'Why do I get null auth user inside middleware?

The global middlewares, the ones which are run for every request on every route:

protected $middleware = [
        \App\Http\Middleware\CheckForMaintenanceMode::class,
        \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
        \App\Http\Middleware\TrimStrings::class,
        \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
        \App\Http\Middleware\TrustProxies::class,
        \Barryvdh\Cors\HandleCors::class,
        \Spatie\Cors\Cors::class,
    ];

The groups on which middlewares are packed:

protected $middlewareGroups = [
        'web' => [
            \App\Http\Middleware\EncryptCookies::class,
            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
            \Illuminate\Session\Middleware\StartSession::class,
            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
            \App\Http\Middleware\VerifyCsrfToken::class,
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
        ],
        'api' => [
            'throttle:100000,1',
            'bindings',
            \Barryvdh\Cors\HandleCors::class,
        ],

    ];

My named beautiful middlewares:

protected $routeMiddleware = [
        'auth' => \App\Http\Middleware\Authenticate::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
        'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
        'can' => \Illuminate\Auth\Middleware\Authorize::class,
        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,  
        'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
        'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
        'jwt.auth' => \Tymon\JWTAuth\Http\Middleware\Authenticate::class,
        'jwt.refresh' => \Tymon\JWTAuth\Http\Middleware\RefreshToken::class,
        'log.request' => \App\Http\Middleware\LogRequest::class,
        'admin' => \App\Http\Middleware\AdminMiddleware::class,
    ];

The order of middlewares, top to bottom:

protected $middlewarePriority = [
        \Illuminate\Session\Middleware\StartSession::class,
        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
        \App\Http\Middleware\Authenticate::class,
        \Illuminate\Session\Middleware\AuthenticateSession::class,
        \Illuminate\Routing\Middleware\SubstituteBindings::class,
        \Illuminate\Auth\Middleware\Authorize::class,
    ];

The way I call my route:

Route::get('show/question', 'APIController@getQuestion')->name('getQuestion')->middleware('admin');

My middleware AdminMiddleware.php content:

<?php

namespace App\Http\Middleware;

use Closure;
//use App\Http\Middleware\Auth;

use Illuminate\Support\Facades\Auth;
use Illuminate\Contracts\Auth\Guard;

class AdminMiddleware
{   
    public function handle($request, Closure $next)
    {
        dd(Auth::user());
        dd($request->all());
        return view('login');
    }
}

I tried putting my middleware last in the bottom of list, I tried adding it in 'web' at the bottom, nothing works. Any ideas? I need to process the object of authenticated user in the middleware.

laravelauthenticationmiddleware


Solution 1:[1]

It is just because you don't have the auth middleware in this route :)

juste do : 

Route::get('show/question', 'APIController@getQuestion')
    ->name('getQuestion')
    ->middleware('auth', 'admin');

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Mathieu Ferre

Related Questions