Closed adedejiibrahim7 closed 2 years ago
Unfortunately, it doesn't work with multiple guards. The UserCanManageBlogPosts middleware only uses the default auth guard.
class UserCanManageBlogPosts
{
/**
* Show 401 error if \Auth::user()->canManageBinshopsBlogPosts() == false
* @param $request
* @param Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (!\Auth::check()) {
abort(401,"User not authorised to manage blog posts: You are not logged in");
return redirect('/login');
}
if (!\Auth::user()->canManageBinshopsBlogPosts()) {
abort(401,"User not authorised to manage blog posts: Your account is not authorised to edit blog posts");
}
return $next($request);
}
}
I also use multiple guards. That's what I did as below: Changed Auth::user() to Auth::guard('admin')->user().
I installed the package and setup everything as required. The frontend url - /en/blog returns 404. I also changed 'user_model' in the binshopsblog.php file to my admin model and added the method necessary to the model. Attempts to access the blog admin returns 401 unauthorised, even when I have an admin logged in already