Home/ Questions/Q 1768
Alex Hales
  • 0
Teacher
Asked: 2022-05-31T01:57:28+00:00

php – How to redirect if session not set in middleware

  • 0

[ad_1]

I am trying to redirect the user to login page if it tries to access dashboard or other user page if they haven’t logged in yet.

here is my web.php

Route::group(['middleware'=>'UserAuthChk'], function(){
    Route::get("https://stackoverflow.com/",[HomeController::class, 'index']) -> name('home.index');
    // User Controller
    Route::get('/user/dashboard', [UserController::class, 'dashboard']) -> name('user.dashboard');
    
    // User Authentication Controller
    Route::get('/auth/user/login', [UserAuthController::class, 'login']) -> name('auth.user.login');
    Route::get('/auth/user/signup', [UserAuthController::class, 'signup']) -> name('auth.user.signup');
    Route::get('/auth/user/forgotpassword', [UserAuthController::class, 'forgotpass']) -> name('auth.user.forgotpass');
    // User Authentication POST
    Route::post('/auth/user/registeruser', [UserAuthController::class, 'registerUser']) -> name('auth.user.reguser');
    Route::post('/auth/user/loginuser', [UserAuthController::class, 'loginUser']) -> name('auth.user.loginuser');
    Route::get('/auth/user/logoutuser', [UserAuthController::class, 'logoutUser']) -> name('auth.user.logoutuser');
});

Here is my middleware UserAuthChk.php

<?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;

class UserAuthChk
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse)  $next
     * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
     */
    public function handle(Request $request, Closure $next)
    {
        if (session()->has('userID') && ($request->path()==route('auth.user.login') || $request->path()==route('auth.user.signup') || $request->path()==route('auth.user.forgotpass'))) {
            return back();
        }
        if(!session()->has('userID') && ($request->path()!=route('auth.user.login') || $request->path()!=route('auth.user.signup') || $request->path()!=route('auth.user.forgotpass') || $request->path()!=route('home.index'))) {
            return redirect()->route('auth.user.login');
        }
        
        return $next($request)->header('Cache-Control','no-cache, no-store, max-age=0, must-revalidate')
                              ->header('Pragma','no-cache')
                              ->header('Expires', 'Sat 01 Jan 1990 00:00:00 GMT');
    }
}

Here is my kernel.php

protected $routeMiddleware = [
    'auth' => \App\Http\Middleware\Authenticate::class,
    'UserAuthChk' => \App\Http\Middleware\UserAuthChk::class,
    'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
    'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class,
    'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
    'can' => \Illuminate\Auth\Middleware\Authorize::class,
    'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
    'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
    'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
    'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
    'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
];

If I haven’t logged in and I try to access the login page, signup page, home page, it just keeps loading and then errors saying that it redirected too many times.

When I removed the whole !session() part and I loggedd in then try to access the login or signup page, it works fine. Any solutions?

[ad_2]

Share
Leave an answer

Leave an answer

Browse

Stats

  • Questions : 43k