public function handle($request, Closure $next)
{
if($request->is('admin/*')){
[******ADD YOUR LOGIC HERE TO DETERMINE THE ROLE ******]
[******YOU CAN ALSO INCLUDE ANY REDIRECTS IF NECESSARY******]
}
return $next($request);
}
}
Notice I used the $route->is('admin/*') to filter any routes as an example of further filtering requests, which you would probably not include if you are injecting the middleware from the controller.
But if the user passes the required role check you do not need to do anything and they will be allowed to continue to the view. If they fail the role check, you can handle that accordingly, but beware of getting them caught in a failed permission loop.
I assume you get the gist of it, feel free to look into the Laravel middleware docs for more info.
I have an authentication module. Now, I want to ensure that every module passes (communicates) with that authentication module. I guess you could say its the authentication to the entire application. How do I accomplish this?
Well one simple way would be getting that module/module_class via namespaces, then you could just extend the class. Have the functionality automatically called in the parent class or call the method in the child class. This would be a pretty basic way:
// Auth class
class SomeAuthClass
{
public function __construct()
{
// go ahead and call doAuthCrap here, or wait
// and let the child class call it manually
}
protected function doAuthCrap()
{
// code
}
}
use Your\AuthModule\SomeAuthClass;
class SomeOtherModuleClass extends SomeAuthClass
{
public function zippy_snipp()
{
// call some method from the parent auth class (doAuthCrap)
}
}
Or to adhere to some of the new ways ZF2 does things, you could access the auth class via the service manager and write the config for it in service config in your module.php file. There's really multiple ways to go about doing this one and ZF2 offers quite a bit of options for doing stuff like this.
zf2:
// in controller
$auth = $this->getServiceLocator()->get('someAuth');
// in service config in module.php
public function getServiceConfig()
{
return array(
'factories' => array(
'someAuth' => function ($serviceManager) {
// code here
},
)
);
}