Laravel 5.1 really had minimal documentation.. I need clear idea about how to protect routes using Auth middileware..
Documentation tells to add “middleware” => “auth” parameter to route. or can do
public function __construct()
{
$this->middleware('auth');
}
But How to use Auth middleware for actual user authentication and auto redirection to /login from protected routes ??
Answer
In Kernel.php – there are registered middlewares under protected $routeMiddleware like this:
/**
* The application's route middleware.
*
* @var array
*/
protected $routeMiddleware = [
'auth' => 'AppHttpMiddlewareAuthenticate',
'auth.basic' => 'IlluminateAuthMiddlewareAuthenticateWithBasicAuth',
'guest' => 'AppHttpMiddlewareRedirectIfAuthenticated',
];
You can see ‘auth’ is registered for using AppHttpMiddlewareAuthenticate.
Then you can follow this path – if you open /app/Http/Middleware/Authenticate.php, you will find public function handle:
/**
* Handle an incoming request.
*
* @param IlluminateHttpRequest $request
* @param Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest())
{
if ($request->ajax())
{
return response('Unauthorized.', 401);
}
else
{
return redirect()->guest('auth/login');
}
}
return $next($request);
}
and here is where redirection is managed, and you can modify it for your own needs, or you can create custom middleware.
finally – as it is written in documentation – in the controller, which will need to be authenticated, you will add
public function __construct()
{
$this->middleware('auth');
}
You can create a custom middleware if provided ones do not suit your needs.