[ad_1]
I am trying to redirect the user to login page if it tries to access dashboard or other user page if they haven’t logged in yet.
here is my web.php
Route::group(['middleware'=>'UserAuthChk'], function(){
Route::get("https://stackoverflow.com/",[HomeController::class, 'index']) -> name('home.index');
// User Controller
Route::get('/user/dashboard', [UserController::class, 'dashboard']) -> name('user.dashboard');
// User Authentication Controller
Route::get('/auth/user/login', [UserAuthController::class, 'login']) -> name('auth.user.login');
Route::get('/auth/user/signup', [UserAuthController::class, 'signup']) -> name('auth.user.signup');
Route::get('/auth/user/forgotpassword', [UserAuthController::class, 'forgotpass']) -> name('auth.user.forgotpass');
// User Authentication POST
Route::post('/auth/user/registeruser', [UserAuthController::class, 'registerUser']) -> name('auth.user.reguser');
Route::post('/auth/user/loginuser', [UserAuthController::class, 'loginUser']) -> name('auth.user.loginuser');
Route::get('/auth/user/logoutuser', [UserAuthController::class, 'logoutUser']) -> name('auth.user.logoutuser');
});
Here is my middleware UserAuthChk.php
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
class UserAuthChk
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse) $next
* @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
*/
public function handle(Request $request, Closure $next)
{
if (session()->has('userID') && ($request->path()==route('auth.user.login') || $request->path()==route('auth.user.signup') || $request->path()==route('auth.user.forgotpass'))) {
return back();
}
if(!session()->has('userID') && ($request->path()!=route('auth.user.login') || $request->path()!=route('auth.user.signup') || $request->path()!=route('auth.user.forgotpass') || $request->path()!=route('home.index'))) {
return redirect()->route('auth.user.login');
}
return $next($request)->header('Cache-Control','no-cache, no-store, max-age=0, must-revalidate')
->header('Pragma','no-cache')
->header('Expires', 'Sat 01 Jan 1990 00:00:00 GMT');
}
}
Here is my kernel.php
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'UserAuthChk' => \App\Http\Middleware\UserAuthChk::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
];
If I haven’t logged in and I try to access the login page, signup page, home page, it just keeps loading and then errors saying that it redirected too many times.
When I removed the whole !session()
part and I loggedd in then try to access the login or signup page, it works fine. Any solutions?
[ad_2]