I have created three custom middleware namely RedirectIfNotAdmin
, RedirectIfNotStartup
, RedirectIfNotInvestor
.
Middleware code Respectively:
class RedirectIfNotAdmin
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$user = Auth::user()->user_type;
if ($user != 'admin') {
return response('Unauthorized.', 401);
}
return $next($request);
}
}
class RedirectIfNotStartup
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$user = Auth::user()->user_type;
if ($user != 'startup') {
return response('Unauthorized.', 401);
}
return $next($request);
}
}
class RedirectIfNotInvestor
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$user = Auth::user()->user_type;
if ($user != 'investor') {
return response('Unauthorized.', 401);
}
return $next($request);
}
}
Routes:
Route::group(array('namespace' => 'UserControllers'), function(){
Route::group(['middleware' => ['auth', 'admin', 'startup', 'investor']], function () {
Route::any('showidea/{id}', ['as' => 'showidea', 'uses' => 'IdeaController@showIdea']);
Route::get('community', 'UserController@showCommunity');
Route::post('communities', 'UserController@addCommunity');
Route::get('edit/{id}', ['as' => 'edit', 'uses' => 'UserController@editCommunity']);
Route::get('delete/{id}', 'UserController@deleteCommunity');
Route::post('update/{id}', ['as' => 'update', 'uses' => 'UserController@updateCommunity']);
Route::any('create', 'IdeaController@displayPost');
Route::post('idea', 'IdeaController@storePost');
Route::get('users', 'UserController@showUserListing');
Route::get('deleteUser/{id}', 'UserController@deleteUser');
Route::get('delete/idea/{id}', 'IdeaController@deleteIdea');
Route::get('approve/{id}', 'IdeaController@approveIdea');
Route::get('edit/idea/{id}', [ 'as' => 'edit/idea', 'uses' => 'IdeaController@editIdea']);
Route::post('update/idea/{id}', [ 'as' => 'update/idea', 'uses' => 'IdeaController@updateIdea']);
});
});
The problem i am facing is that, it is only going into RedirectIfNotAdmin
middleware and not in other two middlewares
. It should authorize routes which are made for startup
and investor. But it is applying
adminmiddleware on every route and returns the response
unauthorized`
Kernel file:
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'admin' => \App\Http\Middleware\RedirectIfNotAdmin::class,
'investor' => \App\Http\Middleware\RedirectIfNotInvestor::class,
'startup' => \App\Http\Middleware\RedirectIfNotStartup::class
];
}