Authorization in Laravel: Can You Do That?
Рет қаралды 6,533
21 күн бұрынThere's another "auth" that Laravel makes incredibly easy out of the box: authorization. But just how is authentication and authorization different?
Let's take a look at Gates and Policies, when to use one over the other, and the basics of how you can check if a user is authorized to do something anywhere in your application.
**clarification: while you can use $this authorize() in a Livewire class, you will need to use Gate authorize() in a controller in Laravel 11
*note: there's a LOT of awesome helper functions and ways to check gates and policies that we didn't talk about. The docs are a great place to dive deeper.
Authorization Docs: laravel.com/docs/11.x/authori...
19 күн бұрын
I really love how we can say "actually there is something for that in Laravel" for almost anything a modern Web application needs. I'm using Laravel since version 3 and love every minute spent using it. Thank you all the developers and users making it better each day
@LaravelPHP 19 күн бұрын
Same here. It's easy to make beautiful applications. :) -Josh
@marekbee 19 күн бұрын
I am VIP -> very into PHP 🙌
@LaravelPHP 19 күн бұрын
😏
@habibullahiM 19 күн бұрын
@@LaravelPHP I just started with laravel and was wondering how he setup vscode and laravel
@reactoranime 18 күн бұрын
Would be nice to see some demos with: multiple user roles and separate role capabilities, and as an extra custom user capabilities. This definetely requires some tables like roles, capabilities and role_capabilities and user_capabilities.. but would be nice to see such implementation
@LaravelPHP 13 күн бұрын
That's good to know. It might be a good option for a separate video. Looking into how Laravel Jetstream uses these roles and permissions is a great start. :) -Josh
@kamleshpaul414 19 күн бұрын
great explanation 🎉
@LaravelPHP 13 күн бұрын
Thank you. I'm glad it helped. :) -Josh
@sandeepbhambre 19 күн бұрын
I think In laravel 11 projects, $this->authorize() would not work by default because the base controller doesn't have supporting traits.
@LaravelPHP 19 күн бұрын
Hey! You are correct. Great point. I should have clarified that the $this->authorize can work in a Livewire class but you'll use Gate::authorize in a controller. I'll add this clarification to the description. :) -Josh
@Lopoi 19 күн бұрын
Sometimes it`s nice to see a video like this to remind me of features of laravel that I forget exist
@LaravelPHP 13 күн бұрын
I love that. I forget about neat little helper functions and directives ALL the time. I'm glad we could help remind you of things. :) -Josh
@shubhamsahuSD 16 күн бұрын
I am starting to like yours this type of videos ❤
@LaravelPHP 13 күн бұрын
Well thank you. I'll try my best to keep it going. :) -Josh
@sigmund233 13 күн бұрын
What's your opinion on using something like spatie/laravel-permission? It is my go to since I prefer role/permissions than Gates or Policies
@LaravelPHP 13 күн бұрын
I think that's a great way to build on top of what Laravel already offers, especially if you have unique or specific use-cases. But USUALLY, a package like laravel-permission is going to be used in conjunction with policies in any application. So it's helpful to know both. :) -Josh
@safalpiya2903 19 күн бұрын
Thanks for the great content! By the way I'm using laravel as API with a React SPA without Inertia. What would be a good way to check if a user is authorized to do something inside the react app similar to @can('alert-users' ) directive inside blade files?
@iapv 19 күн бұрын
Are you using sanctum? If you are, do exactly as the video says except return a json response instead of Inertia::render(). In the frontend, you can fetch the json data as can["alert-user"]. Of course, make sure the user authenticated first. One of the tricky parts of sanctum is setting it up to validate csrfTokens. But there are tutorials for that if you're interested.
@LaravelPHP 13 күн бұрын
Just like @iapv mentioned, you would have to pass that "can" prop when fetching the user on the initial API request. Checking out how this happens in the NextJS Breeze implementation is a good start. -Josh
@vic_casanas 19 күн бұрын
Love your videos man 🤩
@LaravelPHP 19 күн бұрын
Thanks so much Vic. I appreciate it. :) -Josh
@srhanzd3022 19 күн бұрын
Thank you man ❤❤❤
@LaravelPHP 13 күн бұрын
Thank YOU. -Josh
@ifeanyinnaemego 19 күн бұрын
I hope am making the best career choice by sticking with Laravel
@LaravelPHP 19 күн бұрын
We think so. ☺️ -Josh
@ifeanyinnaemego 19 күн бұрын
@@LaravelPHP appreciate it
@EMMA-0310zz 16 күн бұрын
Can the future of laravel compete with NodeJS and .NET
@LaravelPHP 13 күн бұрын
We think so. But we are pretty biased. 😉 -Josh
@srhanzd3022 19 күн бұрын
Love laravel
@LaravelPHP 13 күн бұрын
Don't tell anybody, but I do too. -Josh
@srhanzd3022 19 күн бұрын
❤❤❤
@LaravelPHP 13 күн бұрын
🥰 -Josh
@yoanestradablanco1608 19 күн бұрын
Greet video
@LaravelPHP 19 күн бұрын
Thank you! :) -Josh
@Pekz00r 18 күн бұрын
I don't think you got the the initial explanation of authentication vs authorisation right. In that example authentication would be something like showing your ID to prove that you are you and maybe that you are the actual ticket holder if the tickets are personal. The ticket is authorisation and allows you to enter the venue as well as the specific areas. Great video otherwise.
@LaravelPHP 13 күн бұрын
Probably so! Good catch. It does break down a little bit. 😂 It would probably be less of having tickets and more about proving those tickets are yours, like you said. :) -Josh
@dev22221 19 күн бұрын
Only 3 of these are correct. Find out which.
@user-qd6hj2fn4w 13 күн бұрын
Зачем ему кепка нужна? ну ладно очки, это понятно, возможно проблема со зрением, но зачем ему кепка?..
@LaravelPHP 13 күн бұрын
Мне нравится, как это выглядит. Это весело. :) -Josh
@user-qd6hj2fn4w 13 күн бұрын
@@LaravelPHP я не хотел тронуть вас, просто стало интересно. У нас в России когда есть нужда, тогда одевают одежду, но чаще даже не одевают, я обычно задаю вопрос в России вопрос, на улице солнце светит, почему без кепки? Или когда на улице мороз, спрашиваю почему без шапки? 😅
Cosden Solutions
Рет қаралды 36 М.
Web Tech Knowledge
Рет қаралды 8 М.
SOFIADELMONSTRO
Рет қаралды 71 МЛН
AI ARUN KUMAR
Рет қаралды 85
LED Screen Factory-EagerLED
Рет қаралды 8 МЛН