So i have this code in my route :
// Facilitator Priviledges
Route::group(['roles'=>'facilitator'],function(){
//Material
Route::get('/material', 'MaterialController#index');
Route::post('/material', 'MaterialController#store');
Route::get('/material/{course:id}/create', 'MaterialController#create');
Route::get('/material/detail/{course:id}', 'MaterialController#show');
Route::get('/material/{material:id}/edit', 'MaterialController#edit');
Route::patch('/material/{material:id}', 'MaterialController#update');
Route::delete('/material/{material:id}', 'MaterialController#destroy');
});
//Admin Priviledges
Route::group(['roles'=>'admin'],function(){
Route::resource('/categories', 'CategoriesController');
//Material
Route::get('/material', 'MaterialController#index');
Route::post('/material', 'MaterialController#store');
Route::get('/material/{course:id}/create', 'MaterialController#create');
Route::get('/material/detail/{course:id}', 'MaterialController#show');
Route::get('/material/{material:id}/edit', 'MaterialController#edit');
Route::patch('/material/{material:id}', 'MaterialController#update');
Route::delete('/material/{material:id}', 'MaterialController#destroy');
});
It has the same route, in this case, Material Route that both admin and facilitator roles can access it, but when the code runs it can be only one role that working fine (I'm using admin) and the other giving error (503) Servive unavailable
You can refer to this to this Question
Or you can refer to Laravel Policy
or you can simply create your own policy and register it in your middleware.
Route::group(['middleware' => ['admin', 'facilitator']], function () {
Route::get('/material', 'MaterialController#index');
Route::post('/material', 'MaterialController#store');
Route::get('/material/{course:id}/create', 'MaterialController#create');
Route::get('/material/detail/{course:id}', 'MaterialController#show');
Route::get('/material/{material:id}/edit', 'MaterialController#edit');
Route::patch('/material/{material:id}', 'MaterialController#update');
Route::delete('/material/{material:id}', 'MaterialController#destroy');
});
If you want to use the cascading ability of the groups, this is how you would nest them:
Route::group(['roles'=>'admin'],function(){
Route::resource('/categories', 'CategoriesController');
Route::group(['roles'=>'facilitator'],function(){
Route::get('/material', 'MaterialController#index');
Route::post('/material', 'MaterialController#store');
Route::get('/material/{course:id}/create', 'MaterialController#create');
Route::get('/material/detail/{course:id}', 'MaterialController#show');
Route::get('/material/{material:id}/edit', 'MaterialController#edit');
Route::patch('/material/{material:id}', 'MaterialController#update');
Route::delete('/material/{material:id}', 'MaterialController#destroy');
});
});
In the inner group roles is ['admin', 'facilitator']
I'm working on an application where some users should have access to other user accounts. For example: In a family, the mother and all 3 kids have an account. Now the mother should have access to all of the kids accounts.
Is there a possibility to setup something like this in Laravel using Passport? I thought about a "permission" database table with two columns (parent_account, child_account). Parent accounts could then switch between accounts where they have the permission.
Perfect would be something like a middleware where I can set Auth::actAs($child);and after that every Auth::user() call would be the child until I switch back to the "normal" account.
Additional information: I'm using Laravel to provide an API for my React Frontend Application. I tried the Auth::loginUsingId function, but when I use it I get logged out and I get the Method Illuminate\Auth\RequestGuard::loginUsingId does not exist. Exception.
I am using Laravel Version 6.9.0
I found a solution to my problem.
I added a middleware that contains this piece of code:
public function handle($request, Closure $next)
{
$activeChild = Auth::user()->activeChild; // id of child user
if ($activeChild) {
Auth::setUser($activeChild);
}
return $next($request);
}
After that I added this middleware to all routes:
Route::group(['middleware' => ['actAsUser']], function () {
// some routes
});
I am logging in via Laravel API.
Let's say that I am on www.domain.com/login. After login is successful, I put the token into a cookie and redirect to /admin.
Route::get('/admin', function () {
return view('admin');
})->middleware('auth');
The problem is that Laravel doesn't see that the user is logged in, thus redirects me to /login once more.
And, if I declare the route as follows
Route::get('/admin', function () {
return view('admin');
});
Everyone can access www.domain.com/admin
I appreciate any help.
Luca
You need to add auth:api middleware so it can see the auth user
I have installed Laravel and set up authentication and I have also created a route group like this:
// users that want to access test route should be logged in.
Route::group(['middleware' => ['web', 'auth']], function () {
Route::get('first', function () {
return 'first';
});
});
The problem is when I access the route like this:
http://localhost/first
I can see my "first" message, but when I refresh the same page laravel redirects me to:
http://localhost/home
I could not solve this and I have moved my first route out of the route group now everything is working well. If I keep it in the route group with auth & web middlewares it is not working.
Try to remove web middleware if you're using 5.2.27 and higher.
I build api service using laravel.
I want to log all acess to the api routes
I though somewhere in the routes.php put some code that get the requested route? any help? thanks
laravel 4
You can define a route filter first
Route::filter('log', function($route, $request, $response)
{
// log work
});
then apply the filter to your route
Route::get('api', array('before' => 'log', function()
{
return 'logged!';
}));
I think you can also get the log from the access log of your web server.