How to write routing that only authenticated users can use
Thank you for your continued support.
This article contains advertisements that help fund our operations.
Table Of Contents
I wrote an article about how to write routing for authentication.
I will introduce the basic style of writing and also touch on how to specify "only these users" or how to always add a specific url at the beginning of the URL (prefix).
There are several writing styles, but I have selected the most common type that is often seen.
⇨ Article on Laravel routing I wrote earlier
⇨ How to specify multiple middleware for routing
Environment
Laravel6
How to write routing for authentication
web.php
Route::group(['middleware' => 'auth'], function () {
// Write the routing code from the previous article inside this
// For example
Route::get('/user', 'UserController@index');
Route::get('/user/{id}', 'UserController@show');
});Explanation
By specifying the authentication middleware in this way using a group, you can avoid having to write it multiple times.
The routings written within the group can only be accessed by authenticated users.
For example, parts requiring login authentication such as profile updates or posting functions, which should not be shown to users who are not logged in or functions that should not be allowed, will all be included within this block.
Anecdote about authentication middleware
In Laravel, it is easy to create multiple types of authentication by specifying a unique name for authentication.
This is known as multi-authentication.
The place where the authentication name is specified is in the file:
config/auth.php
In that file, it is written like this:
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
],The parts 'web' or 'api' within guards are the authentication names.
In web.php where the routing is specified:
auth:web
auth:apican be called.
Furthermore,
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],such description exists.
This declares that ['middleware' => 'auth'] refers to auth:web as specified by defaults.
Therefore,
Route::group(['middleware' => 'auth'], function () {
});
// Since it is specified by defaults, the following two are the same
Route::group(['middleware' => 'auth:web'], function () {
});
// For api authentication, it is specified as below
Route::group(['middleware' => 'auth:api'], function () {
});is the general idea.
Writing a common part of the URL using group
For example,
Route::get('/api/user', 'UserController@index');
Route::get('/api/user/{id}', 'UserController@show');Let's say there are these routings.
If you want to standardize the part "api," you would write it like this:
Route::group(['prefix' => 'api'], function(){
Route::get('/user', 'UserController@index');
Route::get('/user/{id}', 'UserController@show');
});Although "prefix" means "prefix" or "to put in front" in English,
it seems that the act of standardizing a part at the beginning of the URL is expressed as "prefix." It is a term that is often heard.
Summary
In this article, I discussed
-
How to write routings that only authenticated users can use
-
How to standardize URLs (prefix) using a similar approach
In the future, I will write articles with the aim of requiring as little memorization as possible, such as "once you've memorized one thing, you're good to go."
If there are any unclear parts, typos, or strange statements, please let me know via DM on Twitter.
That's all for now.
