stackoom
  简体   繁体   中英

Laravel middlewares always return false

 原文  2018-01-25 16:19:50       php/ laravel-5/ middleware

Question

I created 4 middlewares: 1 for checking if user is one of the admins( role_id !='4') , 1 for super admin(role_id==1), 1 for normal admin(role_id==2) and 1 for editor admin(role_id ==3)

My user table has a role_id column.

The middleware for the check user is one of the admins worked. But other middleware always return false.

My route 

Route::group(['middleware'=>'admin'],function(){
    Route::get('/backlogout','backend\BackloginController@getLogout')->name('back-logout');
    Route::get('/dashboard','BackendController@index')->name('backend');
    Route::group(['prefix' => 'categories', 'middleware' => ['superadmin', 'ad','editor']], function () {
        Route::get('/index', ['as' => 'back.categories.index', 'uses' => 'backend\CategoriesController@index']);
        Route::any('/store', ['as' => 'back.categories.store', 'uses' => 'backend\CategoriesController@store']);
        Route::any('/create', ['as' => 'back.categories.create', 'uses' => 'backend\CategoriesController@create']);
        Route::any('/edit/{id}', ['as' => 'back.categories.edit', 'uses' => 'backend\CategoriesController@edit']);
        Route::any('/update/{id}', ['as' => 'back.categories.update', 'uses' => 'backend\CategoriesController@update']);
        Route::any('/destroy/{id}', ['as' => 'back.categories.destroy', 'uses' => 'backend\CategoriesController@destroy']);
    });
    Route::group(['prefix' => 'products','middleware' => ['superadmin','editor']], function () {
        Route::get('/index', ['as' => 'back.products.index', 'uses' => 'backend\ProductsController@index']);
        Route::any('/store', ['as' => 'back.products.store', 'uses' => 'backend\ProductsController@store']);
        Route::any('/create', ['as' => 'back.products.create', 'uses' => 'backend\ProductsController@create']);
        Route::any('/edit/{id}', ['as' => 'back.products.edit', 'uses' => 'backend\ProductsController@edit']);
        Route::any('/update/{id}', ['as' => 'back.products.update', 'uses' => 'backend\ProductsController@update']);
        Route::any('/imgview/{id}', ['as' => 'back.products.imgview', 'uses' => 'backend\ProductsController@imgview']);
        Route::any('/updateimg/{id}', ['as' => 'back.products.updateimg', 'uses' => 'backend\ProductsController@updateImg']);
        Route::any('/destroy/{id}', ['as' => 'back.products.destroy', 'uses' => 'backend\ProductsController@destroy']);
    });
    Route::group(['prefix' => 'users','middleware' => ['superadmin', 'ad']], function () {
        Route::get('/index', ['as' => 'back.users.index', 'uses' => 'backend\UsersController@index']);
        Route::any('/store', ['as' => 'back.users.store', 'uses' => 'backend\UsersController@store']);
        Route::any('/create', ['as' => 'back.users.create', 'uses' => 'backend\UsersController@create']);
        Route::any('/edit/{id}', ['as' => 'back.users.edit', 'uses' => 'backend\UsersController@edit']);
        Route::any('/update/{id}', ['as' => 'back.users.update', 'uses' => 'backend\UsersController@update']);
        Route::any('/destroy/{id}', ['as' => 'back.users.destroy', 'uses' => 'backend\UsersController@destroy']);
    });
});

my kernel.php 

protected $routeMiddleware = [
        'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
        'can' => \Illuminate\Auth\Middleware\Authorize::class,
        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
        'admin'=>\App\Http\Middleware\CheckAdmin::class,
        'superadmin'=>\App\Http\Middleware\CheckSuperAdmin::class,
        'ad'=>\App\Http\Middleware\CheckAd::class,
        'editor'=>\App\Http\Middleware\CheckEditor::class,
    ];

my checkadmin (check if user is one of the admin) middlware this one worked 

class CheckAdmin
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if(Auth::check() && Auth::user()->role_id !='4'){
            return $next($request);
        }
        return redirect()->route('backend-login');
    }
}

my checksuperadmin middleware 

class CheckSuperAdmin
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if(Auth::check() && Auth::user()->role_id =='1'){
            return $next($request);
        }
        Session::flash('notsuper','only super admin can access this page');
        return redirect()->route('backend');

    }
}

my checkad( check for normal admin) middlware 

class CheckAd
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if(Auth::check() && Auth::user()->role_id =='2'){
            return $next($request);
        }
        Session::flash('notadmin','only admin can access this page');
        return redirect()->route('backend');

    }
}

my checkeditor middleware 

class CheckEditor
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if(Auth::check() && Auth::user()->role_id =='3'){
            return $next($request);
        }
        Session::flash('noteditor','only editor can access this page');
        return redirect()->route('backend');

    }
}

i don't know why but all the checksuperadmin, checkadm, checkeditor always return false

2 answers

solution1
 1  2018-01-25 16:55:38

Remove the middleware from first group. 

