From 0d723560d368ff80115390f35ea7ab2e5d9d947a Mon Sep 17 00:00:00 2001 From: Adrien Beaudouin Date: Sun, 4 Oct 2020 14:12:38 +0200 Subject: [PATCH] fix routes --- examples/demo-laravel/app/Http/Kernel.php | 6 +- .../app/Http/Middleware/Authenticate.php | 2 +- ...p => PreventRequestsDuringMaintenance.php} | 4 +- .../Middleware/RedirectIfAuthenticated.php | 12 ++-- .../app/Http/Middleware/TrustHosts.php | 20 ++++++ .../app/Http/Middleware/TrustProxies.php | 2 +- .../app/Providers/RouteServiceProvider.php | 72 ++++++------------- examples/demo-laravel/routes/api.php | 33 +++++---- examples/laravel/app/Http/Kernel.php | 6 +- .../app/Http/Middleware/Authenticate.php | 2 +- ...p => PreventRequestsDuringMaintenance.php} | 4 +- .../Middleware/RedirectIfAuthenticated.php | 12 ++-- .../app/Http/Middleware/TrustHosts.php | 20 ++++++ .../app/Http/Middleware/TrustProxies.php | 4 +- .../app/Providers/RouteServiceProvider.php | 70 ++++++------------ examples/laravel/routes/api.php | 12 ++-- 16 files changed, 144 insertions(+), 137 deletions(-) rename examples/demo-laravel/app/Http/Middleware/{CheckForMaintenanceMode.php => PreventRequestsDuringMaintenance.php} (58%) create mode 100644 examples/demo-laravel/app/Http/Middleware/TrustHosts.php rename examples/laravel/app/Http/Middleware/{CheckForMaintenanceMode.php => PreventRequestsDuringMaintenance.php} (58%) create mode 100644 examples/laravel/app/Http/Middleware/TrustHosts.php diff --git a/examples/demo-laravel/app/Http/Kernel.php b/examples/demo-laravel/app/Http/Kernel.php index b0ff2949..905d346e 100644 --- a/examples/demo-laravel/app/Http/Kernel.php +++ b/examples/demo-laravel/app/Http/Kernel.php @@ -14,9 +14,10 @@ class Kernel extends HttpKernel * @var array */ protected $middleware = [ + // \App\Http\Middleware\TrustHosts::class, \App\Http\Middleware\TrustProxies::class, \Fruitcake\Cors\HandleCors::class, - \App\Http\Middleware\CheckForMaintenanceMode::class, + \App\Http\Middleware\PreventRequestsDuringMaintenance::class, \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class, \App\Http\Middleware\TrimStrings::class, \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class, @@ -43,7 +44,7 @@ class Kernel extends HttpKernel 'api' => [ \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class, \Okami101\LaravelAdmin\Http\Middleware\Impersonate::class, - 'throttle:300,1', + 'throttle:api', \Illuminate\Routing\Middleware\SubstituteBindings::class, ], ]; @@ -58,7 +59,6 @@ class Kernel extends HttpKernel protected $routeMiddleware = [ 'auth' => \App\Http\Middleware\Authenticate::class, 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, - 'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class, 'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class, 'can' => \Illuminate\Auth\Middleware\Authorize::class, 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, diff --git a/examples/demo-laravel/app/Http/Middleware/Authenticate.php b/examples/demo-laravel/app/Http/Middleware/Authenticate.php index abc0e9c6..1d4fcf0d 100644 --- a/examples/demo-laravel/app/Http/Middleware/Authenticate.php +++ b/examples/demo-laravel/app/Http/Middleware/Authenticate.php @@ -15,7 +15,7 @@ class Authenticate extends Middleware protected function redirectTo($request) { if (! $request->expectsJson()) { - return config('admin.url'); + return route('admin.url'); } } } diff --git a/examples/demo-laravel/app/Http/Middleware/CheckForMaintenanceMode.php b/examples/demo-laravel/app/Http/Middleware/PreventRequestsDuringMaintenance.php similarity index 58% rename from examples/demo-laravel/app/Http/Middleware/CheckForMaintenanceMode.php rename to examples/demo-laravel/app/Http/Middleware/PreventRequestsDuringMaintenance.php index 35b9824b..e4956d0b 100644 --- a/examples/demo-laravel/app/Http/Middleware/CheckForMaintenanceMode.php +++ b/examples/demo-laravel/app/Http/Middleware/PreventRequestsDuringMaintenance.php @@ -2,9 +2,9 @@ namespace App\Http\Middleware; -use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode as Middleware; +use Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance as Middleware; -class CheckForMaintenanceMode extends Middleware +class PreventRequestsDuringMaintenance extends Middleware { /** * The URIs that should be reachable while maintenance mode is enabled. diff --git a/examples/demo-laravel/app/Http/Middleware/RedirectIfAuthenticated.php b/examples/demo-laravel/app/Http/Middleware/RedirectIfAuthenticated.php index 2395ddcc..fead421a 100644 --- a/examples/demo-laravel/app/Http/Middleware/RedirectIfAuthenticated.php +++ b/examples/demo-laravel/app/Http/Middleware/RedirectIfAuthenticated.php @@ -13,13 +13,17 @@ class RedirectIfAuthenticated * * @param \Illuminate\Http\Request $request * @param \Closure $next - * @param string|null $guard + * @param string|null ...