I have a simple users table which I define and admin by having a 1 in the type column.
I have the following setup in my middleware but this still doesn't stop non admins accessing admin only areas.
Middleware:
<?php
namespace App\Http\Middleware;
use Closure;
class Admin {
public function handle($request, Closure $next)
{
if (Auth::user()->isAdmin())
{
return redirect('home');
}
return $next($request);
}
}
Kernal:
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'admin' => App\Http\Middleware\Admin::class,
];
Routes:
Route::group(['middleware' => 'auth', 'admin'], function () {
Route::get('admin/dashboard', 'AdminController@dashboard');
Route::get('admin/orders', 'AdminController@orders');
});
Function in my User class:
public function isAdmin()
{
if (Auth::user()->type == '1')
{
return true;
}
else
{
return false;
}
}
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire