I found that when the URLs are the same, the POST one isn't being used whatsoever. Filling the form redirects the user to the auth view even though its method is set to POST. It's as if either the form method was set to GET or I defined a Route::any to that URL. I did neither. Double checked.
I still see no reason for that to be happening.
So, I have a view inside my app that needs to be accessible only to user who have a specific password (NOT their passwords as users) and a specific e-mail. To accomplish that, I put a form inside another view (accessible to everyone) and created a POST route as follows:
<form action="{{ URL::route('team-update-v5-post', array('v5',$team_v5->teamname)) }}" method='post'>
<p>Team password: {{ $team_v5->teamname }}</p>
<input type='password' name='password'>
<input type='hidden' name='email' value="{{ Sentry::getUser()->email }}">
<input type='submit' value='Edit'>
{{ Form::token(); }}
</form>
Route::post('/sentry/team/{v}/{teamname}/edit', array(
'as' => 'team-update-v5-post',
'uses' => 'TeamController@postUpdateV5'
));
Route::get('/sentry/team/{v}/{teamname}/edit', array(
'as' => 'team-update-v5',
'uses' => 'TeamController@getUpdateV5'
));
So if the password is correct and the user's e-mail is the one authorized to access that view, it works and the information passes to the controller.
Now, problem is: I don't want anyone besides that specific user with that specific password to see the view, so I created a GET route for anyone that tries to simply type the URL in the browser. That route is supposed to make a authentication view that prompts the user to fill in the necessary info. Here is the controller:
public function getUpdateV5 ($v,$teamname) {
return View::make('team.auth')
->with('v',$v)
->with('teamname',$teamname);
}
public function postUpdateV5($v,$teamname) {
$validator = Validator::make(Input::all(), array(
'password' => 'required|min:6',
'email' => 'required|email',
));
if($validator->fails()) {
return Redirect::route('team-update-v5',array('v5',$teamname))
->withErrors($validator);
} else {
$team_v5 = DB::table('teams_v5')->where('teamname',$teamname)->first();
$captain_v5 = Sentry::findUserById($team_v5->captain_id);
if(Hash::check(Input::get('password'), $team_v5->password)) {
return View::make('team.updatev5')
->with('team_v5', $team_v5)
->with('captain_v5',$captain_v5)
} else {
return Redirect::route('profile-team',array($v,$teamname))
->with('global','Incorrect password!');
}
}
}
At the end, what happens is:
teamv5.blade.php, the user gets redirected to the auth view and is prompted to type the info again (not nice).I want the user to be able to access it both ways, if possible. I know I made it long, sorry. Any help would be greatly appreciated.
Thanks in advance!