Тёмный

Authorization in Laravel: Can You Do That? 

Laravel
Подписаться 41 тыс.
Просмотров 7 тыс.
50% 1

There's another "auth" that Laravel makes incredibly easy out of the box: authorization. But just how is authentication and authorization different?
Let's take a look at Gates and Policies, when to use one over the other, and the basics of how you can check if a user is authorized to do something anywhere in your application.
**clarification: while you can use $this authorize() in a Livewire class, you will need to use Gate authorize() in a controller in Laravel 11
*note: there's a LOT of awesome helper functions and ways to check gates and policies that we didn't talk about. The docs are a great place to dive deeper.
Authorization Docs: laravel.com/docs/11.x/authori...

Наука

Опубликовано:

 

11 июн 2024

Поделиться:

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист
Посмотреть позже
Комментарии : 41   
24 дня назад
I really love how we can say "actually there is something for that in Laravel" for almost anything a modern Web application needs. I'm using Laravel since version 3 and love every minute spent using it. Thank you all the developers and users making it better each day
@LaravelPHP
@LaravelPHP 24 дня назад
Same here. It's easy to make beautiful applications. :) -Josh
@marekbee
@marekbee 24 дня назад
I am VIP -> very into PHP 🙌
@LaravelPHP
@LaravelPHP 24 дня назад
😏
@habibullahiM
@habibullahiM 24 дня назад
@@LaravelPHP I just started with laravel and was wondering how he setup vscode and laravel
@reactoranime
@reactoranime 23 дня назад
Would be nice to see some demos with: multiple user roles and separate role capabilities, and as an extra custom user capabilities. This definetely requires some tables like roles, capabilities and role_capabilities and user_capabilities.. but would be nice to see such implementation
@LaravelPHP
@LaravelPHP 18 дней назад
That's good to know. It might be a good option for a separate video. Looking into how Laravel Jetstream uses these roles and permissions is a great start. :) -Josh
@Lopoi
@Lopoi 24 дня назад
Sometimes it`s nice to see a video like this to remind me of features of laravel that I forget exist
@LaravelPHP
@LaravelPHP 18 дней назад
I love that. I forget about neat little helper functions and directives ALL the time. I'm glad we could help remind you of things. :) -Josh
@sandeepbhambre
@sandeepbhambre 24 дня назад
I think In laravel 11 projects, $this->authorize() would not work by default because the base controller doesn't have supporting traits.
@LaravelPHP
@LaravelPHP 24 дня назад
Hey! You are correct. Great point. I should have clarified that the $this->authorize can work in a Livewire class but you'll use Gate::authorize in a controller. I'll add this clarification to the description. :) -Josh
@safalpiya2903
@safalpiya2903 24 дня назад
Thanks for the great content! By the way I'm using laravel as API with a React SPA without Inertia. What would be a good way to check if a user is authorized to do something inside the react app similar to @can('alert-users' ) directive inside blade files?
@iapv
@iapv 24 дня назад
Are you using sanctum? If you are, do exactly as the video says except return a json response instead of Inertia::render(). In the frontend, you can fetch the json data as can["alert-user"]. Of course, make sure the user authenticated first. One of the tricky parts of sanctum is setting it up to validate csrfTokens. But there are tutorials for that if you're interested.
@LaravelPHP
@LaravelPHP 18 дней назад
Just like @iapv mentioned, you would have to pass that "can" prop when fetching the user on the initial API request. Checking out how this happens in the NextJS Breeze implementation is a good start. -Josh
@sigmund233
@sigmund233 18 дней назад
