How to protect admin routes
Forum rules
Always add your Laravel, Aimeos and PHP version as well as your environment (Linux/Mac/Win)
Spam and unrelated posts will be removed immediately!
Always add your Laravel, Aimeos and PHP version as well as your environment (Linux/Mac/Win)
Spam and unrelated posts will be removed immediately!
How to protect admin routes
I've added these lines to app/Http/routes.php:
But the admin board still opens up without authentication.
I'm on Laravel 5.1 and I've just followed the official instructions to install Aimeos : )
Code: Select all
Route::group(['middleware' => 'auth'], function() {
require base_path('vendor/aimeos/aimeos-laravel/src/routes.php');
});
I'm on Laravel 5.1 and I've just followed the official instructions to install Aimeos : )
Re: How to protect admin routes
That's a very good question!mr robot wrote: But the admin board still opens up without authentication.
Laravel offers the authentication middleware (you can add it in ./config/shop.php -> "routes" config) but it has no way to make a difference for user and admin authentication. This means that an authenticated customer can also access the admin interface.
Since Laravel 5.1.11 there's a authorization service available (http://laravel.com/docs/5.1/authorization) that might do the job but I don't have any experience with that yet. If you know how it works, please let us know
Professional support and custom implementation are available at Aimeos.com
If you like Aimeos, give us a star
If you like Aimeos, give us a star