We've retired the forum in favor of GitHub Discussions.

New conversations can be started on GitHub. Existing conversations will remain for a while longer.

Head over to GitHub →

Laravel Route Authorization Using Statamic Permissions

Brian Seymour October 9, 2020 by Brian Seymour

Good Morning! I am considering dropping Statamic into an existing Laravel app. However, it isn't clear to me how to check if a Statamic user has a group in routes/web.php to protect access to a custom route.

The equivalent in Antlers templates is something like:

{{ user }}
    {{ if in_admins }}
        <!-- HTML displayed if true --> 
    {{ /if }}
{{ /user }}

Is there existing Middleware (or Gates or Policies) defined that we can use to protect our custom routes?

For example:

    Route::get('things', [
            'uses'       => '[email protected]',
            'as'         => 'things.index',
            'middleware' => 'can:statamic-governed-check'
            // e.g.         'in-group:admins' (the Statamic Admins Group)

How would you approach this? Thank you for the help!

>>>>>>> Unanswered <<<<<<<
4 Replies