Level 75
Via a gate or using policies. And protect route with Auth middleware.
Mar 5, 2021
9
Level 1
How to protect register route and view in Jestream for guest
Hello,
I need to protect the register view and route to just logged user can register a new user.
How do I do that in jetstream?
Thank you all.
Level 80
@felipesmendes How on earth does that work? If you’re logged in, why would you be registering again?
Level 1
Its not registering again, its registering another user.
Level 75
@martinbean in some companies, an admin registers (enters) a new user.
Level 1
Exacly! Taking advantage, could you give me an example of code using gate or police?
Level 80
in some companies, an admin registers (enters) a new user.
@jlrdw and in those companies, there’ll be an admin panel to manage users.
Exacly! Taking advantage, could you give me an example of code using gate or police?
@felipesmendes Then create a user controller in your admin panel instead of (wrongly) trying to reappropriate the register route.
If an admin can create other users, then you’re probably also going to want routes to list, edit, and delete users too. You’re not going to get that with just a register endpoint.
Level 75
@felipesmendes again just put that in Auth
Route::middleware(['auth'])->group(function () {
in here
});
Level 1
Right, but in my file of routes (web.php) there is no route for register...
<?php
use App\Http\Controllers\CategoriasController;
use App\Http\Controllers\DespesasController;
use App\Http\Controllers\FornecedoresController;
use App\Http\Controllers\TiposController;
use Illuminate\Support\Facades\Route;
/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| contains the "web" middleware group. Now create something great!
|
*/
Route::get('/', function () {
return redirect('login');
});
Route::middleware(['auth:sanctum', 'verified'])->group(function () {
Route::get('/dashboard', function () {
return view('dashboard');
})->name('dashboard');
Route::resource('tipos', TiposController::class);
Route::resource('categorias', CategoriasController::class);
Route::resource('fornecedores', FornecedoresController::class);
Route::resource('despesas', DespesasController::class);
});
Level 75
Reread documentation, publish everything so you have full control:
See some of the videos in this series all is explained:
https://laracasts.com/series/laravel-authentication-options
edit
From docs:
Fortify Features
The fortify configuration file contains a features configuration array. This array defines which backend routes / features Fortify will expose by default. If you are not using Fortify in combination with Laravel Jetstream, we recommend that you only enable the following features, which are the basic authentication features provided by most Laravel applications:
'features' => [
Features::registration(),
Features::resetPasswords(),
Features::emailVerification(),
],
So in features turn off registration, and custom write the logic as needed for an admin (or who ever) to enter the new user.
But if you explore the code a little, you will see what needs to be done.
But the chapter on fortify should clarify all of this:
The above is after you publish:
php artisan vendor:publish --provider="Laravel\Fortify\FortifyServiceProvider"
Please or to participate in this conversation.