WEB DEVELOPER SITE
TUTORIALS HTMLCSSJAVASCRIPTSQLPHPBOOTSTRAPJQUERYANGULARXML
 

Laravel - Authorization


In this chapter the authorization process in Laravel.

Difference between Authentication and Authorization

There are following difference between authentication and authorization.

authorization

it verifies their rights and permissions over the requested and defined resources. If the authenticated users, can access the resources as defined, it means that they are authorized.

authorization it verifies their rights and permissions over the requested and defined resources. If the authenticated users, can access the resources as defined, it means that they are authorized.

Authorization Mechanism in Laravel

Laravel provides a simple mechanism for authorization that contains two primary ways, namely Gates and Policies.

Writing Gates and Policies

Gates are used to determine if a user is authorized to perform a specified action. They are typically defined in App/Providers/AuthServiceProvider.php using Gate facade. The following lines of code explain you how to use Gates and Policies for authorizing a user in a Laravel web application. Note that in this example, the boot function is used for authorizing the users.
<?php

namespace App\Providers;

use Illuminate\Contracts\Auth\Access\Gate as GateContract;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;

class AuthServiceProvider extends ServiceProvider{
   /**
      * The policy mappings for the application.
      *
      * @var array
   */
   
   protected $policies = [
      'App\Model' => 'App\Policies\ModelPolicy',
   ];
   
   /**
      * Register any application authentication / authorization services.
      *
      * @param \Illuminate\Contracts\Auth\Access\Gate $gate
      * @return void
   */
   
   public function boot(GateContract $gate){
      $this->registerPolicies($gate);
      //
   }
}