Protect admin routes with new eloquent sessions
When using Laravel’s own auth middleware an exception would then get thrown which was being sent to Slack, hmmm. So I modified the original MyAuthMiddleware to use the Auth facade instead of a custom session key. A logout page has also been added.
This commit is contained in:
parent
db3708bbb6
commit
2e79492b01
4 changed files with 58 additions and 17 deletions
|
|
@ -4,7 +4,6 @@ declare(strict_types=1);
|
|||
|
||||
namespace App\Http\Controllers;
|
||||
|
||||
use Illuminate\View\View;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use Illuminate\Http\RedirectResponse;
|
||||
|
||||
|
|
@ -40,4 +39,31 @@ class AuthController extends Controller
|
|||
|
||||
return redirect()->route('login');
|
||||
}
|
||||
|
||||
/**
|
||||
* Show the form to logout a user.
|
||||
*
|
||||
* @return \Illuminate\View\View|\Illuminate\Http\RedirectResponse
|
||||
*/
|
||||
public function showLogout()
|
||||
{
|
||||
if (Auth::check() === false) {
|
||||
// The user is not logged in, just redirect them home
|
||||
return redirect('/');
|
||||
}
|
||||
|
||||
return view('logout');
|
||||
}
|
||||
|
||||
/**
|
||||
* Log the user out from their current session.
|
||||
*
|
||||
* @return \Illuminate\Http\RedirectResponse;
|
||||
*/
|
||||
public function logout(): RedirectResponse
|
||||
{
|
||||
Auth::logout();
|
||||
|
||||
return redirect('/');
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,6 +6,7 @@ namespace App\Http\Middleware;
|
|||
|
||||
use Closure;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
|
||||
class MyAuthMiddleware
|
||||
{
|
||||
|
|
@ -18,7 +19,7 @@ class MyAuthMiddleware
|
|||
*/
|
||||
public function handle(Request $request, Closure $next)
|
||||
{
|
||||
if ($request->session()->has('loggedin') !== true) {
|
||||
if (Auth::check($request->user()) == false) {
|
||||
//they’re not logged in, so send them to login form
|
||||
return redirect()->route('login');
|
||||
}
|
||||
|
|
|
|||
10
resources/views/logout.blade.php
Normal file
10
resources/views/logout.blade.php
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
@extends('master')
|
||||
@section('title')Logout @stop
|
||||
|
||||
@section('content')
|
||||
<h2>Logout</h2>
|
||||
<form action="logout" method="post">
|
||||
<input type="hidden" name="_token" value="{{ csrf_token() }}">
|
||||
<input type="submit" name="submit" value="Logout">
|
||||
</form>
|
||||
@stop
|
||||
|
|
@ -20,10 +20,14 @@ Route::group(['domain' => config('url.longurl')], function () {
|
|||
// Static colophon page
|
||||
Route::view('colophon', 'colophon');
|
||||
|
||||
//The login routes to get authe'd for admin
|
||||
// The login routes to get auth'd for admin
|
||||
Route::get('login', 'AuthController@showLogin')->name('login');
|
||||
Route::post('login', 'AuthController@login');
|
||||
|
||||
// And the logout routes
|
||||
Route::get('logout', 'AuthController@showLogout')->name('logout');
|
||||
Route::post('logout', 'AuthController@logout');
|
||||
|
||||
// Admin pages grouped for filter
|
||||
Route::group([
|
||||
'middleware' => 'myauth',
|
||||
|
|
@ -139,7 +143,7 @@ Route::group(['domain' => config('url.longurl')], function () {
|
|||
Route::post('api/media', 'MicropubController@media')->middleware('micropub.token', 'cors')->name('media-endpoint');
|
||||
Route::options('/api/media', 'MicropubController@mediaOptionsResponse')->middleware('cors');
|
||||
|
||||
//webmention
|
||||
// Webmention
|
||||
Route::get('webmention', 'WebMentionsController@get');
|
||||
Route::post('webmention', 'WebMentionsController@receive');
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue