Skip to content
Advertisement

Laravel 6.x new password.confirm middleware doesn’t work with custom guard

a new password.confirm feature has been added to the laravel 6.2 framework. I have a fresh laravel 6.18.8 installation, I have done multi-authentication based on guard. I want to run password.confirm for this custom guard. Login / logout for guard:admin works correctly, after login redirects to admin/home url correctly. Verification if I am logged in to guard:admin is working correctly so far: – if I’m already logged in to guard:admin an attempt to enter admin/login redirects me to admin/home – correctly – if I’m not logged in, the attempt to enter admin/home will redirect me to admin/login – correctly

but

trying to go to admin/secret (which should ask for admin password) redirecting me to user login page because to open password/confirm url (for defualt guard)

When I am logged as admin and manually try to open url admin/password/confirm shows error

Target class [admin] does not exist. 

Is there any chance to run this? Or is made “as is” and won’t play with none default auth guard?

Currently my code for guard:admin: config/auth.php

'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],

        'api' => [
            'driver' => 'token',
            'provider' => 'users',
            'hash' => false,
        ],

        'admin' => [
            'driver' => 'session',
            'provider' => 'admins',
        ],
    ],

routes/web.php

/*
|--------------------------------------------------------------------------
| Web Routes for admin panel
|--------------------------------------------------------------------------
|
|
*/

Route::prefix( env('ADMIN_PREFIX', 'admin') )->name('admin.')->namespace('Admin')->group(function () {
    // Auth::routes(['register' => false, 'verify' => false]);
    // Login/out process
    Route::get('/login', 'AuthLoginController@showLoginForm')->name('login');
    Route::post('/login', 'AuthLoginController@login')->name('login');
    Route::post('/logout', 'AuthLoginController@logout')->name('logout');
    // Password reset process
    Route::get('/password/reset', 'AuthForgotPasswordController@showLinkRequestForm')->name('password.request');
    Route::get('/password/reset/{token}', 'AuthResetPasswordController@showResetForm')->name('password.reset');
    Route::post('/password/email', 'AuthForgotPasswordController@sendResetLinkEmail')->name('password.email');
    Route::post('/password/reset', 'AuthResetPasswordController@reset')->name('password.update');
    // Password confirmation process
    Route::get('/password/confirm', 'AuthConfirmPasswordController@showConfirmForm')->name('password.confirm');
    Route::post('/password/confirm', 'AuthConfirmPasswordController@confirm')->name('password.confirm');

    Route::middleware('auth:admin')->group(function() {
        Route::view('/home', 'admin.home')->name('home');
        Route::view('/secret', 'admin.secret')->name('secret')->middleware('password.confirm');
    });

Advertisement

Answer

Ok, I see that you can specify where to forward, e.g.

middleware('password.confirm:admin.password.confirm')

And I found a problem … stupid me ;P In the constructor of the Admin/Auth/ConfirmPasswordController.php file, I typed middleware(‘admin:auth’) instead of ‘auth:admin’

User contributions licensed under: CC BY-SA
8 People found this is helpful
Advertisement