When I started Laravel, it was because initially we were going with ASP.NET MVC but due to some library restrictions we had to change it to Php based. One of the many things I like about ASP.NET MVC was attributes, where you could ask your controller that see this method I want you to process it but only if this user is authorized. Once we started in Laravel we realized that we need some similar mechanism of checking that user is authenticated before processing that logic. Pretty trivial , after that it is done in pretty much every application. You only handle request if the user is who he/she claims. Basically it is checking if the user is authorized by function call ,checking if user is authorized and if he is authorized then process the logic else return to login page. But this has two issues. First it is monotonous to copy and paste this code. But having monotonous code is not much of an issue as copy and paste does,why what if one day you decide to refactor your login checking code , then you would have to look and search all those classes and methods. If this doesn’t raises red flags, I am sorry nuking the world may be the only thing left for us.
Laravel handles authorization via Middleware . Middleware checks business logic and if it works then it allows
Leave a Reply