I’m using Laravel 8 for my project and in this project and I have created a custom Middleware called Admin
that goes like this:
public function handle(Request $request, Closure $next) { if (Auth::check()) { if (Auth::user()->isAdmin()) { return $next($request); } } return redirect('/'); }
And I tried applying it like this:
Route::group(['middleware' => 'admin'], function() { Route::resource('admin/users', AppHttpControllersAdminAdminUserController::class); });
And on Kernel.php
:
'admin' => AppHttpMiddlewareAdmin::class
So I called the isAdmin()
at User Model which simply checks if the role of the user is correct or not:
public function roles() { return $this->belongsToMany(Role::class); } public function isAdmin() { foreach ($this->roles as $role) { if ($role->name == 'Manual User') { return true; } } return false; }
Currently, I have these two roles:
And the user, that I want to log in, is set to 6 and has the role id of 1 which Manual User
:
But now the problem is, when I go to /admin/users
uri, it does not redirect me to ('/')
uri and shows me /admin/users
page!
So what is going wrong here? How can I fix this issue?
Note that the relationship between roles
and users
which is Many To Many works fine and there is no need to mention them.
Advertisement
Answer
I tried this locally with a very similar setup and had no problem. I took the liberty of changing/simplifying some things.
These are the steps I took.
1. Middleware
1.1. Create Admin
middleware.
Done by running the php artisan make:middleware Admin
command.
1.2. Fill out the middleware.
<?php namespace AppHttpMiddleware; use Closure; use IlluminateHttpRequest; use IlluminateSupportFacadesAuth; class Admin { /** * Passes if authenticated user is an admin. * * @see AppModelsUser::isAdmin() */ public function handle(Request $request, Closure $next) { if (Auth::user()->isAdmin()) { return $next($request); } return redirect('/'); } }
Here is my first change: I don’t do the Auth::check()
. There’s another middleware for that.
1.3 Add new entry to $middlewareGroups
in AppHttpKernel.php
.
protected $middlewareGroups = [ 'web' => [...], 'api' => [...], // check if user is authenticated, then check if it's an admin 'admin' => [ 'auth', AppHttpMiddlewareAdmin::class ], ]; protected $routeMiddleware = [ 'auth' => AppHttpMiddlewareAuthenticate::class, ... ];
2. Route
Add a route that uses the middleware created above.
Route::middleware('admin')->group(function () { Route::get('test', function () { return "User is authenticated and is an admin."; }); });
Also, optionally you could simplify your isAdmin()
method.
public function isAdmin() { return $this->roles->contains('name', 'Manual User'); }
This, for me, had the desired results. Are you sure you edited your AppHttpKernel.php
file correctly?