All geek questions in one place

Laravel Unexpected Redirects (302)

I started a new Laravel 5.2 project using laravel new MyApp and adding authentication via php artisan make:auth . This is only for the website in which the first user loads and creates the rest (without manually creating the user / password reset / etc.).

These are the routes that I have currently defined:

  Route::group(['middleware' => 'web'], function () { // Authentication Routes... Route::get( 'user/login', ['as' => 'user.login', 'uses' => 'Auth\ AuthController@showLoginForm ']); Route::post('user/login', ['as' => 'user.doLogin', 'uses' => 'Auth\ AuthController@login ' ]); Route::group(['middleware' => 'auth'], function() { // Authenticated user routes Route::get( '/', ['as'=>'home', 'uses'=> ' HomeController@index ']); Route::get( 'user/{uid?}', ['as' => 'user.profile', 'uses' => 'Auth\ AuthController@profile ' ]); Route::get( 'user/logout', ['as' => 'user.logout', 'uses' => 'Auth\ AuthController@logout ' ]); Route::get( '/user/add', ['as' => 'user.add', 'uses' => 'Auth\ AuthController@showAddUser ']); [...] }); });

I can log into the system just fine, but I experience some very “funky” behavior - when I try to log out (through the built-in logout method that was created using the wizard), the page redirects 302 to home, and I'm still logged in.

What more, while almost all pages (not listed here) work as expected, user.add also creates 302 on the home page.

Note that the main page is declared by AuthController as $redirectTo , if that matters

I found out about forwarding via debugbar. Any idea what to look for?

+11
source share
5 answers

After hours of stretching my hair, I found my answer - and this is stupid.

The problem is that the user.profile route has the path user/{uid?} And matches both user/logout and user/add as the path.

This is in front of others, and without a regular expression or the like, it handled the route.

I still don’t know why 302 was created for this page, but I found that moving it from AuthController and to UserController (where it should be from the very beginning) fixed the behavior.

So my (modified and working) routes now look like this:

 Route::group(['middleware' => 'web'], function () { // Authentication Routes... Route::get( 'user/login', ['as' => 'user.login', 'uses' => 'Auth\ AuthController@showLoginForm ']); Route::post('user/login', ['as' => 'user.doLogin', 'uses' => 'Auth\ AuthController@login ' ]); Route::group(['middleware' => 'auth'], function() { // Authenticated user routes Route::get( '/', ['as'=>'home', 'uses'=> ' HomeController@index ']); Route::get( '/home', ['as'=>'home', 'uses'=> ' HomeController@home ']); Route::get( 'user/logout', ['as' => 'user.logout', 'uses' => 'Auth\ AuthController@logout ' ]); // *** Added /profile/ here to prevent matching with other routes **** Route::get( 'user/profile/{uid?}', ['as' => 'user.profile', 'uses' => ' UserController@profile ' ]); Route::get( '/user/add', ['as' => 'user.add', 'uses' => ' UserController@showAddUser ']); [...] }); });
+3
source

I ran into a problem with 302 redirects when posting AJAX requests. The solution in this case was to forget to enable the CSRF token.

See the Laravel 5.4 docs here: https://laravel.com/docs/5.4/csrf

+6
source

It can be redirected by default after logging off home and it seems that you do not have home in your web route. Try the code below in AuthController.php

 use AuthenticatesAndRegistersUsers, ThrottlesLogins; // after this line $redirectAfterLogout = 'login' // add this line

This will redirect to the login page after logging out. You can change it to any route if you wish. As an example, I used login .

OR

You can change the logout path in \vendor\laravel\framework\src\Illuminate\Foundation\Auth\AuthenticatesUsers.php

 public function logout() { Auth::logout(); return redirect(property_exists($this, 'redirectAfterLogout') ? $this->redirectAfterLogout : 'login'); }

I changed the default route to login . If you do not have $redirectAfterLogout in AuthController.php , it will look for a redirect path here. I do not suggest people to edit here, it is a kind of hard coding.

+1
source

I had this problem and it turned out that I have a route: redirecting inside my ajax controller. which doesn't make sense because obviously we need to return ajax, but I was returning the route!

0
source

I got the same problem and solved it by adding a header using accept: 'application / json'. And I think I checked the source code before it indicates that if you do not add this, it can redirect when you use authentication middleware. But I'm not sure if this is so, and I cannot remember where I found it.

0
source

Source: https://habr.com/ru/post/1241538/

More articles:


All Articles