Wrong redirect when user is not logged in.

[billsuxx]

Hello,

I tried to use this package, but i run into a problem. After this:

php artisan multi-auth:install admin -f

Evertything looks fine, but when i try to reach /admin/home without active session, i got redirected to /login, instead of /admin/login.

[Hesto]

Did you install it on fresh copy of Laravel and is it the latest version of the package?

[billsuxx]

Hello, i tried with Laravel 5.3 and multi-auth 1.0.7.

[Hesto]

I don't know what's wrong, when i try it myself it works...

Go to 'app\Http\Controllers\AdminAuth\LoginController' and ensure you have proper guest middleware:

$this->middleware('admin.guest', ['except' => 'logout']);

It should be admin.guest.

[billsuxx]

I checked, it looks fine...

But as i see the unauthenticated function of App\Exepetion\Handler class do the redirect.

[rhessing]

I've got the same issue, installed on a fresh copy of laravel (v5.3.19) with hesto/core (v1.0.6) and hesto/multi-auth (v1.0.7).

I can acknowledge that the guest middleware in 'app\Http\Controllers\AdminAuth\LoginController' is admin.guest:

    public function __construct()
    {
        $this->middleware('admin.guest', ['except' => 'logout']);
    }

And that the unauthenticated function in 'app\Exceptions\Handler.php' is doing the redirect:

    protected function unauthenticated($request, AuthenticationException $exception)
    {
        if ($request->expectsJson()) {
            return response()->json(['error' => 'Unauthenticated.'], 401);
        }

        return redirect()->guest('login');
    }

This is causing /admin/login to be redirected to /login..

[Hesto]

Well i have no idea why you guys have that issue while its working fine for me with same dependencies. I will try to solve this and maybe we ask community...

[rhessing]

The exception is triggerd by:

Illuminate\Auth\Middleware\Authenticate->authenticate() ==> new Illuminate\Auth\AuthenticationException()

/vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php on line 66:
throw new AuthenticationException('Unauthenticated.', $guards);

And then it goes directly to the exception handler function: unauthenticated.

[rhessing]

I've solved my issue. The issue was located in the changes I made in the admin and web routes files.

To incorporate it with my existing application I've installed a fresh project with all dependencies. Then I copied over all models/controllers/etc. For the routes, I've altered these to reflect my current application.

I'v added a group route with the admin auth as middleware and with adjusted admin login functions in there:

Route::group(['middleware' => 'admin'], function () {
// Other admin routes here..
Route::get('/', 'AdminController@getIndex');
Route::get('users', 'AdminController@getUsers');

//Admin Login
Route::get('login', 'AdminAuth\LoginController@showLoginForm');
Route::post('login', 'AdminAuth\LoginController@login');
Route::post('logout', 'AdminAuth\LoginController@logout');

//Admin Register
Route::get('register', 'AdminAuth\RegisterController@showRegistrationForm');
Route::post('register', 'AdminAuth\RegisterController@register');

//Admin Passwords
Route::post('password/email', 'AdminAuth\ForgotPasswordController@sendResetLinkEmail');
Route::post('password/reset', 'AdminAuth\ResetPasswordController@reset');
Route::get('password/reset', 'AdminAuth\ForgotPasswordController@showLinkRequestForm');
Route::get('password/reset/{token}', 'AdminAuth\ResetPasswordController@showResetForm');

}

And removed those from the web.php file..

Obviously this is not going to work as the middleware is already activated somewhere else and now I'm activating it twice.. also the login routes for admin should not be in the admin.php file..

@billsuxx install a fresh project with composer; add all dependencies and the multi auth without altering your files. Then backup all your important directories (app, database, config, routes, resources, public) and overwrite those one by one by copying over the directories from your current project. I think you will notice when you overwrite the routes directory that the issue will return; you will need to check that:

1. The routes do not include a route group with authentication middleware
2. The admin routes should be in the web.php routes file, not in the admin.php routes file

This is how I fixed it; hope it works for you to ^_^

[Hesto]

Admin Login, Register and Password routes should be in web.php file, but any others admin routes should be in admin.php file.

[klaravel]

Hey @Hesto,

I have same issue after upgrade laravel on my all projects.

I have tried cleaned installation of laravel and multi-auth module and still same issue. Looks like Laravel framework updated something.

See my attached full source code.

Thanks in advance for building nice module for saving time.

proj.zip

When I try to type http://module.app/admin/home it redirect to http://module.app/login instead of http://module.app/admin/login

• One more thing I found this code working fine with Laravel Framework version 5.3.18 but not Laravel Framework version 5.3.19

---

Solution:

I found one solution that works for me but not sure is that right way or not.

I have add below code on file app\Exceptions\Handler.php

if ( in_array('admin', $exception->guards()) ) {
   return redirect('admin/login');
}

protected function unauthenticated($request, AuthenticationException $exception)
{
   if ($request->expectsJson()) {
      return response()->json(['error' => 'Unauthenticated.'], 401);
   }

   if ( in_array('admin', $exception->guards()) ) {
      return redirect('admin/login');
   }

   return redirect()->guest('login');
}

[klaravel]

Hi @Hesto,

Any comment on my above comment?

[Hesto]

I was busy last days. I will take care of this issue soon.

[Hesto]

#29

[squalvj]

same here :(

[tucq88]

Yeah it's not problem of this package @Hesto
Laravel 5.3 has weird unauthenticate method and that's original of problem. Even you use this package or not, if you use Multi-auth with Laravel you still need to modify unauthenticate to handle multi-auth routes.
And actually this issue happens randomly, not easy to replicate.

[Hesto]

@tucq88 @klaravel thanks for info and solutions. I hope Taylor will fix it soon. Should i add custom unauthenticate method to the package?

[klaravel]

@Hesto

It's tricky because if someone is using this package and if they are using laravel < 5.3.19 then they will get error of $exception->guards(). It's introduce from 5.3.19

[tucq88]

@klaravel Can't find that on changelogs. Could you give me the link ?

@Hesto Yeah, I think for now custom unauthenticate method is only way to fix this. I'll try to replicate this with latest Laravel version but not sure I can.

[klaravel]

@tucq88

See this one.

laravel/framework@5cdfc17

[aliemam]

just a simple solution might be over write logoutToPath in your LoginController for each {guard}.
anyway @Hesto tanx for great module... its realy save me some extra work.

[Hesto]

@aliemam thank you :). If you want you can always make pull request with your idea. :)

[aliemam]

@Hesto tanx man. i sure do that. :)

[dmfnft]

@klaravel saved my day !!! 👍

Handler.php
...
protected function unauthenticated($request, AuthenticationException $exception)
{
if ($request->expectsJson()) {
return response()->json(['error' => 'Unauthenticated.'], 401);
}

    if ( in_array('api', $exception->guards()) ) {
        return response()->json(['error' => 'Token Authentication Fail.'], 401);
    }

    return redirect()->guest(route('login'));
}