3 years ago

Authenticating users to allow edit/update their own profile

Posted 3 years ago by liquidsword

Hello! This is my first time using Laravel or any MVC framework, so bear with me. For my application, I want users to edit only their own profile. So far, I'm importing the Illuminate\Support\Facades\Auth; into my controller. I check for the authenticated username that is signed in and compare with the username profile they want to edit. If user tries to edit a page that is not their own they are redirected to a 404 page. Below is some sample code in the controller.



namespace App\Http\Controllers;
// more uses...
use Illuminate\Support\Facades\Auth; // Importing Auth Session

class PublicUserController extends Controller
    // ... Other Functions
    public function editUser($username)
        $user = User::where('username', '=', $username)->first(); // slug for user profile
        // If the profile is not the user logged in.
        if (strcasecmp(Auth::user() -> username, $username) == 0) {
            return view('public.users.edit')->with('user', $user);
        } else {
            return redirect()->route('error.404');
    // ... More functions

Is this an acceptable method/practice? Thanks!

Please sign in or create an account to participate in this conversation.