Laravel unauthenticated handler is not called

Question

I found a strange behavior in my Laravel app.

I have routes like this :

Route::group(['as' => 'web', 'middleware' => ['web']], function()
{
    Route::group(['middleware'=>['auth']], function() {
        Route::get('personal', 'Web\MyController@personal');
    }
}

In my app/Exceptions/Handler.php, I defined the unauthenticated function like this :

protected function unauthenticated($request, AuthenticationException $exception)
{
    if ($request->expectsJson()) {
        return response()->json(['error' => 'Unauthenticated.'], 401);
    }

    return redirect()->guest('login');
}

So when user is not authenticated and hit route with auth middleware, it should redirect to /login.

This works fine on local and development servers. But in production server, it never being called. I tried to dd() within render and unauthenticated functions, but it's never called. So, on production server, if unauthenticated user hit route with auth middleware, it will be always redirected to /auth instead of /login.

Do you have any experience to this problem? Thank you

jeremykenedy jeremykenedy · Accepted Answer · 2017-04-10T06:01:33

you should try not to modify the core handler,

Your routing file should not use nested routing in this situation.

Below are some examples that of the proper web.php routes for above

Route::group(['middleware' => ['web']], function() {

});

Route::group(['middleware' => ['auth']], function() {
    Route::get('personal', 'Web\MyController@personal');
});

Route::group(['middleware' => ['web', 'auth']], function() {
    Route::get('personal', 'Web\MyController@personal');
});

Laravel unauthenticated handler is not called

1 Answers