This is my first post here. I'm starting to use Laravel 5.3 to create a system. In this system I will have two types of users (Admin and Client). I'd like to block certain routes for the client. I've been able to limit clients from viewing certain items from views (using roles), but I'd like to block the routes for more security. How could I tell the system to only accept admin users access the delete route, for example?
Sorry if it's a stupid question, but I'm learning and I'm kind of aimless.
To control user access to routes you should use middlewares .
The Laravel documentation explains how to use: link
Example:
You can define in a middleware that only people over the age of 20 go to a particular route. The middleware can be defined:
<?php
namespace App\Http\Middleware;
use Closure;
class CheckAge
{
public function handle($request, Closure $next)
{
if ($request->age <= 20) {
return redirect('home');
}
return $next($request);
}
}
To include in the route:
Route::get('adultos', function () {
//
})->middleware('auth');
This is a very simple example, I recommend that you read all the documentation to really understand how to use and all the options of use.