How can I use middleware with resources?
Route::resource('myitem', ['middleware' => 'auth', 'uses' => 'App\\Controllers\\MyitemsController']);
Just followed https://laracasts.com/discuss/channels/general-discussion/struggling-with-routeresource-and-auth-middleware but unfortunately could not solve.
Getting error:
ErrorException (E_UNKNOWN)
Array to string conversion
Open: /vendor/laravel/framework/src/Illuminate/Routing/Router.php
protected function getResourceAction($resource, $controller, $method, $options)
{
$name = $this->getResourceName($resource, $method, $options);
return array('as' => $name, 'uses' => $controller.'#'.$method);
}
Using filter with resource was not working that why had to use Route::group
Route::group(array('before' => 'auth'), function()
{
Route::resource('myitem', 'App\\Controllers\\MyitemsController');
});
https://stackoverflow.com/a/17512478/540144
Middleware is a new feature of Laravel 5. In Laravel 4, filters where something similar. So instead of using the key middleware you should use before or after. Also, and that's where the error comes from, the second argument of Route::resource should be the controller name as string and the third one is an array of options:
Route::resource('myitem', 'App\\Controllers\\MyitemsController', ['before' => 'auth']);
Edit
Apparently before filters only work with resource routes when you wrap a group around it. See the OPs answer for an example...
I just came up against this and found the easiest way is to add the middleware straight to the controller.
I found my answer here:
http://laravel.com/docs/master/controllers
class MyitemsController extends Controller {
/**
* Instantiate a new MyitemsController instance.
*/
public function __construct()
{
$this->middleware('auth');
}
}
How to do this in Laravel 5. The Answer you have been waiting for.
Use middleware instead of before
Route::group(array('middleware' => 'auth'), function()
{
Route::resource('user', 'UserController',
['only' => ['edit']]);
}
To check if the route is setup, run:
php artisan route:list
which should show the following:
GET|HEAD | user/{user}/edit | user.edit | App\Http\Controllers\UserController#edit | auth
Note auth instead of guest
Better solution
Use middleware instead of before
Route::group(['middleware' => 'auth'], function(){
Route::resource('myitem', 'MyitemsController');
});
You can check if it's ok with:
php artisan route:list
Related
I am trying to get a notification for sign-in.
For this purpose, I created a custom SignInManager and overridden the method used to sign in .
Now if I do the following it works:
builder.Services.AddDefaultIdentity<IdentityUser>(options =>
{
// ...
})
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddSignInManager<MySignMan<IdentityUser>>();
But in my code, I use AddIdentity instead of AddDefaultIdentity, and I don't find how to make it work without DefaultIdentity
Can this work for you?
builder.Services.AddIdentity<IdentityUser, IdentityRole>(option =>
{
option.User.RequireUniqueEmail = true;
})
.AddEntityFrameworkStores<ApplicationDbContext>().AddSignInManager<MySignManager<IdentityUser>>();
I have the following code defined in Startup.cs:
services.AddMvc().AddRazorPagesOptions(options =>
{
options.Conventions.AddPageRoute("/ListVehicles", "/vehicle-list");
});
How do I only allow access to the page by using the url "vehicle-list" instead of just typing the cshtml file name ListVehicles in the url? I tried options.Conventions.Clear() but that didn't work.
You could achieve this with custom IPageRouteModelConvention that clears Selectors list in required PageRouteModel:
services.AddMvc().AddRazorPagesOptions(options =>
{
options.Conventions.AddPageRouteModelConvention("/ListVehicles", model =>
{
model.Selectors.Clear();
});
options.Conventions.AddPageRoute("/ListVehicles", "vehicle-list");
});
Now request to http://localhost/ListVehicles will result to 404 error, while request to http://localhost/vehicle-list will return ListVehicles.cshtml page.
Not sure if this is possible, but here it goes.
What I am looking to do is include my "admin" routes as a separate file, only if the user is an admin (therefore a non admin will get a 404 error
routes.php
if( Session::get('user')->is_admin )
require_once('routes-admin.php');
if( Auth::check() )
require_once('routes-user.php');
Route::get('/', function() {
return view('home');
});
routes-admin.php
Route::get('admin', function() {
return view('admin-dashboard');
});
routes-user.php
Route::get('user', function() {
return view('user-dashboard');
});
What I am trying to do is avoid having the test repeated with every single Route
so if my user segment has 10 pages I currently need 30 lines of code dedicated to Auth::check() (the if, else and redirect if not), where I can instead have a single check on routes.php and the user will get a 404 if they don't belong
Is there a way to perform this check outside of the Route?
