Support the ongoing development of Laravel.io →
pkrobak
posted 7 years ago
Authentication
Last updated 1 year ago.
0
lagbox
replied 7 years ago

I have a small tutorial on using the Authroziation system if you want to go that route.

asklagbox - Lets do this - part 2

If you want to do that via a middleware, maybe something like this:

public function handle($request, Closure $next)
{
    if (Comment::findOrFail($request->route('id'))->author_id != $request->user()->id) {
        // return some redirect with message
        // or return an unauthorized response
    }
    // continue through
    return $next($request);
}

If you apply this middleware to that route, only the author will be able to make it through, to the controller method where you will delete the record.

You would have to make some adjustments depending on your schema but that is the general idea. I would recommend using the Authorization system if on a version higher than 5.1.11 where you can write this logic into there and check it via the Gate.

0

Sign in to participate in this thread!

Eventy

Your banner here too?

pkrobak pkrobak Joined 2 Jun 2016

Moderators

We'd like to thank these amazing companies for supporting us

Eventy
Fathom
Forge
Envoyer
Beyond Code
Skynet Technologies
Steadfast Collective
BairesDev
Remotely Works

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

Laravel.io

Forum Articles Pastebin

Socials

X Twitter GitHub

The community

Laravel Laravel Laravel News Laravel News
Laracasts Laracasts Laravel Podcast Laravel Podcast
© 2024 Laravel.io - All rights reserved.
Terms of service Privacy policy Advertise