How to do an if / else within a route?

0

I have a form that has two types of users: administrators and developers and each has its post login page, but even logged in as administrator, I can go to the developers pages. I need to fix this!

    
asked by anonymous 19.04.2017 / 19:12

2 answers

0
  • Create a Middleware. Open the Command Prompt , go to your project folder and type:

    php artisan make:middleware CheckRoleUser
    
  • Register this Middleware on App/Http/Kernel.php on $routeMiddleware

    protected $routeMiddleware = [
        'check_role' => \App\Http\Middleware\CheckRoleUser::class,
        .
        .
        .
    ];
    
  • Open the file App/Http/Middleware/CheckRoleUser.php and write the code routine that verifies that the user is an Admin or Developer. I do not know what your database looks like. But the users table must have a role or role_id field that defines the user type.

    public function handle($request, Closure $next, $guard = null){
    
        # Se for diferente de 1 = Admin volta para página de login.
        if (!Auth::user()->role == 1) {
            return redirect()->to('/login');
        }
    
        return $next($request);
    
    }
    
  • In the App/Http/routes.php file, you call the middleware created with the name you set in Kernel.php .

    # Admin
    Route::group(['prefix' => 'admin', 'middleware' => 'check_role'], function(){
        Route::get('/', 'DashboardController@index');
    });
    
  • 19.04.2017 / 19:40
    0

    I do not know which version of Laravel you are using but if it is 5.2 or higher, it already has natively control for different types of authentication, called "guard", in the folder of your project go to config / auth.php, there is an array with the "guards", you can do so for example:

       'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],
        'desenvolvedor' => [
            'driver' => 'session',
            'provider' => 'desenvolvedores',
        ],
    
        'api' => [
            'driver' => 'token',
            'provider' => 'users',
        ],
    ]
    

    You will need to change the array of providers also in this same "auth.php" file, put the provider like this:

    'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model' => App\User::class,
        ],
        'desenvolvedores' => [
            'driver' => 'eloquent',
            'model' => App\Desenvolvedor::class,
        ]       
    ]
    

    Note that in the provider you specify the model that will be used to perform the authentication, you can duplicate the User model and change it to Developer, going something like this:

    <?php
    
    namespace App;
    
    use Illuminate\Foundation\Auth\User as Authenticatable;
    
    class Desenvolvedor extends Authenticatable
    {
    
        protected $table = 'desenvolvedores'; //coloque aqui o nome da tabela dos desenvolvedores
        /**
         * The attributes that are mass assignable.
         *
         * @var array
         */
        protected $fillable = [
            'name', 'email', 'password',
        ];
    
        /**
         * The attributes excluded from the model's JSON form.
         *
         * @var array
         */
        protected $hidden = [
            'password', 'remember_token',
        ];
    }
    

    You will also need to have the 'name', 'email' and 'password' fields in your developers table, I suggest you follow the pattern of the 'users' table.

    This way you can create protected routes for each "guard", for example:

    Route::group(['prefix' => '/desenvolvedor', 'middleware' => 'auth:desenvolvedor'], function ()...
    

    For more details I suggest you read the documentation at: link

        
    19.04.2017 / 20:19