You might want to consider moving the auth checks into
__constuct(). Then you wouldn't need to repeat yourself in each function. Then there's no chance of hitting a function that can skip auth.
Also you could use auth as middleware.
I tend to use auth on my routes and in
__construct(), but also in conjunction with
spatie/laravel-permission so I can be more granular about what roles and permissions are allowed to do.
Sign in to participate in this thread!
We'd like to thank these amazing companies for supporting us