Laravel use auth()->user() for api

php laravel laravel-authorization
Patrick Schocke picture Patrick Schocke · Nov 2, 2018 · Viewed 7.6k times · Source

I have a lot of functions that perform actions based of the permissions of the user. For the web, everything works fine. But I am slowly changing to more ajax and less reloading the page. However, I am not able to use my functions in my api controllers because I perform the check for the permission with 

auth()->user()->...

Is there a change to use this also for my api controller? I know that I can acess the user model with $request->user, but if this is the only chance, I think I have to copy all my functions, one for web and one for api. Is there any other change to rewrite my functions that they can be performed form both, web and api controller?

Answer

John Halsey picture John Halsey · Nov 2, 2018

I think as long as you still use the 'auth:api' middleware on your api routes, you should be able to use the auth()->user() helper.

UPDATE

The auth:api middleware comes with Laravel Passport if you're using that (which I recommend).

https://laravel.com/docs/5.7/passport#protecting-routes

Related questions

Laravel 5.2: Auth::logout() is not working

I'm building a very simple app in Laravel 5.2, but when using AuthController's action to log out, it just simply doesn't work. I have a nav bar which checks for Auth::check() and it doesn't change after calling the log out …

Read More
How laravel `Auth:user()` or `Auth:id()` works

How laravel Auth:user() or Auth:id() works Is it resides in session or database. I searched but not get good article. Please help to understand. I know I will get many down-votes ;)

Read More
Laravel blade @can policy - string

I am using Laravel 5.2. So I'm learning about how to deal with roles and permissions Authorization. Everything runs fine. I even made my own policy PostPolicy. And now to the problem. I load the $post data into the view in …

Read More