Question 15484 in Laravel Question posted in
The official Laravel Documentation can be found here.

How to retrieve limited records if the user is not logged in and all records if the user is logged in in Laravel?

I have a Laravel route that I want to handle differently depending on whether the user is logged in or not. If the user is not logged in, I want to retrieve only 5 records (limit 5) in the controller. If the user is logged in, I want to retrieve all the records.

Here is my current route:

Route::get('/test', 'TestApiController@index');

When I set middleware(‘auth:sanctum’) for my Route, the response will be 401 Unauthorized, but I want to get limited records for this situation instead. How can I modify the route and the controller to achieve this? Also, how do I check if the user is logged in?

Here is my current controller code:

class TestApiController extends Controller
{
    public function index()
    {
        if (auth()->check()) {
            $data = Test::all();
        } else {
            $data = Test::limit(5)->get();
        }
        return response()->json($data);
    }
}

I think I need to get the authentication parameter from the request header to check if the user is logged in:

$request->header('Authorization')

How can I modify my code to achieve the desired functionality? Thank you.

I try when or middlewareIf and middleware(function ($request, $next),

but they are not working..

Tags:

2

Answers


  1. 0

    Looks like you are mixing some concepts there.

    Your route looks like an API route, which uses ‘api’ guard instead of web. When you call for auth()->check() its getting the ‘web’ guard.

    Knowing this, your controller should look like this:

    class TestApiController extends Controller
{
    public function index()
    {
        if (auth('api')->check()) {
            $data = Test::all();
        } else {
            $data = Test::limit(5)->get();
        }
        return response()->json($data);
    }
}

    You can read more in the Laravel authentication documentation.

    Login or Signup to reply.
  2. 0

    I noticed that your code is authorized by Sanctum

    Route:

    //Note: Without middleware('auth:sanctum')
Route::get('/test', 'TestApiController@index');

    Controller:

    Solution #1:

    class TestApiController extends Controller
{
    public function index()
    {

        $token = $request->bearerToken();
        $personalAccessToken = LaravelSanctumPersonalAccessToken::findToken($token);

       if( $personalAccessToken ) {
              // 'logged in'
              // Access to user information
              // $user = $personalAccessToken->tokenable;

               $data = Test::all();
           } else {
               // 'Not logged in'
               $data = Test::limit(5)->get();
        }
        return response()->json($data);
    }
}

    Solution #2:

    class TestApiController extends Controller
{
    public function index()
    {
        if (Auth::guard('sanctum')->check()) {
            // 'logged in'
            $data = Test::all();
        } else {
            // 'Not logged in'
            $data = Test::limit(5)->get();
        }
        return response()->json($data);
    }
}
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search