How to implement permission-based dynamic routing and page jump in Laravel

Implementing permission-based dynamic routing and page jumps in Laravel can help us more flexibly control user access permissions and achieve more refined permission management. Below, the author will combine actual code examples to introduce in detail how to implement permission-based dynamic routing and page jumps in Laravel.

1. Basic Principle

Permission control in Laravel is usually implemented using middleware, and dynamic routing and page jumps based on permissions are also implemented through middleware . Specifically, we can add middleware when defining the route, and then use the middleware to determine whether the user has the permission to access the route. If not, the user will be redirected to the unauthorized access prompt page or other specified pages.

2. Implementation steps

(1) Create a route

First, we need to define the route that requires permission control in the route. When defining a route, you can use the middleware method to specify the middleware, as shown below:

Route::get('/admin/user/index', 'UserController@index')->middleware('permission:user-index');

Among them, 'permission:user-index' means using the middleware named permission for permission judgment. Here we specify the required permissions via 'user-index'. This 'user-index' can be defined as other permission names according to the actual situation.

(2) Create middleware

Next, we need to create middleware for permission judgment and page jump. In Laravel, you can use the php artisan make:middleware command to create middleware, as shown below:

php artisan make:middleware PermissionMiddleware

After execution is completed, the PermissionMiddleware.php file will be generated in the app/Http/Middleware directory.

(3) Write middleware logic

In the app/Http/Middleware/PermissionMiddleware.php file, we need to write the logic code of the middleware. In this example, we can use Laravel's Auth facade and combine it with our own permission system to determine whether the user has permission to access the route.

<?php

namespace AppHttpMiddleware;

use Closure;
use IlluminateSupportFacadesAuth;

class PermissionMiddleware
{
    public function handle($request, Closure $next, $permission)
    {
        // 获取当前用户
        $user = auth()->user();

        // 判断是否有权限访问
        if (!$user->can($permission)) {
            // 无权限访问，进行跳转
            abort(404);
        }

        // 有权限访问，继续执行
        return $next($request);
    }
}

The $permission parameter is the permission name passed in the route definition, which can be used to determine whether the current user has permission to access the route. If there is no permission, we can use the abort function to jump. Here, we use abort(404) to jump to the 404 page. You can also modify it according to the actual situation.

(4) Register middleware

Before using middleware, we need to register the middleware into the Laravel application. In the app/Http/Kernel.php file, you can find the $middlewareGroups property and the $routeMiddleware property. We can register middleware into these two properties separately.

Bind to the $middlewareGroups property:

'web' => [
    // ...
    AppHttpMiddlewarePermissionMiddleware::class,
],

Bind to the $routeMiddleware property:

'permission' => AppHttpMiddlewarePermissionMiddleware::class,

Here, we bind PermissionMiddleware to the 'web' middleware group, Indicates that the middleware will be executed in all web routing requests.

(5) Test

After completing the above steps, we can test. During this test, we can manually authorize the corresponding role in the database, and then access the relevant URL to observe whether we have access rights. I won’t go into details here.

3. Summary

Through the above steps, we can implement permission-based dynamic routing and page jump in Laravel. By using middleware, we can use our own permission system to flexibly control user access permissions and achieve more refined permission management.

The above is the detailed content of How to implement permission-based dynamic routing and page jump in Laravel. For more information, please follow other related articles on the PHP Chinese website!