mahesh
/
laravel-backpack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
0 Tags
32 MiB
 
 
 
 
 
 
Tag: Branch: Tree: main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
laravel-backpack/app/Http/Middleware/CheckIfAdmin.php

70 lines
2.0 KiB
Raw Permalink Blame History

<?php
namespace App\Http\Middleware;
use Backpack\CRUD\app\Http\Middleware\AuthenticateSession;
use Closure;
class CheckIfAdmin
{
/**
* Checked that the logged in user is an administrator.
*
* --------------
* VERY IMPORTANT
* --------------
* If you have both regular users and admins inside the same table, change
* the contents of this method to check that the logged in user
* is an admin, and not a regular user.
*
* Additionally, in Laravel 7+, you should change app/Providers/RouteServiceProvider::HOME
* which defines the route where a logged in user (but not admin) gets redirected
* when trying to access an admin route. By default it's '/home' but Backpack
* does not have a '/home' route, use something you've built for your users
* (again - users, not admins).
*
* @param \Illuminate\Contracts\Auth\Authenticatable|null $user
* @return bool
*/
private function checkIfUserIsAdmin($user)
{
// return ($user->is_admin == 1);
return true;
}
/**
* Answer to unauthorized access request.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
*/
private function respondToUnauthorizedRequest($request)
{
if ($request->ajax() || $request->wantsJson()) {
return response(trans('backpack::base.unauthorized'), 401);
} else {
return redirect()->guest(backpack_url('login'));
}
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (backpack_auth()->guest()) {
return $this->respondToUnauthorizedRequest($request);
}
if (! $this->checkIfUserIsAdmin(backpack_user())) {
return $this->respondToUnauthorizedRequest($request);
}
return $next($request);
}
}