1 year ago

Migrating from authentication in middleware to model policies

Posted 1 year ago by bobmurdoch

Up until now I've largely ignored gates/policies due to working in older versions of Laravel. My authorization typically was defined by middleware that checked for user permissions.

I see the value in tying policies to the model directly, but it leaves me with one question where I'm not sure the best direction to take.

A lot of my application consists of jobs pushed on the queue which previously need not be concerned with middleware since they didn't touch controllers.

If I move to using model policies, right now my application would be running these queue jobs without a user and would all fail.

So far, the best plan I can see is having a system user account that has all of the proper permissions and simply adding a Auth::login($systemUser); to the start of those jobs.

Anyone have any thoughts or different approaches on this?


Please sign in or create an account to participate in this conversation.