Middleware works on localhost but not on apache2 VM server

Advertisements

pretty much the title sums it up.
I have a laravel application which I develop on my laptop & also test when it is running on 127.0.0.1/8000 – I just added middleware for different users (Admin, Employee & Portal user)

When not logged in and trying to access the admin route (127.0.0.1/8000/admin/reporting) I successfully get denied and redirected to the home page. Now I pushed it to GitHub & pulled on the ubuntu VM, the changes are present which I double checked.

But when I access the URL of the server I can still access all pages without being authenticated.

Had anyone of you a similar problem? I am not sure what code I should provide, so just let me know and I will add it to the post.

Thanks

Edit: middleware code

protected $routeMiddleware = [
        'auth' => \App\Http\Middleware\Authenticate::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
        'can' => \Illuminate\Auth\Middleware\Authorize::class,
        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
        'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
        'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
        'admin' => \App\Http\Middleware\AdminMiddleware::class,
        'employee' => \App\Http\Middleware\EmployeeMiddleware::class,
        'portal' => \App\Http\Middleware\PortalMiddleware::class,
    ];

Admin Middleware:

 public function handle(Request $request, Closure $next)
    {
       if (!Auth::user() || Auth::user()->abteilung_name != 'Geschäftsführung') {
           return redirect('/')->with('redirect_error', 'Auf diese Seite haben Sie keinen Zugriff');
       }
        return $next($request);
    }

Employee Middleware:

 public function handle(Request $request, Closure $next)
    {
        if (!Auth::user() || !auth()->user()) {
            return redirect('/')->with('redirect_error', 'Auf diese Seite haben Sie keinen Zugriff');
        }
        return $next($request);
    }

Portal middleware:

public function handle(Request $request, Closure $next)
    {

        if (!Auth::user() || !Auth::guard('portal')->user()) {
            return redirect('/')->with('redirect_error', 'Auf diese Seite haben Sie keinen Zugriff');
        }
        return $next($request);
    }

Here is an example route, all others look pretty much the same – just the middleware at the end differs depending on the route.

Route::get('/admin/reporting', [AdminController::class, 'getReportingView'])->name('reporting')->middleware('admin');

>Solution :

It would seem your routes are cached. Since this is on your server (host) you should recache the routes:

php artisan route:cache

You should make this part of your deployment process as well as recaching the configuration (php artisan config:cache), running composer install, running migrations (php artisan migrate), etc.

If this isn’t really a live site and you are still in development you could also not cache the routes at all, then you wouldn’t need to be recaching them every time you make changes to your routes. You could clear the cache with php artisan route:clear. This is how you would run locally, without the routes cached. Just make sure when you are deploying your live site that caching the routes is part of your process.

Leave a ReplyCancel reply