Route::group(['prefix' => 'categories', 'middleware' => ['superadmin', 'ad','editor']], function () {
    Route::get('/index', ['as' => 'back.categories.index', 'uses' => 'backend\CategoriesController@index']);
    Route::any('/store', ['as' => 'back.categories.store', 'uses' => 'backend\CategoriesController@store']);
    Route::any('/create', ['as' => 'back.categories.create', 'uses' => 'backend\CategoriesController@create']);
    Route::any('/edit/{id}', ['as' => 'back.categories.edit', 'uses' => 'backend\CategoriesController@edit']);
    Route::any('/update/{id}', ['as' => 'back.categories.update', 'uses' => 'backend\CategoriesController@update']);
    Route::any('/destroy/{id}', ['as' => 'back.categories.destroy', 'uses' => 'backend\CategoriesController@destroy']);
});
Route::group(['prefix' => 'products','middleware' => ['superadmin','editor']], function () {
    Route::get('/index', ['as' => 'back.products.index', 'uses' => 'backend\ProductsController@index']);
    Route::any('/store', ['as' => 'back.products.store', 'uses' => 'backend\ProductsController@store']);
    Route::any('/create', ['as' => 'back.products.create', 'uses' => 'backend\ProductsController@create']);
    Route::any('/edit/{id}', ['as' => 'back.products.edit', 'uses' => 'backend\ProductsController@edit']);
    Route::any('/update/{id}', ['as' => 'back.products.update', 'uses' => 'backend\ProductsController@update']);
    Route::any('/imgview/{id}', ['as' => 'back.products.imgview', 'uses' => 'backend\ProductsController@imgview']);
    Route::any('/updateimg/{id}', ['as' => 'back.products.updateimg', 'uses' => 'backend\ProductsController@updateImg']);
    Route::any('/destroy/{id}', ['as' => 'back.products.destroy', 'uses' => 'backend\ProductsController@destroy']);
});
Route::group(['prefix' => 'users','middleware' => ['superadmin', 'ad']], function () {
    Route::get('/index', ['as' => 'back.users.index', 'uses' => 'backend\UsersController@index']);
    Route::any('/store', ['as' => 'back.users.store', 'uses' => 'backend\UsersController@store']);
    Route::any('/create', ['as' => 'back.users.create', 'uses' => 'backend\UsersController@create']);
    Route::any('/edit/{id}', ['as' => 'back.users.edit', 'uses' => 'backend\UsersController@edit']);
    Route::any('/update/{id}', ['as' => 'back.users.update', 'uses' => 'backend\UsersController@update']);
    Route::any('/destroy/{id}', ['as' => 'back.users.destroy', 'uses' => 'backend\UsersController@destroy']);
});

solution2
 1 ACCPTED  2018-01-25 16:56:28

You are applying a multiple midllewares to all your route groups. In this case Laravel grants you access only if user satisfy ALL of them. Try to do something like this: 

class CheckEditor {
    public function handle($request, Closure $next)
    {
        if(Auth::check() && Auth::user()->role_id <='3')
            //do something
    }
}
class CheckAd {
    public function handle($request, Closure $next)
    {
        if(Auth::check() && Auth::user()->role_id <='2')
            //do something
    }
}

And at your route groups use single middleware: For "Editor" ang higher access level: 

Route::group(['middleware' => 'editor'], function () {
    //place your routes here
});

... etc for another access levels. Use == at role middleware only if you wish to grant access for ONLY this one

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question auth laravel always return false Laravel policies always return false laravel 5 Authentication always return false Hash::check in Laravel 5 is not working, always return false? Laravel Hash::check() always return false laravel auth::attempt() always return false Laravel 8 Authentication: auth::attemp always return false Laravel 5 Auth::attempt always return false Laravel Hash:check always return false Laravel Auth::attempt always return false
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM