colaba
1 week ago

Securing route used to populate a chart

Posted 1 week ago by colaba

Hi (disclaimer, I'm new to web application development - background is in data analytics - I'm trying to build an analytics application here)

I have a route set up to provide JSON data to a chart (I have lots, but will list one as an example). I am using AM charts, and have vue components for each chart that I want in the application.

Because the route is feeding the vue component, i wasn't sure how to secure the route. I have this registered as a GET on web.php.

Route::get('/buildings/summary','Dashboards\[email protected]');

What's the best way to lock this down so only logged in users can access this route? In a perfect world, I would probably want this for internal use only, i.e, the route cannot be accessed in a browser.

<?php
namespace App\Http\Controllers\Dashboards;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use DB;
class BuildingsController extends Controller
{
    public function index()
    {   
        return view('dashboards.buildings');
    }
    public function summary()
    {
        $summary_cd = 
        DB::table('building_analysis_summary')
        ->where('salesyear', '=', 2018)   
        ->orderBy('sales', 'desc') 
        ->take(10)
        ->get();
        return response()->json($summary_cd);
    }
}

Please sign in or create an account to participate in this conversation.