Laravel redirection errors in grouped route

Johnny Source

In my Laravel application, I configured the routes as follows:

<?php

/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| This file is where you may define all of the routes that are handled
| by your application. Just tell Laravel the URIs it should respond
| to using a Closure or controller method. Build something great!
|
*/

Auth::routes();
Route::group(['middleware' => ['auth', 'admin']], function()
{
    Route::get('/', '[email protected]')->name('dashboard');
    Route::get('/storage/user/pp/{user}/', '[email protected]');
    Route::get('/storage/user/download/{user}/{file}', '[email protected]');
    Route::get('/project/add', '[email protected]')->name('/project/add');
    Route::post('/project/add', '[email protected]')->name('/project/add');
    Route::get('/projects', '[email protected]')->name('/projects');
    //... all the routes that I removed at this point
    Route::get('/users', '[email protected]')->name('/users');
    Route::get('/logout', function(){
        if(!Auth::check())
        {
            return redirect('/');
        }
        Auth::logout();
        return redirect('/login');
    });
});

This is my CheckAdminPrivileges middleware:

public function handle($request, Closure $next)
{
    if(Auth::check() && Auth::user()->rank >= 3)
    {
        return $next($request);
    }
    else
    {
        return redirect('accessinformation')->with(...);
    }
}

When accessing / on the server without being logged in, the browser tells me the page was redirecting too many times. Let me describe what I actually want:

  1. User accesses / of the domain (i.e. https://laravel.test.tld/)
  2. User's not logged in? -> Redirect to /login
  3. User's logged in? -> Redirect to /dashboard ONLY IF the user's an admin (i.e. user's rank >= 3) IF NOT THEN redirect to /accessinformation with data so I can output to the user that they're not privileged to access the admin panel

In general, I want all the routes under the grouped Route to be accessible only by administrators, IF USER NOT ADMIN THEN redirect to /accessinformation with data so I can output to the user that they're not privileged to access this particular route (route's name etc is not important).

I already made a starting point with what I have, but apparently this isn't quite the trick since it still outputs redirection errors.

Looking forward to seeing solutions.

EDIT: Even deleting all the routes except Auth::routes() and clearing route's cache doesn't fix the main problem (page redirects too many times accessing /)

phplaravel

Answers

comments powered by Disqus