Restrict access to application backend in CodeIgniter 4
The easiest way to restrict access to application backend, is to check the address of the current page, and if it starts with /admin, then check a logged user rights. This can be implemented through filters, that appeared in the fourth version of the framework.
1. Add a "Basic App Core" library contains an admin filter via Composer.
```composer require "basic-app/core:dev-master"```
2. Set up a new filter in filters config: "/Config/Filters.php".
``` public $aliases = [ ... 'admin' => \BasicApp\AdminFilter::class ]; ... public $filters = [ ... 'admin' => [ 'before' => ['admin', 'admin/*'] ] ]; ```
If you have an another implementation of users and rights, then you can inherit your class from BasicApp\BaseAdminFilter and override currentUserId(), checkAccess() and getUser() methods.
Posted on 2019-01-25