Skip to content

Latest commit

 

History

History
83 lines (63 loc) · 2.57 KB

Auth.md

File metadata and controls

83 lines (63 loc) · 2.57 KB

Auth

⬆️ Go to main menu ⬅️ Previous (Collections) ➡️ Next (Mail)

Check Multiple Permissions at Once

In addition to @can Blade directive, did you know you can check multiple permissions at once with @canany directive?

@canany(['update', 'view', 'delete'], $post)
    // The current user can update, view, or delete the post
@elsecanany(['create'], \App\Post::class)
    // The current user can create a post
@endcanany

More Events on User Registration

Want to perform some actions after new user registration? Head to app/Providers/EventServiceProvider.php and add more Listeners classes, and then in those classes implement handle() method with $event->user object

class EventServiceProvider extends ServiceProvider
{
    protected $listen = [
        Registered::class => [
            SendEmailVerificationNotification::class,

            // You can add any Listener class here
            // With handle() method inside of that class
        ],
    ];

Did you know about Auth::once()?

You can login with user only for ONE REQUEST, using method Auth::once().
No sessions or cookies will be utilized, which means this method may be helpful when building a stateless API.

if (Auth::once($credentials)) {
    //
}

Change API Token on users password update

It's convenient to change the user's API Token when its password changes.

Model:

public function setPasswordAttribute($value)
{
    $this->attributes['password'] = $value;
    $this->attributes['api_token'] = Str::random(100);
}

Override Permissions for Super Admin

If you've defined your Gates but want to override all permissions for SUPER ADMIN user, to give that superadmin ALL permissions, you can intercept gates with Gate::before() statement, in AuthServiceProvider.php file.

// Intercept any Gate and check if it's super admin
Gate::before(function($user, $ability) {
    if ($user->is_super_admin == 1) {
        return true;
    }
});

// Or if you use some permissions package...
Gate::before(function($user, $ability) {
    if ($user->hasPermission('root')) {
        return true;
    }
});