Laravel 4 route protected pages

1
votes

I have a controller UserController.php which contains the following methods: getIndex(), getAll(), getCreate(), postStore(), getShow(), getEdit(), putUpdate(), getDestroy(), getLogin(), getDashboard(), and getLogout().

I have included the following codes into the routes.php

    Route::get('/', function()
    {
    return View::make('hello');
    });
    Route::get('users/all/', [ 'as' => 'users.index', 'uses' => 'UserController@getAll']);
    Route::get('users/create/', [ 'as' => 'users.getCreate', 'uses' => 'UserController@getCreate']);
    Route::get('users/{all}/edit', 'UserController@getEdit');
    Route::put('users/update/{id}', [ 'as' => 'users.putUpdate', 'uses' => 'UserController@putUpdate']);
    Route::controller('users', 'UserController');

I can access the pages like 

http://localhost/testlaravell/users/

or 

http://localhost/testlaravell/users/add

etc.

Now, I want that only logged in users can access the pages, other wise s/he will be redirect to the login page http://localhost/testlaravell/login

The methods for login under UserController.php as follows:

public function postSignin() {

        $rules = array(
        'username'    => 'required', // make sure the username is an actual username
        'password' => 'required|alphaNum|min:3' // password can only be alphanumeric and has to be greater than 3 characters
        );

        // run the validation rules on the inputs from the form
        $validator = Validator::make(Input::all(), $rules);

        // if the validator fails, redirect back to the form
        if ($validator->fails()) {
        return Redirect::to('users/login')
        ->withErrors($validator) // send back all errors to the login form
        ->withInput(Input::except('password')); // send back the input (not the password) so that we can repopulate the form

        } else {

        // create our user data for the authentication
        $userdata = array(
        'username'     => Input::get('username'),
        'password'  => Input::get('password')
        );

        // attempt to do the login
        if (Auth::attempt($userdata)) {


         return Redirect::to('users/dashboard')->with('message', 'Welcome User');

        } else {        

        // validation not successful, send back to form 
        return Redirect::to('users/login')->with('message', 'Sorry!! Username/ Password seems wrong.');

          }

     }       
 }

public function getLogin() {
    return View::make('users.login');
    }
1
laravellaravel-4laravel-routing
With the code you've posted isn't your login page localhost/testlaravell/users/login not localhost/testlaravell/login I can't see a route that would result in the login without the users being part of the route.Mark Davidson

1 Answers

0
votes

You'll want to make use of the Auth Filter in Laravel 4

You can wrap all your routes in a group and specify that filter, in your case the code would be something like this.

Route::group(array('before' => 'auth'), function()
{
    Route::get('users/all/', [ 'as' => 'users.index', 'uses' => 'UserController@getAll']);
    Route::get('users/create/', [ 'as' => 'users.getCreate', 'uses' => 'UserController@getCreate']);
    Route::get('users/{all}/edit', 'UserController@getEdit');
    Route::put('users/update/{id}', [ 'as' => 'users.putUpdate', 'uses' => 'UserController@putUpdate']);
    Route::controller('users', 'UserController'); 
});

You can checkout the documentation on Route Groups here