Perhaps you want to read documentation first?
Route::group(['middleware' => 'auth'], function()
{
Route::get('/', function()
{
// Uses Auth Middleware
});
Route::get('user/profile', function()
{
// Uses Auth Middleware
});
});
Above code does exactly what you need, is "person logged in?" let him go to page "whatever".
You can create middlewares (check if user is admin or basic user) yourself and apply on groups.
Example middleware
class BeforeMiddleware implements Middleware
{
public function handle($request, Closure $next)
{
// Perform action
return $next($request);
}
}
Do not get me wrong, just your approach is really not Laravel like. Try to see some open source projects done in L5 or even in L4. Try to use everything Taylor already done for you. Documentation is your firend here.
Following the response of #Kyslik for the middleware, you can "include" your own routes file in your RouteServiceProvider like the default routes file, the RouteServiceProvide is located in: app/Providers/RouteServiceProvider.php,
Find the section
require app_path('Http/routes.php');
and just replicate with the name of your routes file want to include
I am having trouble creating multi-role application in laravel5 since in laravel 5 the authentication is pre defined so I am not willing to mess around with predefined codes of laravel 5 authentication. I have a constructor that authenticates every controller in my project but I am unable to check user roles for the following roles:-
1. Admin
2. Agent
3. User
I can check manually for every functions but that is not the right process of doing so and if I have a total of around 500 functions I cant go in every function and define manually. please any help
Thank you
Personally I would use middleware and route groups to accomplish the task, which would be similar the way Laravel checks for user authentication.
You just have to determine when you need to run the middleware, which can be done by nesting Route::group's or injecting the middleware from your controller.
So, for an example of nesting you can have something like this in your routes file:
Route::group(['middleware' => ['auth']], function () {
Route::get('dashboard', ['as' => 'dashboard', function () {
return view('dashboard');
}]);
Route::group(['prefix' => 'company', 'namespace' => 'Company', 'middleware' => ['App\Http\Middleware\HasRole'], function () {
Route::get('dashboard', ['as'=>'dashboard', function () {
return view('company.dashboard');
}]);
Route::resource('employees', 'EmployeesController');
...
...
});
});
or you can inject the middleware to your controllers like so:
use Illuminate\Routing\Controller;
class AwesomeController extends Controller {
public function __construct()
{
$this->middleware('hasRole', ['only' => 'update'])
}
}
And then add a one or more Middleware files using something like php artisan make:middleware HasRole which will give you the middleware boiler plate which you could then add your role checking logic:
<?php namespace App\Http\Middleware;
use Closure;
class HasRole {
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure $next
* #return mixed
*/
public function handle($request, Closure $next)
{
if($request->is('admin/*')){
[******ADD YOUR LOGIC HERE TO DETERMINE THE ROLE ******]
[******YOU CAN ALSO INCLUDE ANY REDIRECTS IF NECESSARY******]
}
return $next($request);
}
}
Notice I used the $route->is('admin/*') to filter any routes as an example of further filtering requests, which you would probably not include if you are injecting the middleware from the controller.
But if the user passes the required role check you do not need to do anything and they will be allowed to continue to the view. If they fail the role check, you can handle that accordingly, but beware of getting them caught in a failed permission loop.
I assume you get the gist of it, feel free to look into the Laravel middleware docs for more info.
How can I use Controllers instead of Routes when with dingo/api (https://github.com/dingo/api) package?
The documentation (https://github.com/dingo/api/wiki) uses routes only.
Dingo is just an extension of the Laravel router, so you can use controllers just like you do in any other Laravel project.
So this:
Route::api(['version' => 'v1', 'prefix' => 'api'], function()
{
Route::get('posts', function()
{
return Post::all();
});
});
would become:
Route::api(['version' => 'v1', 'prefix' => 'api'], function()
{
Route::get('posts', 'PostsController#index');
});
Do you mean connecting a controller to a specific dingo route? like this:
$api = app('Dingo\Api\Routing\Router');
then followed by
$api->version('v1', function($api){
$api->get('posts', 'PostsController#index');
});
But somehow Dingo cannot find the directory of controller, so what I do is start from App\ directory like this: App\Http\Controllers\PostsController#index .
so the correct syntax would be
$api->get('posts', 'App\Http\Controllers\PostsController#index');