Laravel Routes Authorization Library

Authuser


AuthUser is flexible authorization system for Laravel, It checks the route permission to access a certain portion of the site or application. To add Permissions User-based, Role-based, Conditionally. It uses authority.checkpost middleware for filter permission of current accessing route, Under this middleware checked every permission of the user login.

Installation

Require this package in your composer.json or install it by running:

    composer require journeycx/laravel-authuser

Now, insert into your config/app.php.

    "provider" => [
        JourneyCX\AuthUser\AuthUserServiceProvider::class
    ];

Now, run this command after that config/authuser.php and app/Http/Middleware/AuthUserCheckpostMiddleware.php files are publish.

    php artisan vendor:publish  --tag="authuser"

Now, insert into your app/Http/Kernel.php.

    protected $routeMiddleware = [
        'authority.checkpost'  => \App\Http\Middleware\AuthUserCheckpostMiddleware::class
    ];

Use authority.checkpost middleware for handle permission base routes.

    Route::group(['middleware' => 'authority.checkpost'], function () {
        // Place all those routes here which needs authentication and authorization.
    });

Now, the basic setup is ready you need to configure rules of permissions using config/authuser.

Configuration

The structure of permissions given below, but it's highly recommended to read more on docs`.


    [
        'allow' => ['*'], // Allowed permission to user. Priority is less than deny.
        'deny'  => ['temp1'], // Deny permission to user. Priority is higher than allow.
    ]

    canAccess('temp1');
    // false 

Usage - Helpers

  • canAccess($accessId = null);
    Check the access, By default it check current route and return response in boolean value.
    canAccess('temp1');
    // true or false
  • canPublicAccess($accessId = null); - Authentication not required
    Check the public access, By default it check current route and return response in boolean value.
    canPublicAccess();
    // true or false

Usage - Facade

  • AuthUser::check($accessId = null, $requestForUserId = null)
    Check the access of $accessId, By default it check current route and return response in boolean value, And it can check access of perticular user by passing user id ($requestForUserId) parameter.
    AuthUser::check('temp1');
    // true or false
  • laravel-authuser:isPublicAccess($accessId = null); - Authentication not required
    Check the access of $accessId, By default it check current route and return response in boolean value.
    AuthUser::isPublicAccess('temp1');
    // true or false

Usage - Directives

  • @canAccess($accessId = null);
    Check the access, By default it check current route and return response in boolean value.
    @canAccess()
       // your logic here.
    @endAccess;
  • @canPublicAccess($accessId = null); - Authentication not required
    Check the public access, By default it check current route and return response in boolean value.
    @canPublicAccess()
       // your logic here.
    @endAccess;