seddka
Reputation: 105
How to restrict authenticated users to only access their on profile
I am stuck with users profile feature, I want only authenticated users to access their own profile only.
User with id: 1 can only access route /applicants/profile/1, otherwise return 404 Not found?
class ApplicantProfileController extends Controller
{
public function show(Applicant $applicant)
{
return view('applicant.show', compact('applicant'));
}
}
route::group(['prefix' => 'applicants', 'middleware' => 'auth:applicant'], function() {
Route::get('/profile/{applicant}', 'Profiles\ApplicantProfileController@show');
});
Upvotes: 0
Views: 139
Answers (1)
Professor
Reputation: 908
You can chech whether the logged user and the parameter user are the same by using the Illuminate/Support/Facades/Auth facade like this:
public function show(Applicant $applicant)
{
if (Auth::id() == $applicant->id) {
return view('applicant.show', compact('applicant'));
}
return abort(404);
}
Upvotes: 3
Related Questions
- How to restrict a user to only see their own profile
- How to make the profile user forbid to anyone except the own user?
- Laravel restrict users to only be able to see their own profile
- Laravel - How to restrict certain functionality based on user authentication?
- Laravel - Don't allow user to access other user data
- Prevent authenticated user to view other users profile on Laravel 5
- Laravel 5.1: How to limit account access so one account can be accessed at one time
- Laravel profile access and permissions
- Laravel 4 Prevent Authenticated users from viewing other user profiles
- What is the best way to restrict access in Laravel?