$guards * @return mixed */ - public function handle($request, Closure $next, $guard = null) + public function handle($request, Closure $next, ...$guards) { - if (Auth::guard($guard)->check()) { - return redirect(RouteServiceProvider::HOME); + $guards = empty($guards) ? [null] : $guards; + + foreach ($guards as $guard) { + if (Auth::guard($guard)->check()) { + return redirect(RouteServiceProvider::HOME); + } } return $next($request); diff --git a/examples/demo-laravel/app/Http/Middleware/TrustHosts.php b/examples/demo-laravel/app/Http/Middleware/TrustHosts.php new file mode 100644 index 00000000..b0550cfc --- /dev/null +++ b/examples/demo-laravel/app/Http/Middleware/TrustHosts.php @@ -0,0 +1,20 @@ +allSubdomainsOfApplicationUrl(), + ]; + } +} diff --git a/examples/demo-laravel/app/Http/Middleware/TrustProxies.php b/examples/demo-laravel/app/Http/Middleware/TrustProxies.php index d238d9a1..39816113 100644 --- a/examples/demo-laravel/app/Http/Middleware/TrustProxies.php +++ b/examples/demo-laravel/app/Http/Middleware/TrustProxies.php @@ -10,7 +10,7 @@ class TrustProxies extends Middleware /** * The trusted proxies for this application. * - * @var array|string + * @var array|string|null */ protected $proxies = '*'; diff --git a/examples/demo-laravel/app/Providers/RouteServiceProvider.php b/examples/demo-laravel/app/Providers/RouteServiceProvider.php index 61ce03a9..edcacbaf 100644 --- a/examples/demo-laravel/app/Providers/RouteServiceProvider.php +++ b/examples/demo-laravel/app/Providers/RouteServiceProvider.php @@ -2,26 +2,22 @@ namespace App\Providers; +use Illuminate\Cache\RateLimiting\Limit; use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider; +use Illuminate\Http\Request; +use Illuminate\Support\Facades\RateLimiter; use Illuminate\Support\Facades\Route; class RouteServiceProvider extends ServiceProvider { - /** - * This namespace is applied to your controller routes. - * - * In addition, it is set as the URL generator's root namespace. - * - * @var string - */ - protected $namespace = 'App\Http\Controllers'; - /** * The path to the "home" route for your application. * + * This is used by Laravel authentication to redirect users after login. + * * @var string */ - public const HOME = '/'; + public const HOME = '/home'; /** * Define your route model bindings, pattern filters, etc. @@ -30,51 +26,29 @@ class RouteServiceProvider extends ServiceProvider */ public function boot() { - // - - parent::boot(); - } - - /** - * Define the routes for the application. - * - * @return void - */ - public function map() - { - $this->mapApiRoutes(); - - $this->mapWebRoutes(); - - // + $this->configureRateLimiting(); + + $this->routes(function () { + Route::prefix('api') + ->middleware('api') + ->namespace($this->namespace) + ->group(base_path('routes/api.php')); + + Route::middleware('web') + ->namespace($this->namespace) + ->group(base_path('routes/web.php')); + }); } /** - * Define the "web" routes for the application. - * - * These routes all receive session state, CSRF protection, etc. - * - * @return void - */ - protected function mapWebRoutes() - { - Route::middleware('web') - ->namespace($this->namespace) - ->group(base_path('routes/web.php')); - } - - /** - * Define the "api" routes for the application. - * - * These routes are typically stateless. + * Configure the rate limiters for the application. * * @return void */ - protected function mapApiRoutes() + protected function configureRateLimiting() { - Route::prefix('api') - ->middleware('api') - ->namespace($this->namespace) - ->group(base_path('routes/api.php')); + RateLimiter::for('api', function (Request $request) { + return Limit::perMinute(60); + }); } } diff --git a/examples/demo-laravel/routes/api.php b/examples/demo-laravel/routes/api.php index 3a9c1e2d..b61e7a04 100644 --- a/examples/demo-laravel/routes/api.php +++ b/examples/demo-laravel/routes/api.php @@ -1,5 +1,12 @@ 'auth'], function () { - Route::post('login', 'AuthController@login'); - Route::post('logout', 'AuthController@logout'); - Route::post('refresh', 'AuthController@refresh'); - Route::post('me', 'AuthController@me'); + Route::post('login', [AuthController::class, 'login']); + Route::post('logout', [AuthController::class, 'logout']); + Route::post('refresh', [AuthController::class, 'refresh']); + Route::post('me', [AuthController::class, 'me']); }); Route::group(['middleware' => 'auth:sanctum'], function () { @@ -28,19 +35,19 @@ /** * Tree specific routes */ - Route::get('categories/tree', 'CategoryController@tree'); - Route::get('categories/nodes/{parentId?