Level 10
You can change it in the RouteServiceProvider::class
/**
* The path to the "home" route for your application.
*
* This is used by Laravel authentication to redirect users after login.
*
* @var string
*/
public const HOME = '/home';
Dec 13, 2022
9
Level 2
Changing the home page route
When I log into my app (using Breeze for auth), I want to go somewhere other than /home. From reading various docs, this seems like a simple thing: edit app/Http/Controllers/Auth/LoginController.php and change $redirectTo to point where I want it to go, right?
Unfortunately that's not working. No matter what I put in there, even non-existent routes, I end up at /.
I actually want to do something a little more sophisticated, where the user is directed to different pages according to their roles, so I have a method in my User model that figures out where that should be. To avoid this being a source of problems, I've also tried to do all this with the stock static config.
With xdebug, I've traced the process. It hits Breeze's AuthenticatedSessionController::store(), which returns redirect()->intended($default) and I can see that the correct route is passed as $default. However, intended() pulls url.intended from the session, and goes there instead of the route I passed in, and I can see that the resulting URL is indeed /. So then the question is how does url.intended get set to this since this is the very first authenticated URL it's hitting? I can't find any other references to that session value, so I've not found where it is set.
What's more confusing is that if I log out and then log back in again it goes to the right place! The wrong destination only occurs on a fresh login (e.g. in a new incognito window). I can only explain this as the intended destination being stored in the session the first time, and then turning up as url.intended the second time.
I've found I can bodge this into working by skipping the intended call in the session controller, and returning redirect()->to($default) directly, however, I'm concerned that this might have unintended consequences, for example breaking deep links that need to do a login first.
Any ideas what I'm doing wrong?
Level 2
@RayC Unfortunately I'd already tried that, and it doesn't help either. I'm using that as the fallback if it doesn't find a better route, but changing it doesn't make any difference to the issue I'm seeing.
Level 75
Also wouldn't you have a different home page for admin verses user?
I usually do something like:
public function authenticate(Request $request)
{
$credentials = $request->only('username', 'password');
if (Auth::attempt($credentials)) {
$request->session()->regenerate();
$path = $this->getRedirect();
return redirect()->intended($path);
}
$message = 'The provided credentials do not match our records.';
return redirect('login')->with('status', $message);
}
public function getRedirect() {
$role = Auth::user()->role;
$checkrole = explode(',', $role); // However you check for admin
if (in_array('admin', $checkrole)) {
return 'admin/dashboard';
} else {
return 'user/dashboard;
}
}
But just examples. Remember it's a starter kit to tweak as needed.
Level 2
@jlrdw Yes, that's just like what I'm doing. The problem is that the path that I pass in to intended() (exactly as you show) gets ignored and replaced with the url.intended value from the session. If you look at the code in intended(), you can see that's exactly what it's intended (ha!) to do.
Level 75
@Synchro if a user is trying to go to a wrong url, then you can redirect them back to the login page.
But if they give correct email and password at login, they should be correctly redirected. My breeze app is older, I don't know what changes have been made.
The last app I did, I didn't use any starter kits, I just used regular Auth from documentation.
It's under Manually Authenticating Users
https://laravel.com/docs/9.x/authentication#authenticating-users
Because I like full control.
Level 2
@jlrdw From those docs:
The intended method provided by Laravel's redirector will redirect the user to the URL they were attempting to access before being intercepted by the authentication middleware.
That's fine (it's what I was referring to about deep links), and the user is not trying to access an incorrect URL (they simply posted their credentials to /login with no other redirects or params, completely stock config). The problem is that this "URL they were attempting to access" doesn't exist, but for some reason is defaulting to / and being used instead of my correct target route.
Level 75
@Synchro goto the RouteServiceProvider.php and:
public const HOME = 'redirects'; //rename to what you want.
//public const HOME = '/dashboard'; Comment out or delete
Where redirects is a custom route and controller method you setup to do what you need. I had forgotten about commenting out that public const HOME = '/dashboard'; part, been a while. That line is so restrictive.
And in the method do what you need to do.
That is one of the reasons I do not like those starter kits, but just my opinion.
Edit
Again, it's a starter kit, tweak as needed, but make sure you know what you are doing when tweaking.
Level 2
@jlrdw I've tracked down the problem. I was helped by this post. The issue is that when I visit the domain directly, https://www.example.com/, it requires auth, and so it stores / as the intended destination, and redirects me to /login. Then after login, it redirects me back to my intended destination at /. If I go directly to /login in a fresh session, my targeting works correctly because it never had to do the redirect away from /, and so the call to intended() falls through to the default route param I'm passing in. While I can understand the reasoning here, it's unhelpful because default redirection can never work in this scenario (requiring auth for /), and it won't matter what you put in $redirectTo or HOME.
I think the only solution here is to remove the call to intended.
1 like
Level 1
@Synchro CORRECT! THIS HAPPENED TO ME IN LARAVEL 11
TO FIX THIS I HAVE MADE THE ROUTE '/' REDIRECT TO '/LOGIN' AND IN THE bootstrap/app.php withMiddleware() I HAVE ADDED THIS
$middleware->redirectUsersTo(function ($request) {
$route = $request->user()->hasRole('admin')
? 'admin.dashboard'
: 'home';
return route($route);
});
$middleware->redirectGuestsTo('/login');
Please or to participate in this conversation.