What's your opinion on using something like spatie/laravel-permission? It is my go to since I prefer role/permissions than Gates or Policies
@LaravelPHP
@LaravelPHP 18 дней назад
I think that's a great way to build on top of what Laravel already offers, especially if you have unique or specific use-cases. But USUALLY, a package like laravel-permission is going to be used in conjunction with policies in any application. So it's helpful to know both. :) -Josh
@kamleshpaul414
@kamleshpaul414 24 дня назад
great explanation 🎉
@LaravelPHP
@LaravelPHP 18 дней назад
Thank you. I'm glad it helped. :) -Josh
@shubhamsahuSD
@shubhamsahuSD 21 день назад
I am starting to like yours this type of videos ❤
@LaravelPHP
@LaravelPHP 18 дней назад
Well thank you. I'll try my best to keep it going. :) -Josh
@srhanzd3022
@srhanzd3022 24 дня назад
Thank you man ❤❤❤
@LaravelPHP
@LaravelPHP 18 дней назад
Thank YOU. -Josh
@vic_casanas
@vic_casanas 24 дня назад
Love your videos man 🤩
@LaravelPHP
@LaravelPHP 24 дня назад
Thanks so much Vic. I appreciate it. :) -Josh
@EMMA-0310zz
@EMMA-0310zz 21 день назад
Can the future of laravel compete with NodeJS and .NET
@LaravelPHP
@LaravelPHP 18 дней назад
We think so. But we are pretty biased. 😉 -Josh
@srhanzd3022
@srhanzd3022 24 дня назад
❤❤❤
@LaravelPHP
@LaravelPHP 18 дней назад
🥰 -Josh
@ifeanyinnaemego
@ifeanyinnaemego 24 дня назад
I hope am making the best career choice by sticking with Laravel
@LaravelPHP
@LaravelPHP 24 дня назад
We think so. ☺️ -Josh
@ifeanyinnaemego
@ifeanyinnaemego 24 дня назад
@@LaravelPHP appreciate it
@srhanzd3022
@srhanzd3022 24 дня назад
Love laravel
@LaravelPHP
@LaravelPHP 18 дней назад
Don't tell anybody, but I do too. -Josh
@yoanestradablanco1608
@yoanestradablanco1608 24 дня назад
Greet video
@LaravelPHP
@LaravelPHP 24 дня назад
Thank you! :) -Josh
@Pekz00r
@Pekz00r 23 дня назад
I don't think you got the the initial explanation of authentication vs authorisation right. In that example authentication would be something like showing your ID to prove that you are you and maybe that you are the actual ticket holder if the tickets are personal. The ticket is authorisation and allows you to enter the venue as well as the specific areas. Great video otherwise.
@LaravelPHP
@LaravelPHP 18 дней назад
Probably so! Good catch. It does break down a little bit. 😂 It would probably be less of having tickets and more about proving those tickets are yours, like you said. :) -Josh
@dev22221
@dev22221 24 дня назад
Only 3 of these are correct. Find out which.
@user-qd6hj2fn4w
@user-qd6hj2fn4w 18 дней назад
Зачем ему кепка нужна? ну ладно очки, это понятно, возможно проблема со зрением, но зачем ему кепка?..
@LaravelPHP
@LaravelPHP 18 дней назад
Мне нравится, как это выглядит. Это весело. :) -Josh
@user-qd6hj2fn4w
@user-qd6hj2fn4w 18 дней назад
@@LaravelPHP я не хотел тронуть вас, просто стало интересно. У нас в России когда есть нужда, тогда одевают одежду, но чаще даже не одевают, я обычно задаю вопрос в России вопрос, на улице солнце светит, почему без кепки? Или когда на улице мороз, спрашиваю почему без шапки? 😅
Далее
Laravel + Livewire todo app (and so much more)
16:41
Просмотров 34 тыс.
Which Livewire method should I use?
8:20
Просмотров 3,6 тыс.
Все кругом Миланы... 🤣
00:12
Просмотров 131 тыс.
КОРОЧЕ ГОВОРЯ, ШКОЛА БУДУЩЕГО
10:40
D3 Ваз 2107 Не умри от зависти!
18:57
⚡️Uylanishim kerak, sovchilikka borasizmi?...😅
00:50
Why Don't We Have A Laravel For JavaScript?
12:36
Просмотров 88 тыс.
NextJS and Laravel Can Be Friends
23:54
Просмотров 17 тыс.
100+ Linux Things you Need to Know
12:23
Просмотров 248 тыс.
Microservices with Databases can be challenging...
20:52
`const` was a mistake
31:50
Просмотров 126 тыс.
Laravel's secret weapon: macros (watch me code)
23:46
The Modern Index.php File
16:13
Просмотров 15 тыс.
ПОКУПКА ТЕЛЕФОНА С АВИТО?🤭
1:00