I have a login page where users can authenticate using a mobile OTP or an email OTP. I've also implemented a global middleware to validate user tokens. However, users are not authorized on the login page, so they can't pass the authorization check.
I've made an exception for the login page in the middleware, and I want to redirect users to it if they are not authorized. But in Livewire, the page has other requests that are not passing, causing the login page to redirect continuously.
Middleware
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
use Illuminate\Routing\Route;
use App\Models\User;
use carbon\carbon;
class check_token
{
public function handle(Request $request, Closure $next): Response
{
if($request->is('login')){
return $next($request);
}
if (session('user_id') != NULL) {
$user = user::find(session('user_id'));
$token_status = $user->token_status();
if ($user && $token_status->token_is_valid && $token_status->token_is_live) {
return $next($request);
} elseif ($user && $token_status->token_is_valid && $token_status->token_is_live == false) {
$user->settoken(3600);
return $next($request);
}
}
}
}
I have tried many articles and experiences for Laravel, but they need to be fixed in this case.
I solved this problem using the getResponseUri() function of the Request class. Also, know that Livewire sends a request with the path /livewire/update.
Middleware
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
use Illuminate\Routing\Route;
use App\Models\User;
use carbon\carbon;
class check_token
{
public function handle(Request $request, Closure $next): Response
{
if (\Request::getRequestUri() == '/livewire/update' && empty(session('user_id')) || \Request::getRequestUri() == '/login' && empty(session('user_id')) || \Request::getRequestUri() == '/login-verify') {
return $next($request);
} else {
session()->flush();
return redirect()->route('login');
}
}
}