How to restrict user route #961

Junkwarior23 · 2023-11-23T14:27:53Z

Junkwarior23
Nov 23, 2023

hi, i try to use
Code:

$routes->group("admin", ["namespace" => "\Admin\Controllers", "filter" => "group:admin"], static function ($routes) {
$routes->get('/data', 'Admin::identities');
$routes->get('/group', 'Admin::group');
$routes->get('/user', 'Admin::user');
});

but it make my user cant login and only admin and super admin can login. how to make my user cant acces my admin controller

this is my route without that function

$routes->get('/', 'Home::index');
$routes->get('/(:num)', 'Home::detail/$1');
$routes->get('/create', 'Home::create');
$routes->post('/save', 'Home::save');
$routes->get('/mustahiq', 'Home::mustahiq');
$routes->get('/cari/(:any)', 'Home::search/$1');
$routes->get('/data', 'Admin::identities');
$routes->get('/group', 'Admin::group');
$routes->get('/user', 'Admin::user');

service('auth')->routes($routes);`

datamweb · 2023-11-23T19:37:16Z

datamweb
Nov 23, 2023
Maintainer

A normal user (have user group) can login without any problem.

If user tries to access admin/... for example http://localhost:8080/admin/data, user will encounter the following message on "/".

Also, I don't see the need to use "/".

-$routes->get('/data', 'Admin::identities');
+$routes->get('data', 'Admin::identities');

Probably "namespace" => "\Admin\Controllers", was a typo by you.

I definitely did not understand your question correctly, sorry.

5 replies

Junkwarior23 Nov 23, 2023
Author

admin is just my controller name and i dont khow what happen but after i put that code in my routes like

$routes->get('/', 'Home::index');
$routes->get('/(:num)', 'Home::detail/$1');
$routes->get('/create', 'Home::create');
$routes->post('/save', 'Home::save');
$routes->get('/mustahiq', 'Home::mustahiq');
$routes->get('/cari/(:any)', 'Home::search/$1');

service('auth')->routes($routes);`

$routes->group("admin", [ "namespace" => "\Controllers", "filter" => "group:admin"], static function ($routes) {
$routes->get('/data', 'Admin::identities');
$routes->get('/group', 'Admin::group');
$routes->get('/user', 'Admin::user');
});

like this and suddenly my normal user can't login

this my my controller list

and even after i remove that line it still not working

Junkwarior23 Nov 23, 2023
Author

you can check my code in my repository named skripsi

kenjis Nov 23, 2023
Maintainer

Run php spark routes to check your routes.

datamweb Nov 23, 2023
Maintainer

P:\MyGitHubWork\skripsi>php spark routes

CodeIgniter v4.4.3 Command Line Tool - Server Time: 2023-11-24 05:56:01 UTC+07:00

+--------+-------------------------+--------------------+--------------------------------------------------------------------+-----------------------------+---------------+
| Method | Route                   | Name               | Handler                                                            | Before Filters              | After Filters |
+--------+-------------------------+--------------------+--------------------------------------------------------------------+-----------------------------+---------------+
| GET    | /                       | »                  | \App\Controllers\Home::index                                       | honeypot csrf session       | toolbar       |
| GET    | ([0-9]+)                | »                  | \App\Controllers\Home::detail/$1                                   | honeypot csrf session       | toolbar       |
| GET    | create                  | »                  | \App\Controllers\Home::create                                      | honeypot csrf session       | toolbar       |
| GET    | cari/(.*)               | »                  | \App\Controllers\Home::search/$1                                   | honeypot csrf session       | toolbar       |
| GET    | register                | »                  | \CodeIgniter\Shield\Controllers\RegisterController::registerView   | honeypot csrf               | toolbar       |
| GET    | login                   | »                  | \CodeIgniter\Shield\Controllers\LoginController::loginView         | honeypot csrf               | toolbar       |
| GET    | login/magic-link        | magic-link         | \CodeIgniter\Shield\Controllers\MagicLinkController::loginView     | honeypot csrf               | toolbar       |
| GET    | login/verify-magic-link | verify-magic-link  | \CodeIgniter\Shield\Controllers\MagicLinkController::verify        | honeypot csrf               | toolbar       |
| GET    | logout                  | »                  | \CodeIgniter\Shield\Controllers\LoginController::logoutAction      | honeypot csrf session       | toolbar       |
| GET    | auth/a/show             | auth-action-show   | \CodeIgniter\Shield\Controllers\ActionController::show             | honeypot csrf session       | toolbar       |
| GET    | admin//data             | »                  | \Controllers\Admin::identities                                     | group honeypot csrf session | group toolbar |
| GET    | admin//group            | »                  | \Controllers\Admin::group                                          | group honeypot csrf session | group toolbar |
| GET    | admin//user             | »                  | \Controllers\Admin::user                                           | group honeypot csrf session | group toolbar |
| POST   | save                    | »                  | \App\Controllers\Home::save                                        | honeypot csrf session       | toolbar       |
| POST   | register                | »                  | \CodeIgniter\Shield\Controllers\RegisterController::registerAction | honeypot csrf               | toolbar       |
| POST   | login                   | »                  | \CodeIgniter\Shield\Controllers\LoginController::loginAction       | honeypot csrf               | toolbar       |
| POST   | login/magic-link        | »                  | \CodeIgniter\Shield\Controllers\MagicLinkController::loginAction   | honeypot csrf               | toolbar       |
| POST   | auth/a/handle           | auth-action-handle | \CodeIgniter\Shield\Controllers\ActionController::handle           | honeypot csrf session       | toolbar       |
| POST   | auth/a/verify           | auth-action-verify | \CodeIgniter\Shield\Controllers\ActionController::verify           | honeypot csrf session       | toolbar       |
+--------+-------------------------+--------------------+--------------------------------------------------------------------+-----------------------------+---------------+

@Junkwarior23 Your repo is not complete to launch. For example, you have used table mustahiq , but you have not uploaded the corresponding migration.
I was going to check, but lost time.

Junkwarior23 Nov 23, 2023
Author

I'm sorry I forgot to post my database

How to restrict user route #961

Uh oh!

Uh oh!

Junkwarior23 Nov 23, 2023

Replies: 1 comment · 5 replies

Uh oh!

Uh oh!

datamweb Nov 23, 2023 Maintainer

Uh oh!

Uh oh!

Junkwarior23 Nov 23, 2023 Author

Uh oh!

Junkwarior23 Nov 23, 2023 Author

Uh oh!

kenjis Nov 23, 2023 Maintainer

Uh oh!

datamweb Nov 23, 2023 Maintainer

Uh oh!

Junkwarior23 Nov 23, 2023 Author

Junkwarior23
Nov 23, 2023

Replies: 1 comment 5 replies

datamweb
Nov 23, 2023
Maintainer

Junkwarior23 Nov 23, 2023
Author

Junkwarior23 Nov 23, 2023
Author

kenjis Nov 23, 2023
Maintainer

datamweb Nov 23, 2023
Maintainer

Junkwarior23 Nov 23, 2023
Author