CODEWITHSUNDEEP
laravel
Kiruaaa
Kiruaaa

Reputation: 301

if else condition in routes laravel

I want only user with same name with the url id can access using if condition

Example

Doing something like Example:

 if{id}!=={{auth->name}}
 {
  Route::get('NoPermission', 'Restriction@index');
 }
 else
 {
  Route::get('/User-Profile/{name}/', 'AccountController@index');
 }

How can I compare {name} from url to {auth->name} ?

Route

 Route::get('/User-Profile/{name}/', 'AccountController@index');

Blade

 <a href="/dashboard/User-Profile/{{ Auth::user()->name }}">{{ Auth::user()->name 
}}</a>

Upvotes: 2

Views: 4486

Answers (4)

rareclass
rareclass

Reputation: 785

Actually, you can check in your routes like this:

Route::get('/profile/{name}', function(String $name) {
    if (!Auth::check() || $name !== Auth::user()->name) {
        abort(404);
    }
    return view("view.auth.profile", ['profile => App\Profile::where('user_id', '=', Auth::id())->first()]);
});

However if you use

Route::get('/profile', 'AuthController@profile')->middleware('auth');

and use Auth::user() in your controller to select the correct profile.

The benefit here is that any unauthenticated users will be automatically redirected to your login page, and there's no need to include the name on your profile link.

Upvotes: 1

IGP
IGP

Reputation: 15786

In a service provider (Doesn't really matter which one, but it would be clearer if done in the RouteServiceProvider), add a route binding in the boot method as documented in https://laravel.com/docs/6.x/routing#explicit-binding

public function boot()
{
    // Declare binding 'name'. 
    Route::bind('name', function ($name) { 
        return App\User::where('name', $name)->first() ?? abort(404);
    });
}

Then, use that binding in your routes file

// Use binding name and middleware auth to make sure this route can't be accessed by guest users.
Route::get('/User-Profile/{name}/', 'AccountController@index')->middleware('auth')->name('account_profile');

In your blade file, you can do the following

{{-- Make sure the link is only visible for authenticated users https://laravel.com/docs/6.x/blade#if-statements --}}
@auth
  <a href="{{ route('account_profile', ['name' => auth()->user()->name]) }}</a>
@endauth

Upvotes: 2

MrEvers
MrEvers

Reputation: 1072

You can't access Auth like that in your routes, compare it in your AccountController instead:

public function index($name){
    if($name != Auth::user->name()) abort(403);
    else...
}

Upvotes: 4

DEVLOGIN
DEVLOGIN

Reputation: 87

Allow acces to the page , but before showing content ,check if the url path is == to the id name .

Upvotes: 1

Related Questions