Search code examples
phplaravelhttp-redirectlaravel-4

Laravel redirect back to original destination after login

This seems like a pretty basic flow, and Laravel has so many nice solutions for basic things, I feel like I'm missing something.

A user clicks a link that requires authentication. Laravel's auth filter kicks in and routes them to a login page. The user logs in and then goes to the original page they were trying to get to before the 'auth' filter kicks in.

Is there a good way to know what page they were trying to get to originally? Since Laravel intercepts the request, I didn't know if it keeps track somewhere for easy routing after the user logs in.

If not, I'd be curious to hear how some of you have implemented this manually.

Solution

  • For Laravel 5.3 and above

    Check Scott's answer below.

    For Laravel 5 up to 5.2

    Simply put,

    On auth middleware:

    // redirect the user to "/login"
// and stores the url being accessed on session
if (Auth::guest()) {
    return redirect()->guest('login');
}
return $next($request);

    On login action:

    // redirect the user back to the intended page
// or defaultpage if there isn't one
if (Auth::attempt(['email' => $email, 'password' => $password])) {
    return redirect()->intended('defaultpage');
}

    For Laravel 4 (old answer)

    At the time of this answer there was no official support from the framework itself. Nowadays you can use the method pointed out by bgdrl below this method: (I've tried updating his answer, but it seems he won't accept)

    On auth filter:

    // redirect the user to "/login"
// and stores the url being accessed on session
Route::filter('auth', function() {
    if (Auth::guest()) {
        return Redirect::guest('login');
    }
});

    On login action:

    // redirect the user back to the intended page
// or defaultpage if there isn't one
if (Auth::attempt(['email' => $email, 'password' => $password])) {
    return Redirect::intended('defaultpage');
}

    For Laravel 3 (even older answer)

    You could implement it like this:

    Route::filter('auth', function() {
    // If there's no user authenticated session
    if (Auth::guest()) {
        // Stores current url on session and redirect to login page
        Session::put('redirect', URL::full());
        return Redirect::to('/login');
    }
    if ($redirect = Session::get('redirect')) {
        Session::forget('redirect');
        return Redirect::to($redirect);
    }
});

    // on controller
public function get_login()
{
    $this->layout->nest('content', 'auth.login'); 
}

public function post_login()
{
    $credentials = [
        'username' => Input::get('email'),
        'password' => Input::get('password')
    ];

    if (Auth::attempt($credentials)) {
        return Redirect::to('logged_in_homepage_here');
    }

    return Redirect::to('login')->with_input();
}

    Storing the redirection on Session has the benefit of persisting it even if the user miss typed his credentials or he doesn't have an account and has to signup.

    This also allows for anything else besides Auth to set a redirect on session and it will work magically.