I don't want to publicly access able my user photos but I want to show them on the admin panel. How?
I try this :
Storage::get($fileName);
My .htaccess:
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>
RewriteEngine On
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Send Requests To Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
.htaccess
would look this way:
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>
RewriteEngine On
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_URI} ^.+?/?assets/images [NC]
RewriteRule ^ index.php [L]
# Send Requests To Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
In the above the important lines are:
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_URI} ^.+?/?assets/images [NC]
RewriteRule ^ index.php [L]
It says if the current request is of assets/images
and if the request is a file name, then pass it to index.php
which will basically go to the routes/web.php
.
routes/web.php:
Route::middleware(['admin-access'])->group(function(){
Route::get('assets/images/{file_name}',function($file_name){
header('Content-type:image/jpeg');// can improve to detect file extension and render accordingly.
readfile(public_path() . DIRECTORY_SEPARATOR . 'assets' . DIRECTORY_SEPARATOR . 'images' . DIRECTORY_SEPARATOR . $file_name);
exit;
});
});
Above route suggests that if the request is passed by admin-access
, then only load the image.
AdminAccess Middlware:
<?php
namespace App\Http\Middleware;
use Closure;
use Auth;
class AdminAccess
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next){
if(Auth::user->isAdmin()){ // or whatever you do to check
return $next($request);
}
return response("Permission denied.",403);
}
}
Make sure you add admin-access
in kernel.php as well.
protected $routeMiddleware = [
'admin-access' => \App\Http\Middleware\AdminAccess::class,
....
]
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.