I have an account email confirmation for my Laravel app, then I want to check when the user tries to log in, if the user has activated his account.
I found this: http://ift.tt/1sytxUb
I have a custom model function isActivated that only return the state attibute(boolean type, named estado in spanish) on user model.
On my User Model:
public function isActivated()
{
return $this->estado;
}
I created my middleware similar as the link above provided advices, then I registered in App/Http/Kernel.php as a middleware route
The problem comes when I assign my middleware to my route (instead of create the construct function in my controller, I want this middleware just on post request of the login controller).
When I tried to log in throws an error:
Fatal Throwable Error:
Fatal Error: Call to a member function isActivated() on null
My middleware looks exacts as the link
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Contracts\Auth\Guard;
class RedirectIfNotMailActivated
{
/**
* The Guard implementation.
*
* @var Guard
*/
protected $auth;
/**
* Create a new filter instance.
*
* @param Guard $auth
* @return void
*/
public function __construct(Guard $auth)
{
$this->auth = $auth;
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ( ! $this->auth->user()->isActivated()) {
return redirect('/login')
->with('mensaje',
'¡Lo sentimos, no ha confirmado su cuenta aún!');
} else {
return $next($request);
}
}
}
The fun part: if I add the content of the handle function of my middleware in the App/Http/Middleware/Authenticate(auth middleware) and then I group and attach some routes to this middleware, this works as expected (not allowing non confirmed users to login)
The problem is that I have a polimorphic relationship in users table for user type (Admin and Customer) so I attached and grouped the admins control panel to auth middleware because I need to restict the access to control panel just for authenticated users and admin type(not allowed for customer user type).
Restriction only takes part on Admin User type.
And of coursethis let the Customer user types can login because I have nothing that restict the if his account is confirmed or not.
What am I doing wrong... The isActivated model function work ok when added in auth middleware, but no when I use this same approach in my custom middleware.
Thanks....
EDITED
My middleware asigned to my post method for my login controller
Route::post('/login', [
'middleware' => 'activated.email',
'uses' => 'loginController@store'
]);
PD: sorry for long post and bad english habilities, it is not my first language :(
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire