Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexander2022-03-30 15:01:59
User identification
Alexander, 2022-03-30 15:01:59

How to organize authorization in Laravel?

Tell me, if you use middleware in routes, will this step be enough for security or is it worth checking authorization also through an observer? PS I'm just learning =)
Route::get()->middleware('auth');

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
S
SKEPTIC, 2022-03-30
@pro100chel

Yes, everything is fine.
The main thing is that the logic in this middleware is correct and do not forget to hang this middleware on the routes where this authorization is needed.
The logic itself is simple - checking the session key / token or something else. If there is a division into roles / rights, then check for the sufficiency of the role for the action being performed. All.

Similar questions
V
Viktor2017-09-19 05:19:03
How to hide authorization window if ajax response comes with WWW-Authenticate header? 1Reply
W
WebDev2017-09-25 11:09:10
Is it possible to use such authorization? 1Reply
R
Ruslan Makarov2017-10-13 03:04:20
I changed my Google account, how do I get it back? 1Reply
S
Sergey Ryzhkin2017-10-30 10:47:13
Authentication on Kerio for the network, how to implement? 0Reply
A
Alexey2017-11-13 19:07:05
Registering for AngularJS 5 using PHP Yii2 backend. How to check registration status? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question