General
We use middlewares to restrict access to certain parts of the NMS.
To secure routes, two types of middlewares are used - the "web" and the "can" middleware to address the authentication topic. This is recommend from L5.See . Both are provided by Laravel. If you want to learn more about these middlewares, please look into the official Laravel documentation.
With php artisan route:list command table field middleware, you get a table with all the routing information as well as a column Middleware:
| Code Block | ||
|---|---|---|
| ||
[nmsprime@nmsprime-demo nmsprime]$ php artisan route:list +--------+----------+----------------------------------------------------------+--------------------------------------+-----------------------------------------------------------------------------------------+--------+----------------------------------------------+ | Domain | Method | URI | Name | Action | Middleware | Middleware | +--------+----------+----------------------------------------------------------+--------------------------------------+-----------------------------------------------------------------------------------------+-----------------------------------------+-------------+ ... | | | POST GET|HEAD | admin/Contract | Contract.storeindex | Modules\ProvBase\Http\Controllers\ContractController@storeContractController@index | auth:create web,can:view,Modules\ProvBase\Entities\Contract | | | | POST | GET|HEAD | admin/Contract | Contract.indexstore | Modules\ProvBase\Http\Controllers\ContractController@index\ContractController@store | web,can:create,Modules\ProvBase\Entities\Contract | | | GET|HEAD | admin/Contract/autocomplete/{column} | Contract.autocomplete | auth:viewModules\ProvBase\Http\Controllers\ContractController@autocomplete_ajax | web,can:view,Modules\ProvBase\Entities\Contract | | POST | GET|HEAD | admin/Contract/create | Contract.create | Modules\ProvBase\Http\Controllers\ContractController@create | authweb,can:create,Modules\ProvBase\Entities\Contract | | | | POST | GET|HEAD | admin/Contract/create | Contract.create | Modules\ProvBase\Http\Controllers\ContractController@create | authweb,can:create,Modules\ProvBase\Entities\Contract | | | GET|HEAD | admin/Contract/datatables | Contract.data | Modules\ProvBase\Http\Controllers\ContractController@index_datatables_ajax | authweb,can:view,Modules\ProvBase\Entities\Contract | | | GET|HEAD | admin/Contract/dumpimport | Contract.dumpallimport | Modules\ProvBase\Http\Controllers\ContractController@dumpallContractController@import | web,can:create,Modules\ProvBase\Entities\Contract | | auth:view | POST | admin/Contract/import_parse | PATCH | admin/Contract/{Contract} | Contract.import_parse | Contract.updateModules\ProvBase\Http\Controllers\ContractController@import_parse | web,can:create,Modules\ProvBase\Http\Controllers\ContractController@updateEntities\Contract | | | POST | admin/Contract/import_process | Contract.import_process | auth:edit Modules\ProvBase\Http\Controllers\ContractController@import_process | web,can:create,Modules\ProvBase\Entities\Contract | | | PUT DELETE | admin/Contract/{Contract} | Contract.destroyupdate | Modules\ProvBase\Http\Controllers\ContractController@destroy ContractController@update | auth:deleteweb,can:update,Modules\ProvBase\Entities\Contract | | | PUT GET|HEAD | admin/Contract/{Contract} | Contract.updateedit | Modules\ProvBase\Http\Controllers\ContractController@updateContractController@edit | auth:editweb,can:view,Modules\ProvBase\Entities\Contract | | | | DELETE | GET|HEAD | admin/Contract/{Contract}/dump | Contract.dumpdestroy | Modules\ProvBase\Http\Controllers\ContractController@destroy | web,can:delete,Modules\ProvBase\Http\Controllers\ContractController@dumpEntities\Contract | | | PATCH | admin/Contract/{Contract} | Contract.update | auth:view Modules\ProvBase\Http\Controllers\ContractController@update | web,can:update,Modules\ProvBase\Entities\Contract | | | GET|HEAD | admin/Contract/{Contract}/editlog | Contract.editguilog | Modules\ProvBaseApp\Http\Controllers\ContractController@editGuiLogController@filter | auth:view | web,can:view,Modules\ProvBase\Entities\Contract | ... |
Workflows
Middleware Authentication checking
...