Passing guard name via middleware route

[liepumartins]

I have the default web guard and an admin guard.
I would like to keep web as default in config/auth.php

I have a permission ['name'=>'backend', 'guard_name'=>'admin']

The admin User model has public string $guard_name = 'admin'; Although, does not seem to have any impact.

Route::group(['prefix'=>'/admin', 'middleware' => ['permission:backend']], static function (): void {
 // routes here throw an 403, despite admin user being logged in
 // many routes with more specific backend section permissions defined here
});

User does not have the right permissions.
/home/vagrant/site/vendor/spatie/laravel-permission/src/Exceptions/UnauthorizedException.php#37

/home/vagrant/site/vendor/spatie/laravel-permission/src/Middlewares/PermissionMiddleware.php

If default in config/auth.php is changed to admin, routes in question works, but it is not desired as web/non-admins are and should be default. And admin/backend feats should be explicitly defined, not the other way around.

[erikn69]

Maybe User has web and admin guard at the same time, so default guard is chosen

laravel-permission/src/Guard.php

Lines 74 to 86 in 8a69aad

	public static function getDefaultName($class): string
	{
	$default = config('auth.defaults.guard');
	$possible_guards = static::getNames($class);
	// return current-detected auth.defaults.guard if it matches one of those that have been checked
	if ($possible_guards->contains($default)) {
	return $default;
	}
	return $possible_guards->first() ?: $default;
	}

[andrekutianski]

Using multiple guards with this module is very frustrating, we are always tied to “default guard”, even set guard_name from a syncRole perspective is impossible. Resume: don't use multiple guards 👎 😞

[liepumartins]

I was implementing an admin middleware like this (as numerous suggestions and tutorials show):

AdminMiddleware.php

    public function handle(Request $request, Closure $next): mixed
    {
        if (!Auth::guard('admin')->check()) {
            return redirect()->route('admin.login');
        }
        return $next($request);
    }

app/Http/Kernel.php

protected $routeMiddleware = [
        'auth' => Authenticate::class,
        'admin' => AdminMiddleware::class,

However removing that and just using Route::middleware('auth:admin') instead of custom Route::middleware('admin')
solves the problem.