webfuelcode's avatar

How to authenticate owner only to view profile editing page

I am trying to redirect the member to their editing page whenever they try to visit others.

Suppose Rick tries to visit Jack's profile editing page, he must redirect to his own editing page.

localhost/profile/edit/rick and similarly Jack would have his own link like this localhost/profile/edit/jack If Rick tries to visit the page localhost/profile/edit/jack he must redirect to localhost/profile/edit/rick

This is controller here

    public function edit(User $user)
    {
        // If statement would be here
        $user = User::find($user->id);
        return view( 'profile.editprofile', compact('user') );
    }

Basically I am trying to stop other members to edit the page. In my app, I see anyone can visit and edit the profile page for them.

Please tell me how to write if a statement in the controller...

0 likes
4 replies
Mubeenali's avatar

Just write your route inside the auth middleware..will solve this.

Mubeenali's avatar
Route::middleware('auth',function(){
//only-authenticated-users
Route::get('edit/form/{id}','ProfileController@edit');



});
webfuelcode's avatar

@mubeenali Is it the same if I do like this...

Route::get('edit/form/{id}','ProfileCOntroller@edit')->middleware('auth');

Please or to participate in this conversation.