Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


General

We use middlewares to restrict access to certain parts of the NMS.

To secure routes, two types of middlewares are used - the "web" and the "can" middleware to address the authentication topic. This is recommend from L5.See . Both are provided by Laravel. If you want to learn more about these middlewares, please look into the official Laravel documentation.

With php artisan route:list command table field middleware, you get a table with all the routing information as well as a column Middleware:


Code Block
titleauth middlewareGeneric Routes with Middleware
[schmto@mablx10nmsprime@nmsprime-demo laranmsprime]$ php artisan route:list
+--------+----------+----------------------------------------------------------+--------------------------------------+-----------------------------------------------------------------------------------------+----------------+--------------------------------------+
| Domain | Method   | URI                                                      | Name                                 | Action                                                                                  | Middleware  | Middleware										   |
+--------+----------+----------------------------------------------------------+--------------------------------------+-----------------------------------------------------------------------------------------+----------------------+--------------------------------+
...
| 		 |      GET|HEAD POST     | admin/Contract                                           | Contract.storeindex                       | Modules\ProvBase\Http\Controllers\ContractController@store  ContractController@index                              | auth:create web,can:view,Modules\ProvBase\Entities\Contract 	   |
|      |  |   POST   | GET|HEAD | admin/Contract                                           | Contract.indexstore                       | Modules\ProvBase\Http\Controllers\ContractController@index\ContractController@store                              | web,can:create,Modules\ProvBase\Entities\Contract    |
|        | GET|HEAD | admin/Contract/autocomplete/{column}                     | Contract.autocomplete                | auth:view Modules\ProvBase\Http\Controllers\ContractController@autocomplete_ajax                  | web,can:view,Modules\ProvBase\Entities\Contract      |
| POST       | GET|HEAD | admin/Contract/create                                    | Contract.create                      | Modules\ProvBase\Http\Controllers\ContractController@create                               | authweb,can:create,Modules\ProvBase\Entities\Contract    |
|      |  |  POST    | GET|HEAD | admin/Contract/create                                    | Contract.create                      | Modules\ProvBase\Http\Controllers\ContractController@create                               | authweb,can:create,Modules\ProvBase\Entities\Contract         |

|        | GET|HEAD | admin/Contract/datatables                                | Contract.data                        | Modules\ProvBase\Http\Controllers\ContractController@index_datatables_ajax                | authweb,can:view,Modules\ProvBase\Entities\Contract      |
     
|        | GET|HEAD | admin/Contract/dump  import                                    | Contract.dumpallimport                      | Modules\ProvBase\Http\Controllers\ContractController@dumpallContractController@import                              | auth:viewweb,can:create,Modules\ProvBase\Entities\Contract    |
|        | POST     |  | PATCHadmin/Contract/import_parse          | admin/Contract/{Contract}                   | Contract.import_parse                | Contract.update Modules\ProvBase\Http\Controllers\ContractController@import_parse                       | web,can:create,Modules\ProvBase\Http\Controllers\ContractController@updateEntities\Contract    |
|        | POST     | admin/Contract/import_process                            | Contract.import_process              | auth:edit Modules\ProvBase\Http\Controllers\ContractController@import_process                     | web,can:create,Modules\ProvBase\Entities\Contract    |
|        | DELETEPUT      | admin/Contract/{Contract}                                | Contract.destroyupdate                      | Modules\ProvBase\Http\Controllers\ContractController@destroy ContractController@update                             | auth:deleteweb,can:update,Modules\ProvBase\Entities\Contract          |
|        | PUT     GET|HEAD | admin/Contract/{Contract}                                | Contract.updateedit                        | Modules\ProvBase\Http\Controllers\ContractController@updateContractController@edit                               | auth:editweb,can:view,Modules\ProvBase\Entities\Contract      |
|      |  |     DELETE | GET|HEAD | admin/Contract/{Contract}/dump                                | Contract.dumpdestroy                     | Modules\ProvBase\Http\Controllers\ContractController@destroy                            | web,can:delete,Modules\ProvBase\Http\Controllers\ContractController@dump Entities\Contract    |
|        | PATCH    | admin/Contract/{Contract}                                | auth:view Contract.update                      | Modules\ProvBase\Http\Controllers\ContractController@update                             | web,can:update,Modules\ProvBase\Entities\Contract    |
|        | GET|HEAD | admin/Contract/{Contract}/editlog                            | Contract.editguilog                        | Modules\ProvBaseApp\Http\Controllers\ContractController@editGuiLogController@filter                                 | auth:view         | web,can:view,Modules\ProvBase\Entities\Contract      |
...


Workflows

...

Middleware Authentication checking

Drawio
bordertrue
viewerToolbartrue
fitWindowfalse
diagramNameauth-workflow2
simpleViewerfalse
width
diagramWidth1121
revision1


Login Workflow

Please take care that there are two AuthController's

The routes will define which one is used. This is normal L5 stuff – no magic.

Drawio
bordertrue
viewerToolbartrue
fitWindowfalse
diagramNamelogin-workflow
simpleViewerfalse
width
diagramWidth1831
revision1