Fix a fallback route issue causing API calls to return unauth responses and not 404s
The fallback handler isn't scoped to a specific group, so the way this was setup caused requests to non-existent API routes to actually try and return the base view for Vue. This caused a mess of issues because that view is behind the middleware that expect sessions to be set, thus leading to very confusing authentication errors rather than a 404 response.
This commit is contained in:
parent
743ae040be
commit
d59c38eb4e
|
@ -22,16 +22,16 @@ class RouteServiceProvider extends ServiceProvider
|
|||
public function map()
|
||||
{
|
||||
Route::middleware(['web', 'auth', 'csrf'])
|
||||
->namespace($this->namespace . '\Base')
|
||||
->group(base_path('routes/base.php'));
|
||||
->namespace($this->namespace . '\Base')
|
||||
->group(base_path('routes/base.php'));
|
||||
|
||||
Route::middleware(['web', 'auth', 'admin', 'csrf'])->prefix('/admin')
|
||||
->namespace($this->namespace . '\Admin')
|
||||
->group(base_path('routes/admin.php'));
|
||||
->namespace($this->namespace . '\Admin')
|
||||
->group(base_path('routes/admin.php'));
|
||||
|
||||
Route::middleware(['web', 'csrf'])->prefix('/auth')
|
||||
->namespace($this->namespace . '\Auth')
|
||||
->group(base_path('routes/auth.php'));
|
||||
->namespace($this->namespace . '\Auth')
|
||||
->group(base_path('routes/auth.php'));
|
||||
|
||||
Route::middleware(['web', 'csrf', 'auth', 'server', 'subuser.auth', 'node.maintenance'])
|
||||
->prefix('/api/server/{server}')
|
||||
|
@ -51,7 +51,7 @@ class RouteServiceProvider extends ServiceProvider
|
|||
->group(base_path('routes/api-remote.php'));
|
||||
|
||||
Route::middleware(['web', 'daemon-old'])->prefix('/daemon')
|
||||
->namespace($this->namespace . '\Daemon')
|
||||
->group(base_path('routes/daemon.php'));
|
||||
->namespace($this->namespace . '\Daemon')
|
||||
->group(base_path('routes/daemon.php'));
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,17 +1,8 @@
|
|||
<?php
|
||||
|
||||
Route::get('/', 'IndexController@index')->name('index');
|
||||
Route::get('/', 'IndexController@index')->name('index')->fallback();
|
||||
Route::get('/account', 'IndexController@index')->name('account');
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Account Controller Routes
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Endpoint: /account
|
||||
|
|
||||
*/
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Account API Controller Routes
|
||||
|
@ -23,9 +14,7 @@ Route::get('/account', 'IndexController@index')->name('account');
|
|||
Route::group(['prefix' => 'account/api'], function () {
|
||||
Route::get('/', 'ClientApiController@index')->name('account.api');
|
||||
Route::get('/new', 'ClientApiController@create')->name('account.api.new');
|
||||
|
||||
Route::post('/new', 'ClientApiController@store');
|
||||
|
||||
Route::delete('/revoke/{identifier}', 'ClientApiController@delete')->name('account.api.revoke');
|
||||
});
|
||||
|
||||
|
@ -43,5 +32,5 @@ Route::group(['prefix' => 'account/two_factor'], function () {
|
|||
Route::post('/totp/disable', 'SecurityController@delete')->name('account.two_factor.disable');
|
||||
});
|
||||
|
||||
// Catch any other combinations of routes and pass them off to the Vuejs component.
|
||||
Route::fallback('IndexController@index');
|
||||
Route::get('/{vue}', 'IndexController@index')
|
||||
->where('vue', '^(?!(\/)?(api|admin|daemon)).+');
|
||||
|
|
Loading…
Reference in New Issue