Please enable JavaScript.
Coggle requires JavaScript to display documents.
[L] Authentication & Authorization - Coggle Diagram
[L] Authentication & Authorization
authentication fundamentals
guards
contains
driver
types
custom
api
session
"how it is authenticated"
provider
"what is being authenticated"
contains
driver
model
eloquent
fetch authenticated model
example
auth()->user
example
upon calling auth()->user
authorization fundamentals
policies
important
must be registered at
AuthServiceProvider
schema
model => policy
allows for
user->can('methodName', param1, param2, ...)
i.e
Post::class => PostPolicy::class
groups authorization logic
methods
checking
return
true
false
Response::allow()
Response::deny("message")
tips
type-hint parameters
authorizing
via middleware
})->middleware('can:update,post');
via user model
$request->user->can('update', course);
$request->user->cannot('update', page)