Unlike Laravel gate and policy, we can authorize users for a specific task using Laravel pennant. Laravel 10 releases this new feature in their latest release. So from the laravel 10 version, we can use this Laravel pennant feature.
We can define laravel pennant using Feature facades. pennant is a composer package. So there is the command to install it in the Laravel application. In this tutorial, I will show you how to define laravel pennant and how to use them in laravel applications to authorize user action.
You want to private some data and you need to verify the user before accessing it. In this case, the Laravel pennant is there. So let's see how to use Laravel pennant.
Step 1: Install Laravel
Install a fresh laravel 10 application by the below command:
composer create-project laravel/laravel example-app
Step 2: Connect Database
After successfully installing the laravel app and then configuring the database setup. We will open the ".env" file and change the database name, username, and password in the env file to create how to how define laravel pennant and what is this pennant.
.env
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=Enter_Your_Database_Name
DB_USERNAME=Enter_Your_Database_Username
DB_PASSWORD=Enter_Your_Database_Password
Step 3: Install Laravel pennant
Now run the below command to install laravel pennant package.
composer require laravel/pennant
Now you have to run this migration by following the command:
php artisan migrate
Now we are going to create a system that, only the editor can access our data. So we will create a method that will verify whether a user is an editor or not. So update the user model like below;
app\Models\User.php
<?php
namespace App\Models;
// use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Laravel\Sanctum\HasApiTokens;
class User extends Authenticatable
{
use HasApiTokens, HasFactory, Notifiable;
public function isEditor()
{
return $this->id == 1;
}
}
Step 4: Defining Laravel Pennant
Now in this step, we will define our pennant like that:
App\Providers\AppServiceProvider.php
<?php
namespace App\Providers;
use App\Models\User;
use Laravel\Pennant\Feature;
use Illuminate\Support\ServiceProvider;
class AppServiceProvider extends ServiceProvider
{
/**
* Register any application services.
*/
public function register(): void
{
//
}
/**
* Bootstrap any application services.
*/
public function boot(): void
{
Feature::define('test-todo', function (User $user) {
return $user->isEditor();
});
}
}
Step 5: Create Auth
Now in this step, we will create a one-time authorization system in Laravel to check whether a logged-in user has the ability to check this data using Laravel pennant.
routes/web.php
<?php
use Illuminate\Support\Facades\Route;
/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider and all of them will
| be assigned to the "web" middleware group. Make something great!
|
*/
auth()->onceUsingId(2);
Route::get('/', function () {
return view('welcome');
});
Step 6: Check Laravel Pennant
Now all are ok, now we will check our Laravel pennant feature like:
resources/views/welcome.blade.php
<!DOCTYPE html>
<html lang="{{ str_replace('_', '-', app()->getLocale()) }}">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Laravel</title>
</head>
<body class="antialiased">
@feature('test-todo')
<h1>Welcome, we are learning Laravel pennant</h1>
@endfeature
</body>
</html>
Read also: Laravel 10 Algolia Full Text Search Tutorial
Conclusion
Look at what, I have shared about the concept of what is Laravel pennant. Now we know how to install Laravel pennant and how to use them in Laravel application. Hope this laravel pennant tutorial will help you.
