Nested middleware

Question

Nested middleware

Asked 7 years, 11 months ago

Viewed 31 times

1

I would like to allow access to some pages only if user is logged in.

I did so:

Route::group( ['middleware' => 'usuario'], function (){
    /* Minhas páginas */
});

So far so good, but I would like to check if the password is already current (if sn_senha_atual == 'S' )

I thought of using nested middleware, but it gives a mistake ERR_TOO_MANY_REDIRECTS when trying to use like this:

Route::group( ['middleware' => 'usuario'], function (){
    Route::group( ['middleware' => 'senha'], function (){
      /*  minhas paginas */
    });
});

My middleware user is like this:

 public function handle($request, Closure $next)
    {
        if( !Auth::check() ){
            return redirect()->back();
        }
            return $next($request);
    }

And my middleware password is like this:

public function handle($request, Closure $next)
    {
        $user = Auth::user();
        if( $user->sn_senha_atual == 'N' ){
           // echo "Alterar id: ".$user->id;
            return redirect()->route( 'usu.alterar');
        }
        return $next($request);
    }

How do I so that after checking if user is logged in, check if the password is the current one?

[EDIT 1]

Put the change page outside the password middlware, but now it seems that user middleware does not let pass

    Route::group( ['middleware' => 'usuario'], function (){
            Route::group( ['middleware' => 'senha'], function (){
              Route::group(['as' => 'usu.', 'prefix' => 'usuario'], function (){
               Route::get('',['as' => 'index','middleware' => 'senha', 'uses' => 'UsuarioController@index']);
               Route::get('cadastrar',['as' => 'create', 'uses' => 'UsuarioController@create']);
               Route::post('salvar',['as' => 'store', 'uses' => 'UsuarioController@store']);
               Route::post('delete',['as' => 'remove', 'uses' => 'UsuarioController@remove']);
               Route::post('edit',['as' => 'edit', 'uses' => 'UsuarioController@edit']);
               Route::post('update',['as' => 'update', 'uses' => 'UsuarioController@update']);
               Route::get('sair',['as' => 'sair','middleware' => 'senha', 'uses' => 'UsuarioController@sair']);
               Route::get('logoff',['as' => 'logoff', 'uses' => 'UsuarioController@logOff']);
                 });
            });
           Route::post('alterar',['as' => 'alterar', 'uses' => 'UsuarioController@alterarSenha']);
        });

And by chance the pages you’re redirecting to are not within the group that owns the middleware?

– Woss

2017/11/29 at 19:00
They’re not, they’re in a simple group, for example : Route::group(['as' => 'item.', 'prefix' => 'item'], function (){

– adventistaam

2017/11/29 at 19:03
This syntax of multiples middleware is consistent with the documentation?

– Woss

2017/11/29 at 19:04
Route::middleware(['first', 'second'])->group(function () { That way you’re saying $Required Parameter $callback Missing

– adventistaam

2017/11/29 at 19:16
So also gave the same mistake: Route::group( ['middleware' => ['usuario', 'senha']]

– adventistaam

2017/11/29 at 19:23
Next you should ta doing so, the password check middlweare must be contained in the route us.alterar, so he checks again and tells you to go to the same page, that’s what you can’t do, what you have to do is take the route us.alterar the middleware password ... understood?

– novic

2017/11/29 at 19:40
I really took inside and did not give the message anymore, however, it does not enter the page to change.

– adventistaam

2017/11/29 at 20:01
because it should be get and not post changes it!

– novic

2017/11/29 at 20:07
Yeah. It worked. That’s what it was.. I put it out of all the groups and it worked. Please add as a response

– adventistaam

2017/11/29 at 20:12
@adventistaam can add yourself and put a text explaining what happened... !!! it’s cool to reply too! go there

– novic

2017/11/29 at 20:13

Show 5 more comments

1 answer

Browser other questions tagged php laravel middleware

You are not signed in. Login or sign up in order to post.

by adventistaam • **3,354** points · Answer 1 · 2017-11-29T20:23:59+00:00

According to the help of colleagues and the key comment of the friend Virgilio Novic

The route where the page was to change the password was inside the password middleware as well, so I guess that’s what was giving the other redirects ( ERR_TOO_MANY_REDIRECTS )

That’s how it was:

Route::group( ['middleware' => 'usuario'], function (){
    Route::group( ['middleware' => 'senha'], function (){
       Route::group(['as' => 'usu.', 'prefix' => 'usuario'], function (){
            Route::get('alterar',['as' => 'alterar', 'uses' => 'UsuarioController@alterarSenha']);
         });
    });
});

Then it was like this:

Route::group( ['middleware' => 'usuario'], function (){
    Route::group( ['middleware' => 'senha'], function (){
       Route::group(['as' => 'usu.', 'prefix' => 'usuario'], function (){

         });
    });
});

 Route::get('alterar',['as' => 'alterar', 'uses' => 'UsuarioController@alterarSenha']);

Also, according to the documentation the group of middleware can stay like this:

Route::middleware(['first', 'second'])->group(function () {

or so:

Route::group( ['middleware' => ['usuario','senha']], function (){

Thanks for your help, fellas