Laravel Question posted in
The official Laravel Documentation can be found here.

Facing redirect loop when try to redirect a route through middleware in Laravel

I am trying to make a custom authentication system using Laravel 8. For this purpose, I want to check if the user exists in the session; when the user is not found, I want to redirect to a custom login route through middleware. But when I redirect through the middleware, I face an infinite loop of redirects. I have tried the following code.

Middleware

namespace AppHttpMiddleware;

use Closure;
use Session;
use IlluminateHttpRequest;

class atms_auth
{
    public function handle(Request $request, Closure $next)
    {
        if (! Session::has('atms_user')) {
            return redirect()->route('/atms/system/login');
        }
        
        return $next($request);
    }
}

Routes

Route::get('/atms/system/login',
    [AppHttpControllersAtmsLoginController::class, 'login'])
    ->name('atms/system/login');
Route::post('/atms/system/verifylogin',
    [AppHttpControllersAtmsLoginController::class, 'verifyLogin'])
    ->name('atms/system/verifylogin');

I have a controller named facultyController. In the constructor of that controller, I have called the middleware.

namespace AppHttpControllers;

use IlluminateHttpRequest;
use Appfaculties;
use IlluminateSupportFacadesHash;
use AppDepartments;
use Session;
use IlluminateSupportFacadesDB;
use Redirect;

class facultyController extends Controller
{
    public function __construct()
    {
        $this->middleware('atms_auth');
    }
Tags:

2

Answers


  1. 0

    The issue could be due to the middleware being applied to the login route. This creates a loop because when the middleware checks if the user is logged in and finds that they’re not, it redirects them to the login page. But the middleware is also applied to the login page, so it checks again, finds that the user is not logged in, and redirects them to the login page again, and so on.

    Try excluding the login route from the middleware in Kernel.php.

    protected $middlewareGroups = [
    'web' => [
        // other middleware...
        AppHttpMiddlewareAtmsAuth::class => ['except' => 'atms/system/login'],
    ],
];

    Also, please note that the route() function expects the route’s name as a parameter, not the URL. So, in your middleware, you should change the redirect line.

    return redirect()->route('atms/system/login');
    Login or Signup to reply.
  2. 0

    I made some adjustments to your middleware and routes to fix the issue of infinite redirect.

    Middleware

    namespace AppHttpMiddleware;

use Closure;
use Session;
use IlluminateHttpRequest;

class AtmsAuth
{
    public function handle(Request $request, Closure $next)
    {
        if ($request->route()->named('atms/system/login')) {
            return $next($request);
        }

        if (!Session::has('atms_user')) {
            return redirect()->route('atms/system/login');
        }

        return $next($request);
    }
}

    app/Http/Kernel.php

    protected $routeMiddleware = [
    // other middleware
    'atms_auth' => AppHttpMiddlewareAtmsAuth::class,
];

    routes/web.php

    Route::get('/atms/system/login', [AppHttpControllersAtmsLoginController::class, 'login'])->name('atms/system/login');
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search