The user under test has the correct identifier in Laravel 4

Question

I am trying to figure out how to verify that a registered user in Laravel 4 can visit the correct user account.

At the moment, this is what is in the routes.php file.

Route::get('user/{id}', array('before' => 'auth', function(){ // logged in user // but can visit any account!! }));

How can I limit this so that user / 1 can only see the profile if this is the current user ID in the system?

 Auth::user()->id

It returns the input identifier for validation, but I cannot figure out how to write a filter that validates it at {id} in the URL.

Please, help! Thanks.

+6

markstewie Apr 01 '13 at 4:07

1 answer

markstewie · Answer 1 · 2013-04-01T04:53:26+0000

Get some help through the Laravel irc channel.

So I visited.

 Route::filter('user', function($route, $request) { if( $request->segment(2) != Auth::user()->id) { return Redirect::to('/login'); } });

Then do on my way.

 Route::get('user/{id}', array('before' => 'auth|user', 'uses' => ' UsersController@index '));