2 years ago

Temporarily lock a user into a certain route

Posted 2 years ago by edgreenberg

When a user is required to change his password or his security questions, I can redirect him in the LoginController (Laravel 5.3) but he can enter another URL and escape the requirement. What would be a good way to block this escape. I was thinking of a middleware, but the middleware would have to have something to check... Either a field in the user table or a variable in the session.

Before I re-invent the wheel, has anybody done this?


Ed G

Please sign in or create an account to participate in this conversation.