Protect routes with middleware Laravel

Question

I have implemented middleware roles and permissions control in my app, but I cannot figure out why it only allows me to define one '/' route. The second one is still pointing to '/home' even though I override AuthController redirectTo variable.

My routes:

Route::group(['middleware' => 'role:user'], function()
{
 Route::get('/', 'ScoresController@user');

});

Route::group(['middleware' => 'role:admin'], function()
{
Route::get('/', 'PagesController@home');
});

In any case after authentication user with user role redirecting to '/home'.

Middleware aren't if-statements. One route can only go to one controller & action, your middleware will only verify if a user has access to that route. In your case, the last route will overwrite the previos one. — sisve

Shnoo Shnoo · Accepted Answer · 2015-09-21T07:28:57

Like Simon says your second route will override the first one what you could do is load another controller wich redirects you to another page via redirect() or write it as a route itself.

Could look like this:

Route::get('/', function(){
    $user = Auth::user();

    if($user->is('admin') {
        return redirect('admin');
    }else{
        return redirect('user');
    }
});

Route::get('admin', ['middleware' => 'role:admin', 'uses'=> 'PagesController@home']);

This is just one of many possibilities hope it helps you.

Protect routes with middleware Laravel

1 Answers