Authorization
Wirechat offers flexible integration with multiple guards and middleware configurations to secure your application’s routes and broadcasting channels. This guide will help you set up and manage these configurations in a simple and clear manner, making it accessible for users of all experience levels.
# Guards
Guards determine how users are authenticated for each request. Laravel supports multiple guards, which you can configure in the config/auth.php
file.
Default Guard Setup
Wirechat comes with a default guard defined in its configuration file. If you're using the default web
guard, no additional setup is needed.
// config/wirechat.php
'routes' => [
// ...
'guards' => ['web'],
],
Using Multiple Guards
If your application uses multiple guards, such as admin
and web
, you can configure Wirechat to recognize both. This allows users authenticated via either guard to access Wirechat routes and subscribe to private channels (e.g., when a message is created or a participant is notified).
// config/wirechat.php
'routes' => [
// ...
'guards' => ['web', 'admin'],
],
# Middleware
Middleware authenticates users when they subscribe to channels or access Wirechat routes, such as /chats
or any other prefix defined in the routes.prefix
configuration.
Default Middleware Setup
Wirechat uses the web
and auth
middleware by default to secure its routes.
// config/wirechat.php
'routes' => [
// ...
'middleware' => ['web', 'auth'],
'guards' => ['web'],
],
Multi-Guard Authentication
If your application requires support for multiple guards (e.g., web
and admin
), you should define the middleware to handle authentication for both guards. This ensures that Laravel checks authentication using either guard, granting access if the user is authenticated by any one of them.
// config/wirechat.php
'routes' => [
// ...
'middleware' => ['web', 'auth:admin,web'],
'guards' => ['web', 'admin'],
],
# Broadcasting Middleware Configuration
If you have custom guards
or middleware
defined for broadcasting in your BroadcastServiceProvider
, ensure that these are also included in Wirechat's configuration. This synchronization is crucial because the settings in BroadcastServiceProvider
take precedence over lower-level configurations. A mismatch between these configurations can lead to authentication issues when authorizing broadcast channels or accessing routes.
Example:
// app/Providers/BroadcastServiceProvider.php
Broadcast::routes([
'middleware' => ['web', 'auth:admin,web'],
'guards' => ['web', 'admin']
]);
// config/wirechat.php
'routes' => [
// ...
'middleware' => ['web', 'auth:admin,web'],
'guards' => ['web', 'admin']
],
Key Points:
-
Consistency: Ensure that the
guards
andmiddleware
defined inBroadcastServiceProvider
match those in Wirechat's configuration. - Avoid Conflicts: Inconsistent settings can cause users to be improperly authenticated, leading to access issues.
By following this guide, you can effectively secure your Wirechat implementation, accommodating users with different authentication levels seamlessly.