Summer Sale! All accounts are 50% off this week.

cherrypulp's avatar

Problem with custom Auth Provider in Admin Package using the new 5.2 auth system

Hi everyone,

We have an issue with the way of including a custom auth provider for an Admin package we maid and want to put Open Source soon after Laravel 5.2 refactoring.

We have a custom AuthController that implements :

use AuthenticatesUsers, ThrottlesLogins;

The Auth attempt works and I get the the user in the AuthController.

But when we redirect the user after a successful auth attempt to a route protected by our AuthMiddleware => it seems that we lost the login session... and when we try to test auth('arxmin')->check() it returns now false.

Here is the code in our custom AuthController :

class AuthController extends Controller
{
    use AuthorizesRequests, DispatchesJobs, ValidatesRequests;
    use AuthenticatesUsers, ThrottlesLogins;
    protected $redirectPath = "arxmin/dashboard";
    protected $redirectTo = "arxmin/dashboard";
    protected $guard = "arxmin";

/**
     * If user is authenticated => redirect to the arxmin home
     *
     * @param $request
     * @param $user
     * @return \Illuminate\Http\RedirectResponse
     */
    public function authenticated($request, $user){
    //dd(auth('arxmin')->check(), $user); ----> When we try that it seems that the user is correctly connected
        return redirect()->intended($this->redirectTo);
    }

But when we protect a route with our Custom Middleware :

/**
class AuthenticateMiddleware {

    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @param  string|null  $guard
     * @return mixed
     */
    public function handle($request, Closure $next, $guard = null)
    {
        dd(auth("arxmin")->check());

        if (auth("arxmin")->guest()) {
            if ($request->ajax()) {
                return response('Unauthorized.', 401);
            } else {
                return redirect()->guest('login');
            }
        }

        return $next($request);
    }

}

=> it seems that the user is not logged anymore

Can somebody help us ?

Thanks a lot !

0 likes
2 replies
cherrypulp's avatar
cherrypulp
OP
Best Answer
Level 2

Yes I figure out what is wrong, you must put your AuthController inside the 'web' middleware group => if not you won't have the session, cookie etc. => so the controller route should at least run :

\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class

See here for full explanation : https://mattstauffer.co/blog/middleware-groups-in-laravel-5-2

Hope it will help ;-)

Please or to participate in this conversation.