}', 'CategoryController@nodes'); - Route::patch('categories/{category}/move', 'CategoryController@move'); + Route::get('categories/tree', [CategoryController::class, 'tree']); + Route::get('categories/nodes/{parentId?}', [CategoryController::class, 'nodes']); + Route::patch('categories/{category}/move', [CategoryController::class, 'move']); /** * API resources controllers */ Route::apiResources([ - 'users' => 'UserController', - 'authors' => 'AuthorController', - 'books' => 'BookController', - 'reviews' => 'ReviewController', - 'publishers' => 'PublisherController', - 'categories' => 'CategoryController', + 'users' => UserController::class, + 'authors' => AuthorController::class, + 'books' => BookController::class, + 'reviews' => ReviewController::class, + 'publishers' => PublisherController::class, + 'categories' => CategoryController::class, ]); }); diff --git a/examples/laravel/app/Http/Kernel.php b/examples/laravel/app/Http/Kernel.php index fcd42777..aa6c7d22 100644 --- a/examples/laravel/app/Http/Kernel.php +++ b/examples/laravel/app/Http/Kernel.php @@ -14,9 +14,10 @@ class Kernel extends HttpKernel * @var array */ protected $middleware = [ + // \App\Http\Middleware\TrustHosts::class, \App\Http\Middleware\TrustProxies::class, \Fruitcake\Cors\HandleCors::class, - \App\Http\Middleware\CheckForMaintenanceMode::class, + \App\Http\Middleware\PreventRequestsDuringMaintenance::class, \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class, \App\Http\Middleware\TrimStrings::class, \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class, @@ -41,7 +42,7 @@ class Kernel extends HttpKernel 'api' => [ \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class, \Okami101\LaravelAdmin\Http\Middleware\Impersonate::class, - 'throttle:60,1', + 'throttle:api', \Illuminate\Routing\Middleware\SubstituteBindings::class, ], ]; @@ -56,7 +57,6 @@ class Kernel extends HttpKernel protected $routeMiddleware = [ 'auth' => \App\Http\Middleware\Authenticate::class, 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, - 'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class, 'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class, 'can' => \Illuminate\Auth\Middleware\Authorize::class, 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, diff --git a/examples/laravel/app/Http/Middleware/Authenticate.php b/examples/laravel/app/Http/Middleware/Authenticate.php index abc0e9c6..1d4fcf0d 100644 --- a/examples/laravel/app/Http/Middleware/Authenticate.php +++ b/examples/laravel/app/Http/Middleware/Authenticate.php @@ -15,7 +15,7 @@ class Authenticate extends Middleware protected function redirectTo($request) { if (! $request->expectsJson()) { - return config('admin.url'); + return route('admin.url'); } } } diff --git a/examples/laravel/app/Http/Middleware/CheckForMaintenanceMode.php b/examples/laravel/app/Http/Middleware/PreventRequestsDuringMaintenance.php similarity index 58% rename from examples/laravel/app/Http/Middleware/CheckForMaintenanceMode.php rename to examples/laravel/app/Http/Middleware/PreventRequestsDuringMaintenance.php index 35b9824b..e4956d0b 100644 --- a/examples/laravel/app/Http/Middleware/CheckForMaintenanceMode.php +++ b/examples/laravel/app/Http/Middleware/PreventRequestsDuringMaintenance.php @@ -2,9 +2,9 @@ namespace App\Http\Middleware; -use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode as Middleware; +use Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance as Middleware; -class CheckForMaintenanceMode extends Middleware +class PreventRequestsDuringMaintenance extends Middleware { /** * The URIs that should be reachable while maintenance mode is enabled. diff --git a/examples/laravel/app/Http/Middleware/RedirectIfAuthenticated.php b/examples/laravel/app/Http/Middleware/RedirectIfAuthenticated.php index 2395ddcc..fead421a 100644 --- a/examples/laravel/app/Http/Middleware/RedirectIfAuthenticated.php +++ b/examples/laravel/app/Http/Middleware/RedirectIfAuthenticated.php @@ -13,13 +13,17 @@ class RedirectIfAuthenticated * * @param \Illuminate\Http\Request $request * @param \Closure $next - * @param string|null $guard + * @param string|null ...