samedi 12 mars 2016

Authentication redirects fail

when I login in with wrong credentials I got the right return when I log in with the right credentials the login page reload with 302 request and it never redirect to statistics page when I remove this line from statistics controller

$this->middleware('auth');

it redirects successfully but you can go to this url without even logging in even from another browsers can you help ?

Route.php

Route::get('login', 'LoginController@index');
Route::post('signin', 'LoginController@signin');
Route::get('signout', 'LoginController@signout');


Route::group(['prefix' => 'api'], function() {
    Route::resource('authenticate', 'AuthenticateController', ['only' => ['index']]);
    Route::post('authenticate', 'AuthenticateController@authenticate');
});

Route::group(['middleware' => ['web']], function () {
    Route::auth();
    Route::get('/', 'StatisticsController@index');
});

Login Controller

    public function index() {

        return view('login');
    }

    public function signin(Request $request) {

        $errors = [];
        $email=$request['email'];
        $password= $request['password'];
        $credentials = array('email' => $email, 'password' => $password);

        if(Auth::attempt($credentials))
        {
          return redirect('/statistics');


        }
        return "bad request";

    }
     public function signout()
    {
        Auth::logout();
        return redirect('/login');    }

}

Statistics Controller

class StatisticsController extends Controller {
    public function __construct()
    {
                    $this->middleware('auth');

    }
    public function index() {

    return view('statistics')->with($data);
  }

}

Kernal.php note that there is JWT library I use it for restful authentication with the mobile app only

protected $middleware = [
        \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
    ];

    protected $middlewareGroups = [
        'web' => [
            \App\Http\Middleware\EncryptCookies::class,
            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
            \Illuminate\Session\Middleware\StartSession::class,
            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
            \App\Http\Middleware\VerifyCsrfToken::class,
        ],

        'api' => [
            'throttle:60,1',
        ],
    ];

    protected $routeMiddleware = [
        'auth' => \App\Http\Middleware\Authenticate::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
        'jwt.auth' => 'Tymon\JWTAuth\Middleware\GetUserFromToken',
        'jwt.refresh' => 'Tymon\JWTAuth\Middleware\RefreshToken'
    ];

Thanks in advance!



via Chebli Mohamed
Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)