Edit:
I found that when the URLs are the same, the POST one isn't being used whatsoever. Filling the form redirects the user to the auth view even though its method is set to POST. It's as if either the form method was set to GET or I defined a Route::any
to that URL. I did neither. Double checked.
I still see no reason for that to be happening.
Main Question:
So, I have a view inside my app that needs to be accessible only to user who have a specific password (NOT their passwords as users) and a specific e-mail. To accomplish that, I put a form inside another view (accessible to everyone) and created a POST route as follows:
teamv5.blade.php
<form action="{{ URL::route('team-update-v5-post', array('v5',$team_v5->teamname)) }}" method='post'>
<p>Team password: {{ $team_v5->teamname }}</p>
<input type='password' name='password'>
<input type='hidden' name='email' value="{{ Sentry::getUser()->email }}">
<input type='submit' value='Edit'>
{{ Form::token(); }}
</form>
Routes.php
Route::post('/sentry/team/{v}/{teamname}/edit', array(
'as' => 'team-update-v5-post',
'uses' => 'TeamController@postUpdateV5'
));
Route::get('/sentry/team/{v}/{teamname}/edit', array(
'as' => 'team-update-v5',
'uses' => 'TeamController@getUpdateV5'
));
So if the password is correct and the user's e-mail is the one authorized to access that view, it works and the information passes to the controller.
Now, problem is: I don't want anyone besides that specific user with that specific password to see the view, so I created a GET route for anyone that tries to simply type the URL in the browser. That route is supposed to make a authentication view that prompts the user to fill in the necessary info. Here is the controller:
TeamController.php
public function getUpdateV5 ($v,$teamname) {
return View::make('team.auth')
->with('v',$v)
->with('teamname',$teamname);
}
public function postUpdateV5($v,$teamname) {
$validator = Validator::make(Input::all(), array(
'password' => 'required|min:6',
'email' => 'required|email',
));
if($validator->fails()) {
return Redirect::route('team-update-v5',array('v5',$teamname))
->withErrors($validator);
} else {
$team_v5 = DB::table('teams_v5')->where('teamname',$teamname)->first();
$captain_v5 = Sentry::findUserById($team_v5->captain_id);
if(Hash::check(Input::get('password'), $team_v5->password)) {
return View::make('team.updatev5')
->with('team_v5', $team_v5)
->with('captain_v5',$captain_v5)
} else {
return Redirect::route('profile-team',array($v,$teamname))
->with('global','Incorrect password!');
}
}
}
At the end, what happens is:
- If I write the same URL for the GET and POST routes, the GET one works but after filling that first form in
teamv5.blade.php
, the user gets redirected to the auth view and is prompted to type the info again (not nice). - If I write different URLs or simply comment out the GET route, the POST one works perfectly but when I try to reload the page or access it via URL, I get the HTTP METHOD NOT ALLOWED error (because, of course, no GET route is written for that URL).
I want the user to be able to access it both ways, if possible. I know I made it long, sorry. Any help would be greatly appreciated.
Thanks in advance!