iamdtang · iamdtang · Feb 20, 2024
diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
@@ -58,6 +58,7 @@ class Kernel extends HttpKernel
         'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class,
         'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
         'can' => \Illuminate\Auth\Middleware\Authorize::class,
+        'deny-blocked-users' => \App\Http\Middleware\DenyBlockedUsers::class,
         'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
         'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
         'precognitive' => \Illuminate\Foundation\Http\Middleware\HandlePrecognitiveRequests::class,

diff --git a/app/Http/Middleware/DenyBlockedUsers.php b/app/Http/Middleware/DenyBlockedUsers.php
@@ -0,0 +1,33 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Auth;
+
+class DenyBlockedUsers
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
+     */
+    public function handle(Request $request, Closure $next): Response
+    {
+        $requestedRouteName = $request->route()->getName();
+        $isBlocked = Auth::user()->is_blocked;
+        $isNotBlocked = !$isBlocked;
+
+        if ($isBlocked && $requestedRouteName !== 'blocked') {
+            return redirect()->route('blocked');
+        }
+
+        if ($isNotBlocked && $requestedRouteName === 'blocked') {
+            return redirect()->route('profile.index');
+        }
+
+        return $next($request);
+    }
+}
diff --git a/database/migrations/2024_02_20_042401_add_is_blocked_to_users_table.php b/database/migrations/2024_02_20_042401_add_is_blocked_to_users_table.php
@@ -0,0 +1,26 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    /**
+     * Run the migrations.
+     */
+    public function up(): void
+    {
+        Schema::table('users', function (Blueprint $table) {
+            $table->boolean('is_blocked')->default(false);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     */
+    public function down(): void
+    {
+        Schema::dropColumns('users', ['is_blocked']);
+    }
+};
diff --git a/resources/views/blocked.blade.php b/resources/views/blocked.blade.php
@@ -0,0 +1,7 @@
+@extends('layout')
+
+@section('title', 'Blocked')
+
+@section('main')
+    <p>{{ Auth::user()->name }}, you have been blocked.</p>
+@endsection
diff --git a/routes/web.php b/routes/web.php
@@ -27,6 +27,12 @@
 Route::post('/login', [AuthController::class, 'login'])->name('auth.login');
 
 Route::middleware(['auth'])->group(function () {
-    Route::get('/profile', [ProfileController::class, 'index'])->name('profile.index');
+    // Route::get('/profile', [ProfileController::class, 'index'])->name('profile.index');
     Route::post('/logout', [AuthController::class, 'logout'])->name('auth.logout');
+
+    Route::middleware(['deny-blocked-users'])->group(function () {
+        Route::get('/profile', [ProfileController::class, 'index'])->name('profile.index');
+
+        Route::view('/blocked', 'blocked')->name('blocked');
+    });
 });