vendredi 18 décembre 2015

Passing a parametre into Laravel middleware

Building a blog platform and my goal is to stop a user from being able to directly access any pages that allow them to post under a different user.

For example, they have created a blog 'Blog 1'

If a different user goes to add a new post to that blog:

/blog/newupdate/1

Then I want to block that.

I have methods set up already for my user as I check it in the views, but need a way to block this access.

I have a middleware set up in a group:

Route::group(['middleware' => 'auth','OwnsProject'], function () {
    Route::get('/project/newupdate/{id}',[
        'as' => 'project/newupdate',
        'uses' => 'ProjectController@createUpdate'
    ]);
});

In my middle ware I want to do:

public function handle($request, Closure $next)
{
    if (!Auth::user()->ownsProject($id)) {
        // nada
    }
    return $next($request);
}

But nothing seems to be coming through in the request?



via Chebli Mohamed

Aucun commentaire:

Enregistrer un commentaire