Let's make auto routes disable |
(03-25-2022, 04:44 PM)kenjis Wrote: @ChicagoPhil Okay, Good question. So because the routes are defined and auto routing is on, the filter is not executed but this doesn't seem to be a vulnerability in the routing as much as a coding error. I never intended to use the before filter for the library that I'm building. My plan was to get the user status in the base controller constructor and then execute a permissions check in each method by default. That would avoid the pitfalls of using filters or auto routing? It's the way I did things in CI3. I even added a Core folder to CI4 because I'm a dinosaur that is stuck in my ways. :-) |
Welcome Guest, Not a member yet? Register Sign In |