André Rodrigues
Reputation: 69
Different users, middleware Laravel 5
I'm trying to use different user levels at my system. I have at data base my users and their levels (master, portais, chaves, etc)
So, what I want is different routes for each user, so each one will access just a part of the system.
I can easily check in each page of the system his AUTH and dont show to him the page if he is logged in a account witch he shouldn't see that page. BUT, there's a easy way to do it with middleware / Routes no?!
I tried something like this on my routes.php:
Route::group(['middleware' => 'Master'], function()
{
Route::any('/vendedor/produtos/removeProduto', 'AjaxController@vendedorRemoveProduto');
Route::any('/vendedor/produtos/editaPrecoProduto', 'AjaxController@editaPrecoProduto');
Route::any('/vendedor/produtos/alterarestadoproduto', 'AjaxController@alterarestadoumproduto');
Route::any('/vendedor/produtos/listaProdutos', 'AjaxController@listaProdutos');
Route::any('/vendedor/produtos/adicionaProdutoCliente', 'AjaxController@adicionaProdutoCliente');
Route::any('/', 'DashboardController@home'); });
Route::group(['middleware' => 'portais'], function()
{
Route::any('/cadastrarobjedu/criartema', 'AjaxController@criartemaobjedu');
Route::any('/cadastrarobjedu/cadastrar', 'AjaxController@cadastraobjedu');
Route::any('/cadastrarobjedu', 'DashboardController@cadastrarobjedu');
Route::any('/listarobjedu', 'DashboardController@listarobjedu');
Route::any('/editarobjeto/{id}', 'DashboardController@editarobjeto');
Route::any('/apagarobjeto/{id}', 'AjaxController@apagarobjeto');
Route::any('/', 'DashboardController@home'); });
But this didn't work, hgive me a error saying the "MASTER" class dosen't exist. I have change anything more?
Upvotes: 0
Views: 1512
Answers (1)
jedrzej.kurylo
Reputation: 40909
You need to implement a middleware that would check if current user has given level.
Laravel 5.0
//app/Http/Kernel.php - register middleware classes
protected $routeMiddleware = [
'levelMaster' => 'App\Http\Middleware\LevelMasterMiddleware',
'levelPortais' => 'App\Http\Middleware\LevelPortaisMiddleware'
];
//app/Http/Middleware/LevelMiddleware.php - base middleware class that checks if user has level stored in $level;
namespace App\Http\Middleware;
use Closure;
use App;
use Auth;
abstract class LevelMiddleware
{
protected $level;
public function handle($request, Closure $next)
{
if (Auth::user() && Auth::user()->level !== $this->level) {
return App::abort(Auth::check() ? 403 : 401, Auth::check() ? 'Forbidden' : 'Unauthorized');
}
return $next($request);
}
}
//app/Kernel/Middleware/LevelMasterMiddleware.php - checks if user has level Master
namespace App\Http\Middleware;
class LevelMasterMiddleware extends LevelMiddleware
{
protected $level = 'master';
}
//app/Kernel/Middleware/LevelPortaisMiddleware.php - checks if user has level Portais
namespace App\Http\Middleware;
class LevelPortaisMiddleware extends LevelMiddleware
{
protected $level = 'portais';
}
//config/routes.php - configure routes for different levels
Route::group(['middleware' => 'levelMaster'], function()
{
//here add routes for users with level=master
}
Route::group(['middleware' => 'levelPortais'], function()
{
//here add routes for users with level=portais
}
Laravel 5.1
The latest version of Laravel introduces middleware parameters which lets simplify the above code a bit, as only one middleware class will be needed:
//app/Http/Kernel.php - register middleware class
protected $routeMiddleware = ['level' => 'App\Http\Middleware\LevelMiddleware'];
//app/Http/Middleware/LevelMiddleware.php - check if current user has given level
namespace App\Http\Middleware;
use Closure;
use App;
use Auth;
class LevelMiddleware
{
public function handle($request, Closure $next, $level)
{
if (Auth::user() && Auth::user()->level !== $level) {
return App::abort(Auth::check() ? 403 : 401, Auth::check() ? 'Forbidden' : 'Unauthorized');
}
return $next($request);
}
}
//config/routes.php - configure routes for different levels and pass level as middleware parameter
Route::group(['middleware' => 'level:master'], function()
{
//here add routes for users with level=master
}
Route::group(['middleware' => 'level:portais'], function()
{
//here add routes for users with level=portais
}
Upvotes: 2
Related Questions
- Using Laravel Auth middleware
- Laravel 5.8: Multi users authentication issue
- Laravel authorization via middleware
- Using Auth::user in middleware
- Multi Auth Laravel 5.4 using two middleware only
- Auth middleware in Laravel 5.4
- Laravel authorization using middleware
- Laravel 5.2 - middleware auth
- Middleware and user - laravel 5
- Laravel 5.2: How to use auth in middleware