Laravel redirection errors in grouped route

Johnny Source

In my Laravel application, I configured the routes as follows:


| Web Routes
| This file is where you may define all of the routes that are handled
| by your application. Just tell Laravel the URIs it should respond
| to using a Closure or controller method. Build something great!

Route::group(['middleware' => ['auth', 'admin']], function()
    Route::get('/', '[email protected]')->name('dashboard');
    Route::get('/storage/user/pp/{user}/', '[email protected]');
    Route::get('/storage/user/download/{user}/{file}', '[email protected]');
    Route::get('/project/add', '[email protected]')->name('/project/add');
    Route::post('/project/add', '[email protected]')->name('/project/add');
    Route::get('/projects', '[email protected]')->name('/projects');
    //... all the routes that I removed at this point
    Route::get('/users', '[email protected]')->name('/users');
    Route::get('/logout', function(){
            return redirect('/');
        return redirect('/login');

This is my CheckAdminPrivileges middleware:

public function handle($request, Closure $next)
    if(Auth::check() && Auth::user()->rank >= 3)
        return $next($request);
        return redirect('accessinformation')->with(...);

When accessing / on the server without being logged in, the browser tells me the page was redirecting too many times. Let me describe what I actually want:

  1. User accesses / of the domain (i.e. https://laravel.test.tld/)
  2. User's not logged in? -> Redirect to /login
  3. User's logged in? -> Redirect to /dashboard ONLY IF the user's an admin (i.e. user's rank >= 3) IF NOT THEN redirect to /accessinformation with data so I can output to the user that they're not privileged to access the admin panel

In general, I want all the routes under the grouped Route to be accessible only by administrators, IF USER NOT ADMIN THEN redirect to /accessinformation with data so I can output to the user that they're not privileged to access this particular route (route's name etc is not important).

I already made a starting point with what I have, but apparently this isn't quite the trick since it still outputs redirection errors.

Looking forward to seeing solutions.

EDIT: Even deleting all the routes except Auth::routes() and clearing route's cache doesn't fix the main problem (page redirects too many times accessing /)



comments powered by Disqus