I am trying to disable the register route on my application which is running in Laravel 5.4.
In my routes file, I have only the
Auth::routes();
Is there any way to disable the register routes?
The code:
Auth::routes();
its a shorcut for this collection of routes:
// Authentication Routes...
Route::get('login', 'Auth\LoginController@showLoginForm')->name('login');
Route::post('login', 'Auth\LoginController@login');
Route::post('logout', 'Auth\LoginController@logout')->name('logout');
// Registration Routes...
Route::get('register', 'Auth\RegisterController@showRegistrationForm')->name('register');
Route::post('register', 'Auth\RegisterController@register');
// Password Reset Routes...
Route::get('password/reset', 'Auth\ForgotPasswordController@showLinkRequestForm')->name('password.request');
Route::post('password/email', 'Auth\ForgotPasswordController@sendResetLinkEmail')->name('password.email');
Route::get('password/reset/{token}', 'Auth\ResetPasswordController@showResetForm')->name('password.reset');
Route::post('password/reset', 'Auth\ResetPasswordController@reset');
So you can substitute the first with the list of routes and comment out any route you don't want in your application.
Edit for laravel version => 5.7
In newer versions you can add a parameter to the Auth::routes() function call to disable the register routes:
Auth::routes(['register' => false]);
The email verification routes were added:
Route::get('email/verify', 'Auth\VerificationController@show')->name('verification.notice');
Route::get('email/verify/{id}', 'Auth\VerificationController@verify')->name('verification.verify');
Route::get('email/resend', 'Auth\VerificationController@resend')->name('verification.resend');
BTW you can also disable Password Reset and Email Verification routes:
Auth::routes(['reset' => false, 'verify' => false]);
Since Laravel 5.7, a new $options parameter is introduced to the Auth::routes() method; through which you can pass an array to control the generation of the required routes for user-authentication (valid entries can be chosen from the 'register', 'reset', or 'verify' string literals).
Auth::routes(['register' => false]);
You could try this.
Route::match(['get', 'post'], 'register', function(){
return redirect('/');
});
Add those routes just below the Auth::routes() to override the default registration routes. Any request to the /register route will redirect to the baseUrl.
This is deceptively easy! You just need to override two methods in your app/Http/Controllers/Auth/RegisterController.php Class. See below which will prevent the form from being displayed and most importantly block direct POST requests to your application for registrations..
/**
* Show the application registration form.
*
* @return \Illuminate\Http\Response
*/
public function showRegistrationForm()
{
return redirect('login');
}
/**
* Handle a registration request for the application.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function register(Request $request)
{
abort(404);
}
In web.php, Replace
Auth::routes();
With
Auth::routes(['register' => false]);
So that you can remove register route from default auth route list. i tried in 5.7 and it worked fine.
Though the above solutions work but, I think changing the middleware to 'auth' in the App\Http\Controllers\Auth\RegisterController will be one of the easiest solutions. This will redirect all visitors to login page if they want to access any of the registration routes. Like this:
namespace App\Http\Controllers\Auth;
class RegisterController extends Controller
{
public function __construct()
{
$this->middleware('auth');
}
I guess you can do it like this, in your web.php file:
Route::redirect('register', 'login', 301);
I suppose you want to restrict access to some pages for guests and only the admin can register a guest. You can achieve it by adding your own middleware on kernel.php file like below:
protected $routeMiddleware = [
'authenticated' => \App\Http\Middleware\AuthenticatedMiddleware::class
];
After creating the middleware you have to use it so you can go on web.php file where your routes are and add it to the route you want to restrict like below:
Route::get('register', 'Auth\RegisterController@showRegistrationForm')->name('register')->middleware('authenticated');
Route::post('register', 'Auth\RegisterController@register')->middleware('authenticated');
This way registration is restricted to guests but the admin can still access the page if he ever want to register some other admin!
Don't forget to replace the Auth::routes(); with the detailed list as below:
// Authentication Routes...
Route::get('login', 'Auth\LoginController@showLoginForm')->name('login');
Route::post('login', 'Auth\LoginController@login');
Route::post('logout', 'Auth\LoginController@logout')->name('logout');
// Registration Routes...
Route::get('register', 'Auth\RegisterController@showRegistrationForm')->name('register')->middleware('authenticated');
Route::post('register', 'Auth\RegisterController@register')->middleware('authenticated');
// Password Reset Routes...
Route::get('password/reset', 'Auth\ForgotPasswordController@showLinkRequestForm')->name('password.request');
Route::post('password/email', 'Auth\ForgotPasswordController@sendResetLinkEmail')->name('password.email');
Route::get('password/reset/{token}', 'Auth\ResetPasswordController@showResetForm')->name('password.reset');
Route::post('password/reset', 'Auth\ResetPasswordController@reset');
On my Laravel 5.6 project this method didn't work:
Auth::routes(['register' => false]);
So I had to use the following method:
Route::match(['get', 'post'], 'register', function () {
return abort(403, 'Forbidden');
})->name('register');
Add this two method to app\Http\Controllers\Auth\RegisterController.php
public function showRegistrationForm(){
return redirect('login');
}
public function register(){
}
Just overwrite your auth showRegistrationForm() method ( place this code to your Auth/RegisterController )
public function showRegistrationForm()
{
return redirect()->route('login');
}
I'm just redirecting my register route to login route. Here you don't need to append or remove any other code
Yes, there is a way
Auth::routes();
Remote that route from your web.php in your routes directory.
That route is what controls registration.
Change to routes :
vendor\laravel\framework\src\Illuminate\Routing\Router.php
public function auth()
{
// Authentication Routes...
$this->get('login', 'Auth\LoginController@showLoginForm')->name('login');
$this->post('login', 'Auth\LoginController@login');
$this->post('logout', 'Auth\LoginController@logout')->name('logout');
// Registration Routes...
//$this->get('register', 'Auth\RegisterController@showRegistrationForm')->name('register');
//$this->post('register', 'Auth\RegisterController@register');
// Password Reset Routes...
//$this->get('password/reset', 'Auth\ForgotPasswordController@showLinkRequestForm')->name('password.request');
//$this->post('password/email', 'Auth\ForgotPasswordController@sendResetLinkEmail')->name('password.email');
//$this->get('password/reset/{token}', 'Auth\ResetPasswordController@showResetForm')->name('password.reset');
//$this->post('password/reset', 'Auth\ResetPasswordController@reset');
}
来源:https://stackoverflow.com/questions/42695917/laravel-5-4-disable-register-route