I'm setting up a web application in which I would like to distinguish two route groups. Both groups work as expected on their own, but when combined one of them fails. I've checked documentation on L5.4 website and followed instructions. After a whole day of digging decided to ask you.
Here is my routes/web.php file:
Route::group(['middleware' => ['auth']], function () {
Route::group(['middleware' => ['medewerker']], function () {
Route::get('/urencorrectie','UrenRegelsController@urencorrectie');
});
Route::group(['middleware' => ['officemanager']], function () {
Route::get('/', 'DashboardController@index');
Route::post('/', 'DashboardController@index');
Route::get('/profile', function(){
return view('profile');});
});
});
Auth::routes();
Route::get('/home', 'HomeController@index');
In order to enable roles I addes a column Rolid to the user model. Rol 1 is officemanager and role 3 is employee.
Then in the subsequent middleware we find employee.php:
namespace App\Http\Middleware;
use Closure;
use Auth;
class Employee
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if(Auth::user()->Rolid=='3')
{
return $next($request);
}
else
{
return redirect('/home');
}
}
}
The Middleware officemanager.php file contains:
namespace App\Http\Middleware;
use Closure;
use Auth;
class Officemanager
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$user=Auth::user();
if(Auth::user()->Rolid=='1')
{
return $next($request);
}
else
{
return redirect('/home');
}
}
}
The code as is produces the following result: - When an Officemanager logs in, he/she is redirected to the proper routes. Everything works fine. - When an Employee logs in, he/she gets redirected to the /home redirect (bottom of routing/web.php file).
Any clues or help is very welcome. Kinda stuck on something probably basic.
[UPDATE]
In kernel.php both classes are mapped:
protected $routeMiddleware = [
'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'officemanager' => \App\Http\Middleware\Officemanager::class,
'employee' => \App\Http\Middleware\Employee::class,
];
The only thing that I can think of is that the Rolid of employee is not 3 - so try to debug it.
In general, it is not recommended to rely on DB ids in your code, because they can change between environments. I would add a relation for the user model and check the rol name:
User model:
public function role()
{
return $this->belongsTo('App\Role', 'Rolid');
}
Employee middlaware
class Employee
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if(Auth::user()->role->name == 'employee')
{
return $next($request);
}
else
{
return redirect('/home');
}
}
}
Office manger middleware:
class Officemanager
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if(Auth::user()->role->name == 'officemanager')
{
return $next($request);
}
else
{
return redirect('/home');
}
}
}