38
votes

I use Laravel 5.2 and have a problem with middleware. There is the code in the routes.php


    use Illuminate\Contracts\Auth\Access\Gate;


    Route::group(['middleware' => 'web'], function () {

        Route::auth();

        Route::get('/', 'HomeController@index');
    });


    Route::group(['prefix'=>'admin',  'middleware' => 'admin'], function(){
        Route::get('/', function(){
            return view('admin.index');
        });
        Route::get('/user', function(){
            return view('admin.user');
        });
    });

Kernel.php:


    protected $routeMiddleware = [
    ...
     'admin' => \App\Http\Middleware\AdminPanel::class,
    ];

AdminPanel.php


    namespace App\Http\Middleware;


    use Closure;
    use Illuminate\Support\Facades\Auth;
    use App\Role;

    class AdminPanel
    {
        public function handle($request, Closure $next)
        {
            $user = Auth::user();
            dd($user);

            if($user){
                $role = Role::whereName('admin')->first();
                if($user->hasRole($role)){
                    return $next($request);
                }
            }
            return redirect('/');
        }

So,

$user = Auth::user()
always return null. Thanks for suggestions!
6

6 Answers

48
votes

Any route that uses Auth() must be encapsulated in the web middleware. You're close, just move your Route::group(['prefix' => 'admin'], ...) into the group above.

Route::group(['middleware' => 'web'], function () {

    Route::auth();

    Route::get('/', 'HomeController@index');

    // Moving here will ensure that sessions, csrf, etc. is included in all these routes
    Route::group(['prefix'=>'admin',  'middleware' => 'admin'], function(){
        Route::get('/', function(){
            return view('admin.index');
        });

        Route::get('/user', function(){
            return view('admin.user');
        });
    });
});
65
votes

I faced a situation where Auth::user() always returns null, it was because I was trying to get the User in a controller's constructor.

I realized that you can't access the authenticated user in your controller's constructor because the middleware has not run yet.

As an alternative, you can define a Closure based middleware directly in your controller's constructor.

namespace App\Http\Controllers;

use App\User;
use Illuminate\Support\Facades\Auth;
use App\Http\Controllers\Controller;

class ProjectController extends Controller
{
    protected $user;

    /**
     * Create a new controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        $this->middleware(function ($request, $next) {

            $this->user = Auth::user();

            return $next($request);
        });
    }
}
2
votes

Define middleware in the constructer of your controller and it will do the trick here

public function __construct()
{
    $this->middleware('auth:api');
}
1
votes

I had the same problem because i did not set the table name.

/**
 * The table associated with the model.
 *
 * @var string
 */
protected $table = 'users';
0
votes
Route::middleware('auth:api')->group(function () {
    Route::get('/details', 'UserController@details');
});
-4
votes

My Auth::user() return null in view when

  • I don't have users table in database
  • I don't have id field as primary key of table users