This episode is for members only

Sign up to access "Laravel Subscriptions" right now.

Get started
Already a member? Sign in to continue
Playing
12. Protecting routes

Transcript

00:00
So time to do something a bit more useful and let's go ahead and create a protected area where only people who are subscribed can access. And by the end of this episode, once you've created this middleware, you can apply this to any of the routes or actions in your application to stop people who do not have a subscription performing an action.
00:21
OK, so just before we do this, I'm going to do this quite frequently. We're going to go ahead and clear out these subscriptions and subscriptions items table. And let's go over and create out a little menu item that links through to a page. OK, so we're going to create out a controller here.
00:38
Let's call this protected controller. So protected controller. And we'll go ahead and register out a route for this, which at least for now, anyone will be able to access. So let's go ahead and call this protected.
00:52
We'll switch this out to the protected controller that we've just created and we will call this protected. OK, over to the protected controller. Once again, let's go ahead and create out an index method here and let's go ahead and return a view here just called protected. And let's create that view out as well.
01:12
So make view and we'll just call that protected. OK, that's reserved by PHP. So let's go ahead and just create a folder with protected and an index page inside of here and link that up. OK, so let's grab the dashboard page, copy that over to that new protected index page that we have just created.
01:32
And we will say. Protected and just say you can only access this page with a subscription. OK, so over to our navigation, let's go ahead and add in another link in here and we should be just about done. OK, let's hook this up to protected.
01:52
We'll do the same for here as well. And let's change around the text in here to protected. Great. So we should now be able to click on this. The only trouble is at the moment we do not have a subscription.
02:05
So what we want to do is create out some middleware, which we can apply to any of our routes to stop users accessing these routes if they don't have a subscription. So let's go and create this middleware out and we'll fill this in and see how we need to handle it. So let's create this middleware in here and let's call this redirect if not subscribed. So redirect the user off somewhere if they don't have a subscription.
02:30
Once we've created that middleware, you'll find this over in the app folder under HTTP and middleware. Let's open this up and let's just do something in here. So let's return and we'll redirect the user to the plans page. So we're not actually doing anything useful at the moment.
02:48
We're just going to redirect the user. OK, so now that we've done that over in our web routes, we can apply this middleware directly to this route. So let's choose the middleware option and let's go ahead and new up or just pass in redirect if not subscribed and the fully qualified class name. OK, so now when we try and access protected, you can see we're redirected over to plans.
03:11
We just need to wrap this in an if statement now, so it makes a little bit more sense. So over in this middleware, we already know how to check if a user does have a subscription and this will be a valid subscription, even if they have cancelled it and it's due to end at the end of their billing period. So let's go ahead and create an if statement here and we will check if from the request, which we get in middleware anyway, the user is subscribed.
03:38
Now, we obviously want to check if they are not subscribed. So if they're not subscribed at this point, pass them over to plans. Otherwise, let them go on to the next request. OK, let's try this out.
03:49
So I'm going to go over to the protected area. I don't have a subscription at the moment, so let's go ahead and purchase a subscription. So again, I'm just going to fill in all of these details. And once we've done this and we are redirected back after we make a payment, we should be able to access that page.
04:05
So let's have a look and see what happens. OK, we're redirected back over to the dashboard that webhook in the background, as long as we've got exposed running, should have updated our account. Let's access the protected area. And there we go.
04:21
Now we have a subscription. We can access this page. So with this middleware, you can apply this to absolutely anywhere. So any pages that you want to protect, you just apply that middleware and then you're pretty sure that no one is going to be able to access it unless they're subscribed.
26 episodes2 hrs 38 mins

Overview

Learn to start accepting subscriptions with Laravel and build a solid foundation for your next application. In fact, it’s exactly how we do things here on Codecourse!

Even if you’re completely new to Laravel, by the end of this course you’ll have a platform where customers can purchase subscriptions and gain access to restricted areas of your application.

We’ll also cover managing subscriptions, cancellations, invoices, giving customers trial periods — and more.

Alex Garrett-Smith
Alex Garrett-Smith
Hey, I'm the founder of Codecourse!

Episode discussion

No comments, yet. Be the first!