I have a problem with my laravel app.
I want to add middleware for rank control on route.
When i add my custom middelware to my route group bindings of SQL statement are in double.
When i take off my custom middleware it's work fine.
I really don't understand why.
There is my AuthRank.php :
class AuthRank {
public function handle($request, Closure $next, $rank)
{
$response = $next($request);
$user = Auth::user();
if(!$user || $user->rank < $rank)
{
return redirect('/');
}
return $next($request);
}}
There is my Kernel.php :
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\Adldap\Laravel\Middleware\WindowsAuthenticate::class, // Inserted here.
],
'api' => [
'throttle:60,1',
],
];
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* @var array
*/
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'can' => \Illuminate\Foundation\Http\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'auth.rank' => \App\Http\Middleware\AuthRank::class,
];
And there is an extract of my Routes.php :
Route::group(['prefix' => 'GestionUtilisateurs','middleware' =>'auth.rank:99'], function ()
{
Route::post('/copy', ['uses' => 'userController@copyUser']);
});
The results of problem with custom middleware:
Statement : insert into MY_TABLE (DATE, USER_ID, ROLE_ID) values (:p0, :p1, :p2) Bindings : [2016/08/09,2016/08/09,1,1,99,99]
without my custom middleware it return me :
Statement : insert into MY_TABLE (DATE, USER_ID, ROLE_ID) values (:p0, :p1, :p2) Bindings : [2016/08/09,1,99]
And this is good
I know the "web" middleware it's by default in
app/providers/RouteServiceProvider.php
But when i delete it, my auth don't work.
Why it's not work with my custom middleware ?
Thx !
I don't see any code that could affect your query. What I do see is that you seem to have an error in your code:
class AuthRank {
public function handle($request, Closure $next, $rank)
{
// Isn't this repeated unnecessarily?
// $response = $next($request);
$user = Auth::user();
if(!$user || $user->rank < $rank) {
return redirect('/');
}
return $next($request);
}
}
Try removing the excess code. If it doesn't work, provide more details in how it is you are creating your affected query and we might be able to help more.