henriquenasc's avatar

Laravel Auth routes

Hi! I'm a beginner in code programming and Laravel. I'm having trouble understanding and implementing login authentication on some pages. I have my login and I only want to have access to the customer list after authenticating.

However, as soon as I access '/ dashboard' in the browser, it already accesses the clients.

Below are my routes and codes:

// Routes


// login routes
Route::get('/panel', 'AuthController@panel')->name('panel');

Route::get('/login', 'AuthController@login')->name('login');

Route::post('/login/do', 'AuthController@loginFormAuth')->name('login.do');

Route::get('/logout', 'AuthController@logout')->name('logout');

// clients routes

Route::get('/dashboard', 'ClientController@index')->name('dashboard');

Route::get('/client/{id}', 'ClientController@show');

Route::post('/store', 'ClientController@store');

Route::put('/update/{id}', 'ClientController@update');

Route::delete('/remove/{id}', 'ClientController@destroy')->name('destroy');

// User Auth Controller

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;

class AuthController extends Controller
{
    public function login()
    {
        return view('auth.login');
    }

    public function panel()
    {
        if(Auth::check()) {
            return view('list-clients');
        }

        return redirect()->route('login');
    }

    public function loginFormAuth(Request $request)
    {
        $credentials = [
            'email' => $request->email,
            'password' => $request->password
        ];

        if(Auth::attempt($credentials)) {
            return redirect()->route('dashboard');
        };

        return redirect()->route('login')->withInput()->withErrors(['Os dados informados não conferem!']);
    }

    public function logout()
    {
        Auth::logout();
        return redirect()->route('login');
    }
}

// client controller

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use App\Client;

class ClientController extends Controller
{
    public function index()
    {
        $clients = Client::all();
        return view("list-clients", compact('clients'));
    }
}

Thank you very much in advance

0 likes
7 replies
corbosman's avatar

All you have to do is add the 'auth' middleware to all routes you want to protect by login. You can easily do that by creating a route group.

Route::middleware('auth')->group(function () {
  Route::get('/dashboard')..
  ...
});
1 like
henriquenasc's avatar

Thank you! It worked. I didn't know this route grouping feature yet, just two weeks ago I started at Laravel. You helped me a lot. ^^

henriquenasc's avatar

Got a bug yet.

When I log out and click on the browser's back button, it still accesses the clients dashboard, only when I press F5 it goes to login.

// Routes

Route::get('/', 'AuthController@panel')->name('panel');
Route::get('/login', 'AuthController@login')->name('login');
Route::post('/login/do', 'AuthController@loginFormAuth')->name('login.do');
Route::get('/logout', 'AuthController@logout')->name('logout');

Route::middleware('auth')->group(function() {
  Route::get('/dashboard', 'ClientController@index')->name('dashboard');
  Route::get('/client/{id}', 'ClientController@show');
  Route::post('/store', 'ClientController@store');
  Route::put('/update/{id}', 'ClientController@update');
  Route::delete('/remove/{id}', 'ClientController@destroy')->name('destroy');
});
japetsky's avatar

Use middleware on your client route

Route::get('/client/', 'ClientController@show')->middleware('auth');

OR, go add a constructor on your controller. See sample below

public function __construct()
{
    $this->middleware('auth')->except(['index']);
    // except(['index']   you can specify the view that you would like to lock
    // sample,  except(['index', 'panel', 'admin'])
}
1 like
Mokrani's avatar

If you have multi user system i advice you use multi auth package

1 like
corbosman's avatar

You don't really have access, it's just the browser cache.

henriquenasc's avatar
henriquenasc
OP
5 years ago
Best Answer
Level 1

Guys, I managed to solve with this code snippet:

// logout method

return redirect(\URL::previous());

// complete AuthController

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;

class AuthController extends Controller
{
    public function login()
    {
        return view('auth.login');
    }

    public function loginFormAuth(Request $request)
    {
        $credentials = [
            'email' => $request->email,
            'password' => $request->password
        ];

        if(Auth::attempt($credentials)) {
            return redirect()->route('dashboard');
        };

        return redirect()->route('login')->withInput()->withErrors(['Os dados informados não conferem!']);
    }

    public function panel(Request $request)
    {
        if($request->is('/')) {
            return redirect()->route('dashboard');
        }
        if(Auth::check() === true) {
            return view('list-clients');
        }

        return redirect()->route('login');
    }


    public function logout()
    {
        Auth::logout();
        return redirect(\URL::previous());
        // return redirect()->route('login');
    }
}

Very simple, now I will do other tests. haha really cool isn't it ?!

Please or to participate in this conversation.