Support the ongoing development of Laravel.io →
Authentication
Last updated 2 years ago.
0

I have a small tutorial on using the Authroziation system if you want to go that route.

asklagbox - Lets do this - part 2

If you want to do that via a middleware, maybe something like this:

public function handle($request, Closure $next)
{
    if (Comment::findOrFail($request->route('id'))->author_id != $request->user()->id) {
        // return some redirect with message
        // or return an unauthorized response
    }
    // continue through
    return $next($request);
}

If you apply this middleware to that route, only the author will be able to make it through, to the controller method where you will delete the record.

You would have to make some adjustments depending on your schema but that is the general idea. I would recommend using the Authorization system if on a version higher than 5.1.11 where you can write this logic into there and check it via the Gate.

0

Sign in to participate in this thread!

Eventy

Your banner here too?

pkrobak pkrobak Joined 2 Jun 2016

Moderators

We'd like to thank these amazing companies for supporting us

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

© 2024 Laravel.io - All rights reserved.