Download the PHP package laravelplus/fortress without Composer
On this page you can find all versions of the php package laravelplus/fortress. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download laravelplus/fortress
More information about laravelplus/fortress
Files in laravelplus/fortress
Package fortress
Short Description Fortress is a powerful Laravel package designed to streamline and enhance attribute-based authorization through middleware. It acts as the ultimate security gatekeeper for your application, ensuring that only the right users with the correct attributes gain access to specific resources.
License MIT
Homepage https://github.com/laravelplus/fortress
Informations about the package fortress
LaravelPlus Fortress
Fortress is a powerful Laravel package designed to streamline attribute-based authorization. By leveraging the #[Authorize]
attribute, it provides a declarative and clean approach to securing your Laravel application. Whether managing roles, permissions, gates, or ownership rules, Fortress ensures security is flexible, robust, and easy to implement.
Key Features
- Attribute-Based Authorization: Use
#[Authorize]
attributes for roles, permissions, gates, and ownership checks. - Simplifies Middleware Logic: Declarative syntax removes clutter from middleware, keeping it clean and readable.
- Ownership Validation: Validate ownership with configurable keys and default behaviors.
- Laravel 11 Support: Fully compatible with Laravel 11 and follows PSR standards.
- Customizable Configuration: Flexible configuration for roles, permissions, gates, and ownership rules.
Installation
You can install the package via Composer:
Configuration
Append Middleware where you need it:
To publish the configuration file, run:
The configuration file will be published at config/fortress.php
. Customize default values for ownership keys, gates, and more.
Usage
Applying the #[Authorize]
Attribute
Add the #[Authorize]
attribute to your controller methods to enforce authorization:
How It Works
- Roles: Ensures the user has one of the specified roles (
admin
oreditor
). - Permissions: Validates the user has
create
orupdate
permissions. - Ownership: Checks if the authenticated user is the owner of the
Post
model by comparingauthor_id
with the user'sid
.
Example Scenarios
Example 1: Public Endpoint
Allow unauthenticated users to access a method:
Example 2: Role and Permission Validation
Restrict access based on roles and permissions:
Example 3: Ownership Validation
Restrict access to resources owned by the authenticated user:
Example 4: Gate Validation
Use Laravel gates to control access:
Testing
To run the package's test suite:
Example output:
Changelog
See the CHANGELOG for details about recent changes.
Contributing
Contributions are welcome! Please see the CONTRIBUTING file for details on how to contribute.
Security
If you discover any security-related issues, please email [email protected] instead of using the issue tracker.
Credits
- Author: Nejcc
- Contributors: All Contributors
License
This package is licensed under the MIT License. See the LICENSE file for details.
Download
You can download the package here:
Packagist - Laravel Fortress