Level 1
So, the solution is simple: App\Http\Middleware\ApiAccess should be placed before Illuminate\Session\Middleware\StartSession.
Feb 11, 2015
1
Level 1
[L5] How to correctly disable session for some route group?
I need to disable session for API routes. If i use \Config::set('session.driver', 'array'); for API routes then i can't return any response, but redirects only.
In route.php:
Route::group(['prefix' => 'api/v1', 'namespace' => 'Api', 'middleware' => 'api'], function() {
// some routes
}
In Kernel.php:
protected $routeMiddleware = [
// ...
'api' => 'App\Http\Middleware\ApiAccess'
// ...
];
In ApiAccess.php:
class ApiAccess implements Middleware {
public function handle($request, Closure $next) {
if (starts_with($request->path(), 'api')) {
\Config::set('session.driver', 'array');
if (config('app,api_key') != $request->get('api_key')) {
return response(null, 404); // This not work: Undefined index: _sf2_meta
return redirect('/'); // This work
}
}
return $next($request);
}
}
Please or to participate in this conversation.