Closed Frondor closed 6 years ago
IMO we do not treat login URL as a config? I think you should directly handle it in Handler.php
file.
@Modelizer what if you need to handle it from a package? You can't override/extend that handler's method, which is pretty unique for this specific exception. Anyway, it doesn't feel "right" to me, to hardcode any URL in scaffolding code.
It's quite rare we need to handle in an external package, can you give us a package name or a link which override default behavior? or elaborate on your point that its looks we need to put in a config file?
The case is quite simple and it's explained within a comment in my PR.
You (for one of many reasons) decide not to use Auth::routes()
, so you add them manually with different URLs. You still use $this->middleware('auth')
in your controllers, but, let's say your login route is now example.com/dashboard/signin
.
Now, without being authenticated yet, you try to access example.com/dashboard
(which is protected with auth
middleware). Your request will be rejected because you have no active session, hence the AuthorizationException
shall be triggered, which response is handled at https://github.com/laravel/laravel/blob/master/app/Exceptions/Handler.php#L57
And there you go, instead of getting redirected to example.com/dashboard/signin
it does redirects you to a route you're not using at all example.com/login
.
Yes, you can manually edit the handler but to me, imho, it feels dirty.
There's also the case where you are implementing the whole dashboard from a package (routes, views, etc...), you want the user to simply install your package, plug it to config/app.php
and play. In that case, you can't use a custom url for login, because there's no way you can handle this from within the package.
I've been coding a new package for multi-authentication "out of the box", and I'm facing the problem that I can't use
auth:guard
middleware because when an unauthenticated user tries to access a protected route (/dashboard/settings
), theAuthorizationException
redirects to/login
route, and I need it to be/dashboard/login
instead.In my opinion,
'login'
shouldn't be hardcoded inreturn redirect()->guest('login')
at app/Exceptions/Handler.php#L63This is the PR I'm proposing https://github.com/laravel/laravel/compare/master...Frondor:master