Login redirectTo/redirectPath - Ignore Some Route - Laravel UI Auth

Using Laravel 11 and UI Auth

When logging in I get redirected to the previous URL I was on when I logged out. I think this is default behaviour and generally desirable. (my App is not a clean install so it's possible this is not default but I think it is)

For a very small number of routes (at the moment one) I want to prevent users from being redirected to this one route/url/page when logging back in. Sending back to the home or default route is fine in this case.

I thought this would be pretty simple, perhaps even an array of urls like maintenance mode.

I couldn't see anything like that, and there's various ways in which I think I could implement it, like creating new middleware or extending Session middleware or editing the App Service Provider, or even just preventing this one route being added to the list of previous urls.

What would be the "best" way to do this?

LaryAI

1 year ago

Level 58

To achieve the desired behavior of preventing users from being redirected to specific routes after logging in, you can customize the redirection logic in your Laravel application. Here's a step-by-step solution:

Create a Middleware: You can create a middleware to handle the redirection logic. This middleware will check if the previous URL is in the list of URLs you want to ignore and redirect accordingly.
Register the Middleware: Register this middleware in your app/Http/Kernel.php file.
Modify the Login Controller: Use the middleware in your login logic to determine the redirection path.

Here's how you can implement this:

Step 1: Create a Middleware

Run the following Artisan command to create a new middleware:

php artisan make:middleware RedirectIfFromIgnoredRoute

Step 2: Implement the Middleware Logic

Edit the newly created middleware file located at app/Http/Middleware/RedirectIfFromIgnoredRoute.php:

<?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;

class RedirectIfFromIgnoredRoute
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle(Request $request, Closure $next)
    {
        $ignoredRoutes = [
            route('ignored.route.name'), // Add the route names you want to ignore
        ];

        $previousUrl = url()->previous();

        if (in_array($previousUrl, $ignoredRoutes)) {
            return redirect('/home'); // Redirect to home or any default route
        }

        return $next($request);
    }
}

Step 3: Register the Middleware

In app/Http/Kernel.php, register your middleware. You can add it to the web middleware group or apply it specifically to the login route:

protected $routeMiddleware = [
    // ...
    'redirect.if.from.ignored.route' => \App\Http\Middleware\RedirectIfFromIgnoredRoute::class,
];

Step 4: Apply the Middleware

If you want to apply this middleware specifically to the login route, you can do so in your routes/web.php:

Route::post('login', [LoginController::class, 'login'])->middleware('redirect.if.from.ignored.route');

Step 5: Modify the Login Controller

Ensure your LoginController uses the intended redirection logic. You might need to override the redirectTo method if you haven't already:

protected function redirectTo()
{
    return '/home'; // Default redirect path
}

With this setup, when a user logs in, the middleware will check if the previous URL is in the list of ignored routes and redirect them to the default path if it is. Otherwise, it will proceed with the normal redirection logic.

Snapey

1 year ago

Level 122

You should not need to resort to middleware.

You are NEVER redirected back to the page you were on before. That is not standard behaviour.

You are directed to the page you were trying to reach (the Intended route), and if that is empty then the user is redirected to the default route.

The intended route is set when clicking on a menu or button that leads to another page. If that page is protected by auth middleware then the request is intercepted and sent to login. After login, the intended route is used, that is, the route the user tried to reach when the auth middleware stopped them.

If you want to change this behaviour, you need to find the login code (varies by starter kit) and where the intended route is used, and put in additional logic to redirect as required.

andyjameswhite

1 year ago

Level 9

Thanks @snapey , that's exactly the conclusion I came to looking at the AI generated code, it makes no sense as the previous url is always going to be what login route the user came from

It certainly doesn't makes sense to have middleware run every time, when I know the only time I need to check this is when user is hitting the Login store route

I did the following in the Controller right after the Session is regenerated

        $ignoredRoutes = [
            route('route.name.here'),
            route('route.othername.here'),
        ];
        $intended_url = Session::get('url.intended', url('/'));
        if (in_array($intended_url, $ignoredRoutes)) {
            Session::forget('url.intended');
        }

It's a bit of a halfway house. Obviously the ignoredRoutes or the whole thing could be externalised, and enhanced for wildcards, but as it's a real corner case for me it suffices for the time being

Please or to participate in this conversation.