How to integrate role based permission in Laravel with Dingo API?

Question

I'm currently studying Laravel framework and dingo api. Is there any way to integrate the role based permission using entrust to dingo api?

So for example, I have a route to get all the list of users, but only admin can access this.

So if the user is authenticated, but he's not an admin, he can't access this route.

I tried adding the middleware of entrust to the routes.php but when I tried it on postman, I get a syntax error.

here's my routes.php file:

$api->version('v1', ['middleware' => ['jwt.auth', 'role:admin']], function ($api) {
    $api->get('users', 'App\Http\Controllers\Auth\AuthController@index');
    $api->get('user', 'App\Http\Controllers\Auth\AuthController@show');
});

this link will help you to implement the roles https://github.com/karoys/laravel-native-roles-auth — Kalidass, Jul 05 '17 at 10:23

score 0 · Answer 1 · answered Jul 22 '17 at 09:57

You can group this into different parts as this:

$api->version('v1', ['middleware' => 'jwt.auth'], function ($api) {
//general routes route goes here
//....
    $api->group(['middleware' => 'role:admin'], function($api) {
    //admin routes goes here

        $api->get('users', 'App\Http\Controllers\Auth\AuthController@index');
        $api->get('user', 'App\Http\Controllers\Auth\AuthController@show');
    });
});

This means even though the user is authenticated, the two routes in the new group can only be accessed by the admins.

I hope this is helpful.

How to integrate role based permission in Laravel with Dingo API?

1 Answers1