How to setup two route groups using middleware in Laravel 5.4

1
votes

I'm setting up a web application in which I would like to distinguish two route groups. Both groups work as expected on their own, but when combined one of them fails. I've checked documentation on L5.4 website and followed instructions. After a whole day of digging decided to ask you.

Here is my routes/web.php file:

Route::group(['middleware' => ['auth']], function () {

    Route::group(['middleware' => ['medewerker']], function () {
        Route::get('/urencorrectie','UrenRegelsController@urencorrectie');
    });

    Route::group(['middleware' => ['officemanager']], function () {
        Route::get('/', 'DashboardController@index');
        Route::post('/', 'DashboardController@index');
        Route::get('/profile', function(){
        return view('profile');});
    });
});
Auth::routes();

Route::get('/home', 'HomeController@index');

In order to enable roles I addes a column Rolid to the user model. Rol 1 is officemanager and role 3 is employee.

Then in the subsequent middleware we find employee.php:

namespace App\Http\Middleware;
use Closure;
use Auth;
class Employee
{
/**
 * Handle an incoming request.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  \Closure  $next
 * @return mixed
 */
    public function handle($request, Closure $next)
    {
        if(Auth::user()->Rolid=='3')
        {
            return $next($request);
        }
        else
        {
            return redirect('/home');
        }
    }
}

The Middleware officemanager.php file contains:

namespace App\Http\Middleware;
use Closure;
use Auth;

class Officemanager
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        $user=Auth::user();
        if(Auth::user()->Rolid=='1')
        {
            return $next($request);
        }
        else
        {
            return redirect('/home');
        }
    }
}

The code as is produces the following result: - When an Officemanager logs in, he/she is redirected to the proper routes. Everything works fine. - When an Employee logs in, he/she gets redirected to the /home redirect (bottom of routing/web.php file).

Any clues or help is very welcome. Kinda stuck on something probably basic.

[UPDATE]

In kernel.php both classes are mapped:

protected $routeMiddleware = [
    'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
    'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
    'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
    'can' => \Illuminate\Auth\Middleware\Authorize::class,
    'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
    'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
    'officemanager' => \App\Http\Middleware\Officemanager::class,
    'employee' => \App\Http\Middleware\Employee::class,
];
1
laravelroutesmiddleware
Can you ddd the code that mapps the middleware name to class?Idob
check the role id of an employee. also use if(Auth::user()->Rolid==1).Jamal Abdul Nasir
Thanks for both your replies, much appreciated. @idob, I've updated my post with the class mapping code Jamal. You mean using this condition already in the web.php file? Documentation seems to guide me towards doing this in the middlewareclass itself. Big advantage of doing so earlier in the process is that you keep the initial request intact. I'm gonna experiment with this one and report back.Nick van der Veen

1 Answers

1
votes

The only thing that I can think of is that the Rolid of employee is not 3 - so try to debug it.

In general, it is not recommended to rely on DB ids in your code, because they can change between environments. I would add a relation for the user model and check the rol name:

User model:

public function role()
{
    return $this->belongsTo('App\Role', 'Rolid');
}

Employee middlaware

class Employee
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if(Auth::user()->role->name == 'employee')
        {
            return $next($request);
        }
        else
        {
            return redirect('/home');
        }
    }
}

Office manger middleware:

class Officemanager
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if(Auth::user()->role->name == 'officemanager')
        {
            return $next($request);
        }
        else
        {
            return redirect('/home');
        }
    }
}