How to perform an admin-only function?

S

Sergey Kotov2020-01-30 11:14:46

Laravel

Sergey Kotov, 2020-01-30 11:14:46

I have a function to add a product

public function Add(Request $request){
        $eqmodel = new Eqmodel;
        $htmlmodel = new Eqhtml;
        $htmlmodel->html = $request->eq_html;
        $eqmodel->name = $request->eq_name;
        $eqmodel->price = str_replace(" ","", $request->eq_price);
        $eqmodel->sale = str_replace(" ","", $request->eq_sale);
        $eqmodel->url = $request->eq_url;
        $eqmodel->image = $request->eq_image;
        $eqmodel->type_id = intval($request->eq_category);
        $eqmodel->descrip = $request->eq_descript;
        $eqmodel->video = $request->eq_video;
        $eqmodel->rgx = $request->eq_rgx;
        $eqmodel->save();
        if ($eqmodel->save()) {
            $htmlmodel->eq_id = $eqmodel->id;
            if($htmlmodel->save()){
                return response()->json(array('success' => true), 200);
            }
        }
    }

I call it via ajax. But the problem is that it can be called through curl, for example. How to check before execution that an authorized user sent a request?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

G

Gleb Starkov, 2020-01-30
@colonel

Middleware

A

Anton Anton, 2020-01-30
@Fragster

https://laravel.com/docs/6.x/authorization#gates