Using Laravel Auth middleware

Laravel 5.1 really had minimal documentation.. I need clear idea about how to protect routes using Auth middileware..

Documentation tells to add “middleware” => “auth” parameter to route. or can do

    public function __construct() 
    {
      $this->middleware('auth');
    }

But How to use Auth middleware for actual user authentication and auto redirection to /login from protected routes ??

Answer

In Kernel.php – there are registered middlewares under protected $routeMiddleware like this:

/**
 * The application's route middleware.
 *
 * @var array
 */
protected $routeMiddleware = [
    'auth' => 'AppHttpMiddlewareAuthenticate',
    'auth.basic' => 'IlluminateAuthMiddlewareAuthenticateWithBasicAuth',
    'guest' => 'AppHttpMiddlewareRedirectIfAuthenticated',
];

You can see ‘auth’ is registered for using AppHttpMiddlewareAuthenticate.

Then you can follow this path – if you open /app/Http/Middleware/Authenticate.php, you will find public function handle:

    /**
     * Handle an incoming request.
     *
     * @param  IlluminateHttpRequest  $request
     * @param  Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if ($this->auth->guest())
        {
            if ($request->ajax())
            {
                return response('Unauthorized.', 401);
            }
            else
            {
                return redirect()->guest('auth/login');
            }
        }

        return $next($request);
    }

and here is where redirection is managed, and you can modify it for your own needs, or you can create custom middleware.

finally – as it is written in documentation – in the controller, which will need to be authenticated, you will add

public function __construct() 
{
  $this->middleware('auth');
}

You can create a custom middleware if provided ones do not suit your needs.

Leave a Reply

Your email address will not be published. Required fields are marked *