6

What is the correct way to authenticate all routes except login and register when I apply auth middleware in all controllers? Is there a way to apply auth middleware in one place and exclude login, register routes?

Karl Hill
  • 12,937
  • 5
  • 58
  • 95
user3351236
  • 2,488
  • 10
  • 29
  • 52

3 Answers3

8

You can add middleware to your whole web.php route file by adding the middleware to your routes mapping in RouteServiceProvider.

Go to app/Providers/RouteServiceProvider.php and in mapWebRoutes(), change middleware('web') to middleware(['web', 'auth']):

protected function mapWebRoutes()
{
    Route::middleware(['web', 'auth'])
         ->namespace($this->namespace)
         ->group(base_path('routes/web.php'));
}

This is (not?) totally unrelated but here's an example of a clean way to handle a lot of route files instead of throwing all your routes into a single web.php file:

Create a new method mapAdminRoutes():

protected function mapAdminRoutes()
{
    Route::middleware(['web', 'auth:admin'])
        ->namespace('App\Http\Controllers\Admin')
        ->name('admin.')
        ->group(base_path('routes/admin.php'));
}

Map it:

public function map()
{
    $this->mapWebRoutes();
    $this->mapAdminRoutes(); // <-- add this
    ...
}

Create an admin.php file in your routes folder, then create your routes for Admin:

<?php

use Illuminate\Support\Facades\Route;

// This route's name will be 'admin.dashboard'
Route::get('dashboard', 'DashboardController@dashboard')->name('dashboard');

// This route's name will be 'admin.example'
Route::get('example', 'ExampleController@example')->name('example');

...

Now you can configure everything in 1 place, like prefix, name, middleware and namespace.

Check php artisan route:list to see the results :)

emotality
  • 12,795
  • 4
  • 39
  • 60
  • Genuine question - why do we need to add mapAuthRoutes()? Please illuminate. – quinny Apr 09 '21 at 10:19
  • @quinny You don't have to create a new function `mapAuthRoutes`, you can add the Route group to the `mapWebRoutes` function if you like? As long as it is mapped, how you want to do it is up to you. If not mapped, it wont appear on `artisan route:list` and wont work. This method of adding it is just much more cleaner, for me? :) – emotality Apr 09 '21 at 12:05
7

you can apply middlewares in the routes.php file, what you need to do is to put all your routes on a group, and add the middleware 'auth' ( except the Auth::routes() which are already configured), for example : 

Route::middleware(['first', 'second'])->group(function () {
    Route::get('/', function () {
        // Uses first & second Middleware
    });

    Route::get('user/profile', function () {
        // Uses first & second Middleware
    });
});

more information can be found in the docs: https://laravel.com/docs/5.7/routing#route-group-middleware

Djellal Mohamed Aniss
  • 1,723
  • 11
  • 24
7

You can group all your authenticated routes like following, laravel provides a default middleware for auth and guest users

Route::group(['middleware' => ['auth']], function () { 
    Route::get('home', 'HomeController@index');
    Route::post('save-user', 'UserController@saveUser');
    Route::put('edit-user', 'UserController@editUser');
});

The above route names are just made up, please follow a proper naming convention for your routes and controllers. Also read about middlewares over here and about routing over here

Khan Shahrukh
  • 6,109
  • 4
  • 33
  • 43