I am setting up a new project and I want to use gates and policies. I know how to use it by Laravel documentation but I want to go furthermore.
We have a boot method in AuthServiceProvider where we should define gates and policies.
Can we define controllers in gates something like this?
Gate::define(SomeController::class, function ($user) {
if($user->something) {
return false;
}
return true;
});
If you want to protect specific routes (prevent unauthorized users from hitting your controllers), middleware is your best option. Gates/Policies are there to protect models/actions.
<?php
namespace App\Http\Middleware;
use Closure;
class MyCustomMiddleware
{
public function handle($request, Closure $next)
{
if($request->user->something) {
return false;
}
return true;
}
}
More details on how to create and register middleware here: