Auth::user() returns null

Question 1

I use Laravel 5.2 and have a problem with middleware. There is the code in the routes.php


    use IlluminateContractsAuthAccessGate;


    Route::group(['middleware' => 'web'], function () {

        Route::auth();

        Route::get('/', 'HomeController@index');
    });


    Route::group(['prefix'=>'admin',  'middleware' => 'admin'], function(){
        Route::get('/', function(){
            return view('admin.index');
        });
        Route::get('/user', function(){
            return view('admin.user');
        });
    });

Kernel.php:


    protected $routeMiddleware = [
    ...
     'admin' => AppHttpMiddlewareAdminPanel::class,
    ];

AdminPanel.php


    namespace AppHttpMiddleware;


    use Closure;
    use IlluminateSupportFacadesAuth;
    use AppRole;

    class AdminPanel
    {
        public function handle($request, Closure $next)
        {
            $user = Auth::user();
            dd($user);

            if($user){
                $role = Role::whereName('admin')->first();
                if($user->hasRole($role)){
                    return $next($request);
                }
            }
            return redirect('/');
        }

So,

$user = Auth::user()

always return null. Thanks for suggestions!

Question 2

Any route that uses Auth() must be encapsulated in the web middleware. You're close, just move your Route::group(['prefix' => 'admin'], ...) into the group above.

Route::group(['middleware' => 'web'], function () {

    Route::auth();

    Route::get('/', 'HomeController@index');

    // Moving here will ensure that sessions, csrf, etc. is included in all these routes
    Route::group(['prefix'=>'admin',  'middleware' => 'admin'], function(){
        Route::get('/', function(){
            return view('admin.index');
        });

        Route::get('/user', function(){
            return view('admin.user');
        });
    });
});

Question 3

EDIT 1: This may also have to do with the fact that getAllPersoonData and getAllLessenData have the same input signature, which means that, for document literal style web services, the endpoint won't be able to distinguish what kind of request you're actually making. Try passing two different element names.

EDIT 2: Also, giving these messages different signatures would allow you to put getPersoonID within the type definition so that you only have one message part. Right now, if you look in Customer.wsdl you have:

<wsdl:message name="getPersoonIDCustomerID">
    <wsdl:part name="body" element="ns:UserCredentials"/>
    <wsdl:part name="getPersoonID" type="xs:int"/>
</wsdl:message>

You should not have more than one part in a document-literal message.

EDIT 3: If you don't want to define a new element for each function that you have, then you would have to switch to RPC literal, which wraps the request in the wsdl:operation name. If this would fix everything except .NET, then you could try my SO post on coaxing .NET into reading RPC-literal web services.

Question 4

Your request looks fine, it should work. Did you set up services.wsdl with your EWS server address? (see http://ewswrapper.lafiel.net/basic-info/working-with-ewswrapper/ for some more info)

Try looking at the actual call before it is send and the response before it is interpreted. To do so in NTMLSoapClinet.php print $request at the top of __doRequest() function and end script execution (ie. die()) and then try printing $response befor it is returned in __doRequest() function and end script execution. This should give you some more insight on what's going on.

Question 5

ALL routes that require sessions (which Auth uses) must have the 'web' middleware applied.

Also:

Your Auth::check() is being done in a code block that only runs if Auth::guest() is true. Auth::guest() is the inverse of Auth::check().

So you are saying in your middleware: If the current user is a guest (not authenticated), check if they are an authenticated user, which will always be false at this point.

Update:

Based on your comments: Do not add the authenticate middleware to the 'web' group. You will never be able to hit a 'web' route if you do this unless you were authenticated before you made this change. You are removing the ability to even be able to login if you do this.

Question 6

Create middleware:

php artisan make:middleware OwnerMiddleware

namespace AppHttpMiddleware;

use AppArticle;
use Closure;
use IlluminateContractsAuthGuard;

class OwnerMiddleware
{
    /**
     * The Guard implementation.
     *
     * @var Guard
     */
    protected $auth;

    /**
     * Create a new filter instance.
     *
     * @param  Guard  $auth
     * @return void
     */
    public function __construct(Guard $auth)
    {
        $this->auth = $auth;
    }

    /**
     * Handle an incoming request.
     *
     * @param  IlluminateHttpRequest  $request
     * @param  Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        $articleId = $request->segments()[1];
        $article = Article::findOrFail($articleId);

        if ($article->user_id !== $this->auth->getUser()->id) {
            abort(403, 'Unauthorized action.');
        }

        return $next($request);
    }
}

Add it to appHttpKernel.php:

protected $routeMiddleware = [
    'owner' => 'AppHttpMiddlewareOwnerMiddleware',
];

Use middleware in your routes:

Route::group(['middleware' => ['owner']], function() {
    // your route
});

Auth::user() returns null

Answers

php,authentication,laravel-5,middleware