Reputation: 1219
Laravel 5 Auth for Restful Resource Controllers to restrict resource to logged in user
I have a pretty basic RESTful address manager. I have user accounts setup with user login all based on Auth and am in the process of integrating entrust but that's beyond the scope of this. For now, I simply want to restrict access to my AddressController to users who are logged in. I'm able to do this on a route using:
Route::get('profile', ['middleware' => 'auth', 'uses' => 'UserController@getProfile']);
However if I try this on my RESTful resource as follows it doesn't work - I don't get an error, but the un-authenticated user can still access the resource.
Route::resource('addresses', 'AddressController', ['middleware' => 'auth']);
Upvotes: 1
Views: 852
Answers (1)
Reputation: 14747
Try grouping your resources that should use a specific middleware:
Route::group(['middleware' => 'auth'], function(){
Route::resource('addresses', 'AddressController');
});
Only you know how your scenario is, but another way to run filters in resources is to call to needed middlewares in the resource's constructor like:
class AddressController extends Controller {
public function __construct()
{
$this->middleware('auth');
}
Upvotes: 3
Related Questions
- Laravel resource route with name gives error
- Only exposing certain auth routes in Laravel
- How to use auth in api routes
- How to authenticate RESTful API in Laravel 5.2?
- Add auth to some methods of API resource routes
- Authenticating a user role in Laravel and protecting a route
- laravel 5.2 how to protect route only for authenticated user
- Laravel 4 authentication. Restrict access to some functions of a resource but not all
- Laravel 4 Resource Routes and Authentication
- How to use Laravels Auth method to authenticate access to a controller?