Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Laravel - Include assets on Middleware Auth

Inside my app, exist a route group called admin, any route inside this group call two resources: public/css/admin.css and public/js/admin.js, but any unauthenticated user has access to these files. How can I include these files inside the Auth Middleware?

My admin routes:

Route::group(['prefix' => 'admin', 'middleware' => ['auth']], function () {
    Route::get('/', 'Admin\IndexController@index')->name('panel');

    Route::group(['prefix' => 'users'], function() {});

    Route::group(['prefix' => 'settings'], function() {});

    Route::fallback('Admin\ExceptionController@exception');
});

My resources links:

http://localhost:3000/css/admin.css
http://localhost:3000/js/admin.js

My resources links should be:

http://localhost:3000/admin/css/admin.css
http://localhost:3000/admin/js/admin.js

If I just create the folder admin inside the public folder I just got a 403 error...

What can I do about it?

like image 619
Caio Kawasaki Avatar asked Feb 21 '18 00:02

Caio Kawasaki


1 Answers

I suppose you are using it because you don't want unauthenticated users to know the contents of these css/js files. You shouldn't have any sensitive information in your css/js files, so there is no problem on serving them.

Otherwise, if you want to limit access to a file you should make the file download through PHP. For example you could have the file outside you public folder and make it conditional downloadable through a method that gets file contents and serves for download.

You should can make that public admin folder though, check file permissions and file ownership.

like image 158
vpedrosa Avatar answered Sep 28 '22 10:09

vpedrosa