how to guard a controller through multiple of user?

限于喜欢 提交于 2019-12-04 21:03:26

Here is my implementation for access control for admin and users(agents in my case) I have a boolean field in my user table(is_admin) which is 0 for normal users and 1 for admins. so in my User model I did this

    protected $casts = [
        'is_admin' => 'boolean',
    ];

  public function isAdmin()
    {
            return $this->is_admin;
    }

Create a new middleware for the type of roles u want using

php artisan make:middleware Admin

php artisan make:middleware Agent

The middleware files will be created in App\Http\Middleware\ add this to class inside Admin.php

public function handle($request, Closure $next)
{

    if ( Auth::check() && Auth::user()->isAdmin() )
    {
        return $next($request);
    }

    return redirect('/agent');

}

and this to Agent.php

    public function handle($request, Closure $next)
{

    if ( Auth::check() && !Auth::user()->isAdmin() )
    {
        return $next($request);
    }

    return redirect('/home');

}

After this register your middleware with laravel to do this add this to protected $routeMiddleware in your Kernel.php which is located at app\Http\Kernel.php

'admin' => 'App\Http\Middleware\Admin',
'agent' => 'App\Http\Middleware\Agent',

make sure to create proper routes for redirection as we've mentioned in our middleware files. after this you are almost done. Now to verify if a user is admin or normal user add this to the constructor method of your controller.

Actions allowed only for admin users

    public function __construct()
{   

    $this->middleware('auth');
    $this->middleware('admin');
}

Action allowed only for normal users

public function __construct() {

$this->middleware('auth');
$this->middleware('agent');

}

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!