$guards * @return mixed */ - public function handle($request, Closure $next, $guard = null) + public function handle($request, Closure $next, ...$guards) { - if (Auth::guard($guard)->check()) { - return redirect(RouteServiceProvider::HOME); + $guards = empty($guards) ? [null] : $guards; + + foreach ($guards as $guard) { + if (Auth::guard($guard)->check()) { + return redirect(RouteServiceProvider::HOME); + } } return $next($request); diff --git a/examples/laravel/app/Http/Middleware/TrustHosts.php b/examples/laravel/app/Http/Middleware/TrustHosts.php new file mode 100644 index 00000000..b0550cfc --- /dev/null +++ b/examples/laravel/app/Http/Middleware/TrustHosts.php @@ -0,0 +1,20 @@ +allSubdomainsOfApplicationUrl(), + ]; + } +} diff --git a/examples/laravel/app/Http/Middleware/TrustProxies.php b/examples/laravel/app/Http/Middleware/TrustProxies.php index ee5b5958..39816113 100644 --- a/examples/laravel/app/Http/Middleware/TrustProxies.php +++ b/examples/laravel/app/Http/Middleware/TrustProxies.php @@ -10,9 +10,9 @@ class TrustProxies extends Middleware /** * The trusted proxies for this application. * - * @var array|string + * @var array|string|null */ - protected $proxies; + protected $proxies = '*'; /** * The headers that should be used to detect proxies. diff --git a/examples/laravel/app/Providers/RouteServiceProvider.php b/examples/laravel/app/Providers/RouteServiceProvider.php index 540d17b4..edcacbaf 100644 --- a/examples/laravel/app/Providers/RouteServiceProvider.php +++ b/examples/laravel/app/Providers/RouteServiceProvider.php @@ -2,23 +2,19 @@ namespace App\Providers; +use Illuminate\Cache\RateLimiting\Limit; use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider; +use Illuminate\Http\Request; +use Illuminate\Support\Facades\RateLimiter; use Illuminate\Support\Facades\Route; class RouteServiceProvider extends ServiceProvider { - /** - * This namespace is applied to your controller routes. - * - * In addition, it is set as the URL generator's root namespace. - * - * @var string - */ - protected $namespace = 'App\Http\Controllers'; - /** * The path to the "home" route for your application. * + * This is used by Laravel authentication to redirect users after login. + * * @var string */ public const HOME = '/home'; @@ -30,51 +26,29 @@ class RouteServiceProvider extends ServiceProvider */ public function boot() { - // - - parent::boot(); - } - - /** - * Define the routes for the application. - * - * @return void - */ - public function map() - { - $this->mapApiRoutes(); - - $this->mapWebRoutes(); - - // + $this->configureRateLimiting(); + + $this->routes(function () { + Route::prefix('api') + ->middleware('api') + ->namespace($this->namespace) + ->group(base_path('routes/api.php')); + + Route::middleware('web') + ->namespace($this->namespace) + ->group(base_path('routes/web.php')); + }); } /** - * Define the "web" routes for the application. - * - * These routes all receive session state, CSRF protection, etc. - * - * @return void - */ - protected function mapWebRoutes() - { - Route::middleware('web') - ->namespace($this->namespace) - ->group(base_path('routes/web.php')); - } - - /** - * Define the "api" routes for the application. - * - * These routes are typically stateless. + * Configure the rate limiters for the application. * * @return void */ - protected function mapApiRoutes() + protected function configureRateLimiting() { - Route::prefix('api') - ->middleware('api') - ->namespace($this->namespace) - ->group(base_path('routes/api.php')); + RateLimiter::for('api', function (Request $request) { + return Limit::perMinute(60); + }); } } diff --git a/examples/laravel/routes/api.php b/examples/laravel/routes/api.php index 09d9a30f..425de802 100644 --- a/examples/laravel/routes/api.php +++ b/examples/laravel/routes/api.php @@ -1,5 +1,9 @@ 'UserController', - 'monsters' => 'MonsterController', - 'monster_children' => 'MonsterChildController', - 'books' => 'BookController', + 'users' => UserController::class, + 'monsters' => MonsterController::class, + 'monster_children' => MonsterChildController::class, + 'books' => BookController::class, ]); });