I'm quite new to Laravel and I'm trying to make a system that checks if a user is "logged-in".
For some reasons, I'm using SSPI Authentication. So basically, when the user arrives on the website, there's a login pop-up which asks for a login and password and the SSPI module auths against AD.
What I want to do is that, on any route, it will check for a session variable. If this variable doesn't exist, it redirects to a route where the SSPI is configured.
I tried the following :
Route::any('{all}', function()
{
if (!Session::get('PHP_USER_AUTH')) {
redirect::route('auth');
} else {
return 'Logged in as ' . Session::get('PHP_USER_AUTH');
}
})->where('all', '.*');
Route::get('/auth', function() {
// Do something
});
And here's the SSPI configuration :
<files auth>
AuthName "Laravel Auth"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
require valid-user
</files>
The obvious problem with this is that when I arrive on any route, it will check for the session variable, won't find it and redirect to the auth route. But, on the auth route, it will also check for the variable, won't find it and redirect etc etc.
Is there a way of making something like all routes excepts
or something. Or am I thinking the problem the wrong way ?
Thanks for your help.