Why doesn't this dashboard route follow my middleware logic?

120

Question: Why doesn't this dashboard route follow my middleware logic?

I am working on a Laravel 8 app that uses Microsoft Azure for user management (login included).

I began by following this tutorial on their website.

I have these routes "under" the dashboard route, that I want to protect with a piece of custom middleware:

// Dashboard routes Route::get('/dashboard', [DashboardContoller::class, 'index'])->name('dashboard');  Route::group(['prefix' => 'dashboard' , 'middleware' => ['checkSignedIn']], function() {     Route::get('/users', [UsersContoller::class, 'index']);     Route::get('/create-user', [UsersContoller::class, 'create']);     Route::get('/delete-user/{id}', [UsersContoller::class, 'delete']); });

The conditions for a user to be allowed to the application's dashboard are:

  1. They sign in with a valid Microsoft account

  2. Their email is inside an aray of alowed emails:

    private $allowedEmails = [     '[email protected]',     'user.[email protected]',     '[email protected]', ];

For this purpose, I have done the flollowing:

Created a CheckSignedIn middleware, with php artisan make:middleware CheckSignedIn.

Registered the above middleware in app\Http\Kernel.php:

protected $routeMiddleware = [     // More middleware     'checkSignedIn' => \App\Http\Middleware\CheckSignedIn::class, ];

In app\Http\Middleware\CheckSignedIn.php I have:

namespace App\Http\Middleware; use Closure; use Illuminate\Http\Request;  class CheckSignedIn { /**  * Handle an incoming request.  *  * @param  \Illuminate\Http\Request  $request  * @param  \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse)  $next  * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse  */  private $allowedEmails = [     '[email protected]',     '[email protected]',     '[email protected]', ];   public function handle(Request $request, Closure $next) {   $isSignedIn = null !== session('userName') && in_array(session('userEmail'), $this->allowedEmails);          if (!$isSignedIn) {           return redirect('/');       }              return $next($request);     } }

The problem

Evan if I am not logged in I can still see the dashboard (the /dashboard route).

Shouldn't this line deal with the /dashboard route too?

Route::group(['prefix' => 'dashboard' , 'middleware' => ['checkSignedIn']], function() {

What am I doing wrong?

Total Answers: 1

57

Answers 1: of Why doesn't this dashboard route follow my middleware logic?

Change your routes like this:

 // Dashboard routes Route::group(['prefix' => 'dashboard', 'middleware' => ['checkSignedIn']], function() {     Route::get('/', [DashboardContoller::class, 'index'])->name('dashboard');     Route::get('/users', [UsersContoller::class, 'index']);     Route::get('/create-user', [UsersContoller::class, 'create']);     Route::get('/delete-user/{id}', [UsersContoller::class, 'delete']); });

Recent Blog

How would I get the X postion of the right side of text in pillow

May 29, 2023

Type discrimination based on *any* element of an array (not *all* elements)

May 29, 2023

How to filter tensorflow dataset by value of single feature

May 29, 2023

In C#, how do you declare an array with all values set to zero, without explicitly declaring it?

May 29, 2023

Sorted queries on a large SQL table are slow despite an index exists

May 29, 2023

Inferring namespace of freestanding function

May 29, 2023

Scoped CSS doesn't work and the styles get leaked out

May 29, 2023

Convert epoch time in months and week using Dart

May 29, 2023

When does it make sense to enforce uniqueness for the primary key by the DB itself?

May 29, 2023

PayPal React JS Buttons background color

May 29, 2023