Laravel中间件不laravel工作5.4

Question

我有以下的web.php代码

<?php 

namespace App\Http\Middleware; 

use Closure; 
use Session; 

class CheckLogin 
{ 
    /** 
    * Handle an incoming request. 
    * 
    * @param \Illuminate\Http\Request $request 
    * @param \Closure $next 
    * @return mixed 
    */ 
    public function handle($request, Closure $next) 
    { 
     if(!Session::has('userAuthDetail')){ 
      // return redirect('login'); 
      // return redirect()->guest('/login'); 
     } else { 
      return $next($request);  
     } 
    } 
} 

Route::get('/login', ['as' => 'login', 'uses' => 'Auth\LoginController@login']); 

Route::group(['middleware' => ['login']], function() { 
    Route::post('/add','MyController@submitData'); 
}); 

登录控制器

public function postLogin(Request $request) { 
    // print_r($request->all()); 

    $data['email']=$request->email; 
    $data['password']=$request->password; 
    $response= ApiModel::userLogin($data); 
    if($response->msg=='success'){ 
     session(['userAuthDetail' => $response->data[0]]); 
     return redirect('/'); 
    } else if($response->msg=='failed'){ 
     return redirect('/'); 
    } 
} 

如果我添加如果中间件其他条件，那么网站投掷错误

ErrorException在VerifyCsrfToken.php行156：试图如果我删除的if else并添加只是

public function handle($request, Closure $next) 
{ 
    if(!Session::has('userAuthDetail')){ 

    } 
    return $next($request);  
} 

则做工精细获得非对象

的财产 但如果再失败的凭据其重定向到仪表板。

注：我不能使用laravel权威性，因为我与这是写在PHP核心的API通信

更新;

kernal.php

<?php 

namespace App\Http; 

use Illuminate\Foundation\Http\Kernel as HttpKernel; 

class Kernel extends HttpKernel 
{ 
    /** 
    * The application's global HTTP middleware stack. 
    * 
    * These middleware are run during every request to your application. 
    * 
    * @var array 
    */ 
    protected $middleware = [ 
     \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class, 
     \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class, 
     \App\Http\Middleware\TrimStrings::class, 
     \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class, 
    ]; 

    /** 
    * The application's route middleware groups. 
    * 
    * @var array 
    */ 
    protected $middlewareGroups = [ 
     'web' => [ 
      \App\Http\Middleware\EncryptCookies::class, 
      \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, 
      \Illuminate\Session\Middleware\StartSession::class, 
      // \Illuminate\Session\Middleware\AuthenticateSession::class, 
      \Illuminate\View\Middleware\ShareErrorsFromSession::class, 
      \App\Http\Middleware\VerifyCsrfToken::class, 
      \Illuminate\Routing\Middleware\SubstituteBindings::class, 
     \App\Http\Middleware\CheckLogin::class, 
     ], 

     'api' => [ 
      'throttle:60,1', 
      'bindings', 
     ], 
    ]; 

    /** 
    * The application's route middleware. 
    * 
    * These middleware may be assigned to groups or used individually. 
    * 
    * @var array 
    */ 
    protected $routeMiddleware = [ 
     'auth' => \Illuminate\Auth\Middleware\Authenticate::class, 
     'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 
     'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class, 
     'can' => \Illuminate\Auth\Middleware\Authorize::class, 
     'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 
     'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class, 
     'login' => \App\Http\Middleware\CheckLogin::class, 
    ]; 
} 

Answer 1

如果用户会话没有

public function handle($request, Closure $next) 
{ 
    if(!Session::has('userAuthDetail')){ 
     //return to login page 
    } 
    return $next($request);//if session exist then forward the request  
} 

Answer 2

Line 156 of VerifyCsrfToken.php创建您应该返回到登录页面显示，它试图调用$response->headers->setCookie(...)。您的错误表明$ response为空，这就是if(!Session::has('userAuthDetail')) { ... }场景中的CheckLogin中间件会发生的情况。

基本上，你有一个返回null的中间件（或者什么都没有，哪种在PHP世界中被视为null）。这是不允许的，中间件必须总是返回某种响应（或抛出异常）。

TL; DR：您的中间件必须返回所有执行路径的响应。