Download the PHP package spatie/laravel-authorize without Composer
On this page you can find all versions of the php package spatie/laravel-authorize. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download spatie/laravel-authorize
More information about spatie/laravel-authorize
Files in spatie/laravel-authorize
Package laravel-authorize
Short Description A middleware to check authorization
License MIT
Homepage https://github.com/spatie/laravel-authorize
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package laravel-authorize
A middleware to check authorization
This package provides a route middleware to protect routes from unauthorized access. It hooks into the authorization features that were introduced in Laravel 5.1.11.
Protecting a route can be done by adding middleware to it:
Of course this middleware can also be applied to a bunch of routes:
Furthermore the middleware can use route model binding:
Spatie is a webdesign agency in Antwerp, Belgium. You'll find an overview of all our open source projects on our website.
Support us
We invest a lot of resources into creating best in class open source packages. You can support us by buying one of our paid products.
We highly appreciate you sending us a postcard from your hometown, mentioning which of our package(s) you are using. You'll find our address on our contact page. We publish all received postcards on our virtual postcard wall.
Postcardware
You're free to use this package (it's MIT-licensed), but if it makes it to your production environment you are required to send us a postcard from your hometown, mentioning which of our package(s) you are using.
Our address is: Spatie, Kruikstraat 22, 2018 Antwerp, Belgium.
The best postcards will get published on the open source page on our website.
Do not use in Laravel 5.2.28 and up
Laravel 5.2.28 or higher contain the middleware this package provides out of the box. There's no need do install this package in those versions of Laravel.
Install
You can install the package via composer:
Next, you must install the service provider:
Next, the \Spatie\Authorize\Middleware\Authorize::class-middleware must be registered in the kernel:
Naming the middleware can is just a suggestion. You can give it any name you'd like.
The authorize-middleware includes all functionality provided by the standard auth-middleware. So you could
also opt to replace the App\Http\Middleware\Authenticate-middleware by Spatie\Authorize\Middleware\Authorize:
You can publish the config-file with:
This is the contents of the published config file:
Usage
Checking authentication
When the middleware is used without any parameters at all, it will only allow logged in users to use the route.
If you plan on using the middleware like this I recommend that you replace the standard auth-middleware with the one
provided by this package.
Checking authorization
The middleware accepts the name of an ability you have defined as the first parameter:
Using form model binding
Image you've set up an ability like this:
The middleware accepts the name of a bound model as the second parameter.
Behind the scene the middleware will pass the model bound that is bound to the round to
the defined update-post-ability.
What happens with unauthorized requests?
Default behaviour
This is the default behaviour defined in the middleware.
So guests will get redirected to the default login page, logged in users will get a response
with status HTTP_UNAUTHORIZED aka 401.
Custom behaviour
To customize the default behaviour you can easily extend the default middleware and
override the handleUnauthorizedRequest-method. Don't forget to register your class at the kernel.
If you would like to let all unauthorized users know that you are actually a teapot you can do so.
In the kernel:
Change log
Please see CHANGELOG for more information what has changed recently.
Testing
This package contains integration tests that are powered by orchestral/testbench.
You can run all tests with:
Contributing
Please see CONTRIBUTING for details.
Security
If you've found a bug regarding security please mail [email protected] instead of using the issue tracker.
Credits
- Freek Van der Herten
- All Contributors
A big thank you to Joseph Silber for all the excellent feedback he gave while this package was being created.
About Spatie
Spatie is webdesign agency in Antwerp, Belgium. You'll find an overview of all our open source projects on our website.
License
The MIT License (MIT). Please see License File for more information.
All versions of laravel-authorize with dependencies
laravel/framework Version ~5.1.11|~5.2.0
illuminate/contracts Version ~5.1.11|~5.2.0