AO-IO
117
18
Laravel

Protect user settings from being access by other users

Posted 2 months ago by AO-IO

Hello,

I made this middleware to protect "user settings " from being access by other auth users.

   public function handle($request, Closure $next)
    {
         if ($request->slug != auth()->user()->slug) {
            return redirect()->to('/');
        }
        return $next($request);
    }

And I'm using vueJs to update the profile

I managed to get the slug to pass it to my url :

Route::put('/profile/{slug}','[email protected]');
  axios.put(`/api/profile/${this.data}`)

I used props to get my slug.

so the problem is when I ever use this route it says 401 or 500 error in the console:.

am I doing this wrong?

how I can solve this problem so VUEJS can match the request URL with the auth user (Like in the middleware)?

Please sign in or create an account to participate in this conversation.

Laracasts Mascot

Hi, Have We Met Yet?

Did you know that, in addition to the forum, Laracasts includes well over 1000 lessons on modern web development? All for the price of one lunch out per month.

Sign Me Up

Channels

Reply to

Use Markdown with GitHub-flavored code blocks.