Revert "Disabled request lifecycle middleware on public routes"

JulianPrieber · JulianPrieber · commit c5970309b40a · 2023-07-22T13:16:28.000+02:00
This reverts commit 658617c.
diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
@@ -29,23 +29,20 @@ class Kernel extends HttpKernel
      * @var array
      */
     protected $middlewareGroups = [
-        'AuthSession' => [
+        'web' => [
             \App\Http\Middleware\EncryptCookies::class,
             \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
             \Illuminate\Session\Middleware\StartSession::class,
+            // \Illuminate\Session\Middleware\AuthenticateSession::class,
             \Illuminate\View\Middleware\ShareErrorsFromSession::class,
             \App\Http\Middleware\VerifyCsrfToken::class,
-        ],
-
-        'web' => [
             \Illuminate\Routing\Middleware\SubstituteBindings::class,
         ],
 
         'api' => [
             'throttle:api',
             \Illuminate\Routing\Middleware\SubstituteBindings::class,
         ],
-
     ];
 
     /**
diff --git a/routes/auth.php b/routes/auth.php
@@ -8,30 +8,27 @@
 use App\Http\Controllers\Auth\PasswordResetLinkController;
 use App\Http\Controllers\Auth\RegisteredUserController;
 use App\Http\Controllers\Auth\VerifyEmailController;
-use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Route;
 
-if (config('advanced-config.register_url') != '') {
+if(config('advanced-config.register_url') != '') {
     $register = config('advanced-config.register_url');
 } else {
     $register = "/register";
 }
 
-if (config('advanced-config.login_url') != '') {
+if(config('advanced-config.login_url') != '') {
     $login = config('advanced-config.login_url');
 } else {
     $login = "/login";
 }
 
-if (config('advanced-config.forgot_password_url') != '') {
+if(config('advanced-config.forgot_password_url') != '') {
     $forgot_password = config('advanced-config.forgot_password_url');
 } else {
     $forgot_password = "/forgot-password";
 }
 
-Route::middleware(['web', 'AuthSession'])->group(function () use ($register, $login, $forgot_password) {
-
-    if (env('ALLOW_REGISTRATION') || $register !== '/register') {
+    if(env('ALLOW_REGISTRATION') or $register !== '/register') {
         Route::get($register, [RegisteredUserController::class, 'create'])
             ->middleware('guest')
             ->middleware('max.users')
@@ -50,58 +47,58 @@
         });
     }
 
-    Route::get($login, [AuthenticatedSessionController::class, 'create'])
-        ->middleware('guest')
-        ->name('login');
-
-    Route::post($login, [AuthenticatedSessionController::class, 'store'])
-        ->middleware('guest');
-
-    Route::get($forgot_password, [PasswordResetLinkController::class, 'create'])
-        ->middleware('guest')
-        ->name('password.request');
-
-    Route::post($forgot_password, [PasswordResetLinkController::class, 'store'])
-        ->middleware('guest')
-        ->name('password.email');
-
-    Route::get('/reset-password/{token}', [NewPasswordController::class, 'create'])
-        ->middleware('guest')
-        ->name('password.reset');
-
-    Route::post('/reset-password', [NewPasswordController::class, 'store'])
-        ->middleware('guest')
-        ->name('password.update');
-
-    Route::get('/verify-email', [EmailVerificationPromptController::class, '__invoke'])
-        ->middleware('auth')
-        ->name('verification.notice');
-
-    Route::get('/verify-email/{id}/{hash}', [VerifyEmailController::class, '__invoke'])
-        ->middleware(['auth', 'signed', 'throttle:6,1'])
-        ->name('verification.verify');
-
-    Route::post('/email/verification-notification', [EmailVerificationNotificationController::class, 'store'])
-        ->middleware(['auth', 'throttle:6,1'])
-        ->name('verification.send');
-
-    Route::get('/confirm-password', [ConfirmablePasswordController::class, 'show'])
-        ->middleware('auth')
-        ->name('password.confirm');
-
-    Route::post('/confirm-password', [ConfirmablePasswordController::class, 'store'])
-        ->middleware('auth');
-
-    Route::post('/logout', [AuthenticatedSessionController::class, 'destroy'])
-        ->middleware('auth')
-        ->name('logout');
-
-    Route::get('/blocked', function () {
-        $user = Auth::user();
-        if ($user && $user->block == 'yes') {
-            return view('auth.blocked');
-        } else {
-            return redirect(url('dashboard'));
-        }
-    })->name('blocked');
-});
+Route::get($login, [AuthenticatedSessionController::class, 'create'])
+                ->middleware('guest')
+                ->name('login');
+
+Route::post($login, [AuthenticatedSessionController::class, 'store'])
+                ->middleware('guest');
+
+Route::get( $forgot_password, [PasswordResetLinkController::class, 'create'])
+                ->middleware('guest')
+                ->name('password.request');
+
+Route::post( $forgot_password, [PasswordResetLinkController::class, 'store'])
+                ->middleware('guest')
+                ->name('password.email');
+
+Route::get('/reset-password/{token}', [NewPasswordController::class, 'create'])
+                ->middleware('guest')
+                ->name('password.reset');
+
+Route::post('/reset-password', [NewPasswordController::class, 'store'])
+                ->middleware('guest')
+                ->name('password.update');
+
+Route::get('/verify-email', [EmailVerificationPromptController::class, '__invoke'])
+                ->middleware('auth')
+                ->name('verification.notice');
+
+Route::get('/verify-email/{id}/{hash}', [VerifyEmailController::class, '__invoke'])
+                ->middleware(['auth', 'signed', 'throttle:6,1'])
+                ->name('verification.verify');
+
+Route::post('/email/verification-notification', [EmailVerificationNotificationController::class, 'store'])
+                ->middleware(['auth', 'throttle:6,1'])
+                ->name('verification.send');
+
+Route::get('/confirm-password', [ConfirmablePasswordController::class, 'show'])
+                ->middleware('auth')
+                ->name('password.confirm');
+
+Route::post('/confirm-password', [ConfirmablePasswordController::class, 'store'])
+                ->middleware('auth');
+
+Route::post('/logout', [AuthenticatedSessionController::class, 'destroy'])
+                ->middleware('auth')
+                ->name('logout');
+
+Route::get('/blocked', function () {
+                    $user = Auth::user();
+                    if ($user && $user->block == 'yes') {
+                        return view('auth.blocked');
+                    } else {
+                        return redirect(url('dashboard'));
+                    }
+                })->name('blocked');
+                
diff --git a/routes/web.php b/routes/web.php
@@ -96,7 +96,7 @@
 
 Route::get('/demo-page', [App\Http\Controllers\HomeController::class, 'demo'])->name('demo');
 
-Route::middleware(['AuthSession', 'auth', 'blocked', 'impersonate'])->group(function () {
+Route::middleware(['auth', 'blocked', 'impersonate'])->group(function () {
 //User route
 Route::group([
     'middleware' => env('REGISTER_AUTH'),
@@ -141,10 +141,11 @@
 });
 }
 
-Route::middleware(['AuthSession', 'auth', 'blocked', 'impersonate'])->group(function () {
 //Social login route
 Route::get('/social-auth/{provider}/callback', [SocialLoginController::class, 'providerCallback']);
 Route::get('/social-auth/{provider}', [SocialLoginController::class, 'redirectToProvider'])->name('social.redirect');
+
+Route::middleware(['auth', 'blocked', 'impersonate'])->group(function () {
 //Admin route
 Route::group([
     'middleware' => 'admin',
