Allow facebook to fetch page(og meta) which is auth protected

Question

I am running Laravel 5.5 and i use the basic auth of Laravel.

I have a route called "profile-completed" and that route uses a middleware "auth" / a user must be logged in in order to see that page.

That route(uses a view) has a function which creates a "share dialog" - with the below function - of facebook. The problem is that facebook can't fetch the og:meta because the view(route) is protected and it redirects to /login as seen through facebook sharing debugger.

Redirect Path   
Input URL   arrow-right https://www.url.com/profile-completed
302 HTTP Redirect   arrow-right https://www.url.com/login

As we see above, it redirects to /login so it fetches the og:meta of /login page.

Facebook share function :

FB.ui({
          method: 'share',
          href: '{{ env('APP_URL') }}',
          picture: '{{ asset('"img/share.png') }}',
      }, function( response ) {
        // do nothing
});

Question : How could i let facebook fetch og meta even of a page(view/route) which is protected by a middleware?

Middleware it uses :

   protected $routeMiddleware = [
        'auth' => \Illuminate\Auth\Middleware\Authenticate::class,

Change it so you don't force Facebook to login – WizKid Jan 04 '18 at 11:09 — WizKid, Jan 04 '18 at 11:09

score 2 · Accepted Answer · answered Jan 11 '18 at 09:32

The problem as mentioned was the the crawler of facebook had no access to fetch a page which is protected by auth.

I fixed this by modifying

Vendor/framework/src/Illuminate/Auth/Middleware/Authenticate.php

Change the default handle function to :

public function handle($request, Closure $next, ...$guards)
{

    $crawlers = [
        'facebookexternalhit/1.1',
        'facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)',
        'Facebot',
        'Twitterbot',
    ];

    $userAgent = $request->header('User-Agent');


    if (str_contains($userAgent, $crawlers)) {
        return $next($request);
    }
    else{
        $this->authenticate($guards);
    }

    return $next($request);

}

References :

1) https://developers.facebook.com/docs/sharing/webmasters/crawler

2) https://stackoverflow.com/a/40748072/6140684

Allow facebook to fetch page(og meta) which is auth protected

1 Answers1