[BUG] Custom middleware not working

Protoqol / Prequel

Prequel for Laravel. Clear and concise database management. Unfortunately, not actively maintained due to time constraints.

https://packagist.org/packages/protoqol/prequel

MIT License

1.54k stars 96 forks source link

[BUG] Custom middleware not working #126

Closed NeonOdyssey closed 3 years ago

NeonOdyssey commented 3 years ago

Describe the bug When adding a custom middleware the page will always return to the home page as if the middleware is returning false.

To Reproduce Steps to reproduce the behavior:

Create a gate to check if the user has role 'Admin'
Create middleware using the gate
Open url
See the bug

Expected behavior When logged in as an admin user should see the Prequel page.

Actual Behavior Returns to the main page as if the user does not have the admin role.

PHP Version

Version [7.1]

Database type

Type [mysql]
Version [v5.7]

Desktop (please complete the following information):

Browser [chrome]
Version [90.0.4430.85]

QuintenJustus commented 3 years ago

Hi @NeonOdyssey! Thanks for reporting this bug, I will need to see if I can reproduce this before I can give a useful answer. Will get back to you!

NeonOdyssey commented 3 years ago

Hi I have noticed a mistake in my original post ...

PHP Version is 8.0

eshelsil commented 3 years ago

I have the same problem... Auth::user() returns null on custom middleware

eshelsil commented 3 years ago

@NeonOdyssey you need to add 'web' middleware before 'middleware' => [ 'web', 'yourCustomAdminMiddleware', Protoqol\Prequel\Http\Middleware\Authorised::class, ],

eshelsil commented 3 years ago

this is answered here: https://github.com/Protoqol/Prequel/issues/110

NeonOdyssey commented 3 years ago

@eshelsil ahhh thanks for this 😄

Xatta-Trone commented 1 year ago

/**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse)  $next
     * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
     */
    public function handle(Request $request, Closure $next)
    {

        $key = $request->get('kay');
        $allowedKeys = config('monzurul.allowed_keys');

        if (in_array($key, $allowedKeys)) {
            return $next($request);
        } else {
            return  abort(403);
        }
    }

Hello, I am using this kind of middleware check, but still getting the 403 status code. Any reason why ? or a possible solution?

prequel.php file

'middleware' => [
        'web',
         PrequelAuthMiddleware::class,
        Protoqol\Prequel\Http\Middleware\Authorised::class,
    ],

QuintenJustus commented 1 year ago

Hi @Xatta-Trone, it's impossible to say what the exact cause of this problem is. I'd do more debugging into the particular middleware which is giving the 403 - this could be in de 'web' middleware group as well. If in this case the supplied code is causing it, you might need to look at the if-condition. Prequel does not give out a 403 errors on a failed middleware check. Only a 404 or a 503. Hope this helps!