Courses

React.js + Inertia in Laravel 11: From Scratch

User Roles and Permissions Protection

Summary of this lesson:
- Implement frontend and backend permissions
- Share permissions via middleware
- Conditionally render UI elements
- Protect routes with authorization
- Create user-specific access controls

In this lesson, permissions will be managed on the front and back end. We will again pass the permissions to React using the shared data Middleware.


Laravel Inertia Middleware

So, in the HandleInertiaRequests Middleware, you pass the permissions. Those permissions can come from some package or your own custom implementation. For example, let's add two permissions.

app/Http/Middleware/HandleInertiaRequests.php:

class HandleInertiaRequests extends Middleware
{
// ...
 
public function share(Request $request): array
{
return array_merge(parent::share($request), [
'flash' => [
'message' => fn () => $request->session()->get('message')
],
'user' => [
'name' => $request->user()?->name,
'email' => $request->user()?->email,
],
'permissions' => [
'posts_view' => true,
'posts_manage' => true,
],
]);
}
}

React Component Props

Next, we can add permissions as props instead...

The full lesson is only for Premium Members.
Want to access all 18 lessons of this course? (57 min read)

You also get:

  • 69 courses (majority in latest Laravel 11)
  • Premium tutorials
  • Access to repositories
  • Private Discord