Laravel Tutorial
Laravel Useful Resources
Selected Reading
- Laravel - Action URL
- Laravel - Dump Server
- Laravel - Pagination Customizations
- Laravel - Artisan Commands
- Laravel - Guest User Gates
- Understanding Release Process
- Laravel - Hashing
- Laravel - Encryption
- Laravel - Artisan Console
- Laravel - Authorization
- Laravel - Authentication
- Laravel - CSRF Protection
- Laravel - Contracts
- Laravel - Facades
- Laravel - Event Handling
- Laravel - Error Handling
- Laravel - Ajax
- Laravel - Sending Email
- Laravel - File Uploading
- Laravel - Validation
- Laravel - Session
- Laravel - Localization
- Laravel - Forms
- Laravel - Errors & Logging
- Laravel - Working With Database
- Laravel - Redirections
- Laravel - Blade Templates
- Laravel - Views
- Laravel - Response
- Laravel - Cookie
- Laravel - Request
- Laravel - Controllers
- Laravel - Namespaces
- Laravel - Middleware
- Laravel - Routing
- Laravel - Configuration
- Laravel - Application Structure
- Laravel - Installation
- Laravel - Overview
- Laravel - Home
Laravel Useful Resources
Selected Reading
- Who is Who
- Computer Glossary
- HR Interview Questions
- Effective Resume Writing
- Questions and Answers
- UPSC IAS Exams Notes
Laravel - Authorization
Laravel - Authorization
In the previous chapter, we have studied about authentication process in Laravel. This chapter explains you the authorization process in Laravel.
Difference between Authentication and Authorization
Before proceeding further into learning about the authorization process in Laravel, let us understand the difference between authentication and authorization.
In authentication, the system or the web apppcation identifies its users through the credentials they provide. If it finds that the credentials are vapd, they are authenticated, or else they are not.
In authorization, the system or the web apppcation checks if the authenticated users can access the resources that they are trying to access or make a request for. In other words, it checks their rights and permissions over the requested resources. If it finds that they can access the resources, it means that they are authorized.
Thus, authentication involves checking the vapdity of the user credentials, and authorization involves checking the rights and permissions over the resources that an authenticated user has.
Authorization Mechanism in Laravel
Laravel provides a simple mechanism for authorization that contains two primary ways, namely Gates and Popcies.
Writing Gates and Popcies
Gates are used to determine if a user is authorized to perform a specified action. They are typically defined in App/Providers/AuthServiceProvider.php using Gate facade. Gates are also functions which are declared for performing authorization mechanism.
Popcies are declared within an array and are used within classes and methods which use authorization mechanism.
The following pnes of code explain you how to use Gates and Popcies for authorizing a user in a Laravel web apppcation. Note that in this example, the boot function is used for authorizing the users.
<?php
namespace AppProviders;
use IlluminateContractsAuthAccessGate as GateContract;
use IlluminateFoundationSupportProvidersAuthServiceProvider as ServiceProvider;
class AuthServiceProvider extends ServiceProvider{
/**
* The popcy mappings for the apppcation.
*
* @var array
*/
protected $popcies = [
AppModel => AppPopciesModelPopcy ,
];
/**
* Register any apppcation authentication / authorization services.
*
* @param IlluminateContractsAuthAccessGate $gate
* @return void
*/
pubpc function boot(GateContract $gate) {
$this->registerPopcies($gate);
//
}
}
Advertisements