Auth Basics

app/Http/Controllers/CommentController.php

@@ -12,6 +12,7 @@ class CommentController extends Controller
     {
         $comment = new Comment();
         $comment->idea_id = $idea->id;
+        $comment->user_id = auth()->id();
         $comment->content = \request()->get("content");
         $comment->save();
 

app/Http/Controllers/IdeaController.php

@@ -12,11 +12,19 @@ class IdeaController extends Controller
     }
     public function edit(Idea $idea)
     {
+        if(auth()->user()->id != $idea->user_id)
+        {
+            abort(404);
+        }
         $editing = true;
         return view('ideas.show',compact('idea', 'editing'));
     }
     public function update(Idea $idea)
     {
+        if(auth()->user()->id != $idea->user_id)
+        {
+            abort(404);
+        }
         request()->validate(
             [
                 'content' => 'required|min:5|max:240'
@@ -28,15 +36,14 @@ class IdeaController extends Controller
     }
     public function store()
     {
-        request()->validate(
+        $validated = request()->validate(
             [
                 'content' => 'required|min:5|max:240'
             ]
         );
+        $validated['user_id'] = auth()->user()->id;
 
-        $idea = Idea::create(
-            ['content' => request()->get('content', null)]
-        );
+        $idea = Idea::create($validated);
 
         return redirect(route('ideas.index'))->with("success", "Your Idea was created successfully");
 
@@ -44,6 +51,10 @@ class IdeaController extends Controller
     }
     public function destroy(Idea $idea)
     {
+        if(auth()->user()->id != $idea->user_id)
+        {
+            abort(404);
+        }
         $idea->delete();
         return redirect(route('ideas.index'))->with("success", "Your Idea was deleted successfully");
     }

app/Models/Comment.php

@@ -8,4 +8,20 @@ use Illuminate\Database\Eloquent\Model;
 class Comment extends Model
 {
     use HasFactory;
+
+    protected $fillable = [
+        'idea_id',
+        'user_id',
+        'content'
+
+    ];
+
+    public function idea()
+    {
+        return $this->belongsTo(Idea::class);
+    }
+    public function user()
+    {
+        return $this->belongsTo(User::class);
+    }
 }

app/Models/Idea.php

@@ -11,11 +11,16 @@ class Idea extends Model
 
     protected $fillable = [
         'content',
-        'likes'
+        'likes',
+        'user_id'
     ];
 
     public function comments()
     {
         return $this->hasMany(Comment::class, "idea_id", "id");
     }
+    public function user()
+    {
+        return $this->belongsTo(User::class);
+    }
 }

app/Models/User.php

@@ -42,4 +42,14 @@ class User extends Authenticatable
         'email_verified_at' => 'datetime',
         'password' => 'hashed',
     ];
+
+    public function ideas()
+    {
+        return $this->hasMany(Idea::class);
+    }
+
+    public function ideaComments()
+    {
+        return $this->hasMany(Comment::class);
+    }
 }

database/migrations/2024_01_23_004227_create_ideas_table.php

@@ -13,6 +13,7 @@ return new class extends Migration
     {
         Schema::create('ideas', function (Blueprint $table) {
             $table->id();
+            $table->foreignId('user_id')->constrained('users')->cascadeOnDelete();
             $table->string("content", 240);
             $table->unsignedInteger("likes")->default(0);
             $table->timestamps();

database/migrations/2024_03_31_150332_create_comments_table.php

@@ -14,6 +14,7 @@ return new class extends Migration
         Schema::create('comments', function (Blueprint $table) {
             $table->id();
             $table->foreignId("idea_id")->constrained()->cascadeOnDelete();
+            $table->foreignId('user_id')->constrained('users')->cascadeOnDelete();
             $table->string("content");
             $table->timestamps();
         });

resources/views/shared/comments-box.blade.php

@@ -1,4 +1,5 @@
 <div>
+    @auth()
     <form action="{{route("ideas.comments.store", $idea->id)}}" method="post">
         @csrf
     <div class="mb-3">
@@ -8,6 +9,7 @@
         <button type="submit" class="btn btn-primary btn-sm"> Post Comment </button>
     </div>
     </form>
+    @endauth
     <hr>
     @foreach($idea->comments as $comment)
     <div class="d-flex align-items-start">

resources/views/shared/idea-card.blade.php

@@ -4,12 +4,13 @@
             <div class="d-flex align-items-center">
 
                 <img style="width:50px" class="me-2 avatar-sm rounded-circle"
-                     src="https://api.dicebear.com/6.x/fun-emoji/svg?seed=Mario" alt="Mario Avatar">
+                     src="https://api.dicebear.com/6.x/fun-emoji/svg?seed={{$idea->user->name}}" alt="{{$idea->user->name}} Avatar">
                 <div>
-                    <h5 class="card-title mb-0"><a href="#"> Mario
+                    <h5 class="card-title mb-0"><a href="#"> {{$idea->user->name}}
                         </a></h5>
                 </div>
             </div>
+            @if($idea->user_id == auth()->id())
             <div>
                 <form method="post" action="{{route('ideas.destroy',$idea->id)}}">
                     @csrf
@@ -20,6 +21,7 @@
                 <a href="{{route('ideas.show',$idea->id)}}">View</a>
 
             </div>
+            @endif
         </div>
     </div>
     <div class="card-body">

resources/views/shared/submit-idea.blade.php

@@ -1,3 +1,4 @@
+@auth()
 <h4> Share yours ideas </h4>
 <div class="row">
     <form action="{{route('ideas.store')}}" method="post">
@@ -13,3 +14,7 @@
     </div>
     </form>
 </div>
+@endauth
+@guest()
+    <h4>Login to share your ideas.</h4>
+@endguest

routes/web.php

@@ -17,13 +17,13 @@ use Illuminate\Support\Facades\Route;
 
 Route::get('/', [DashboardController::class, 'index'])->name('ideas.index');
 
-Route::post('/ideas', [\App\Http\Controllers\IdeaController::class, 'store'])->name('ideas.store');
+Route::post('/ideas', [\App\Http\Controllers\IdeaController::class, 'store'])->name('ideas.store')->middleware('auth');
 
 Route::get('/ideas/{idea}', [\App\Http\Controllers\IdeaController::class, 'show'])->name('ideas.show');
 
-Route::get('/ideas/{idea}/edit', [\App\Http\Controllers\IdeaController::class, 'edit'])->name('ideas.edit');
+Route::get('/ideas/{idea}/edit', [\App\Http\Controllers\IdeaController::class, 'edit'])->name('ideas.edit')->middleware('auth');
 
-Route::put('/ideas/{idea}', [\App\Http\Controllers\IdeaController::class, 'update'])->name('ideas.update');
+Route::put('/ideas/{idea}', [\App\Http\Controllers\IdeaController::class, 'update'])->name('ideas.update')->middleware('auth');
 
 Route::get('/register', [\App\Http\Controllers\AuthController::class, 'register'])->name('register');
 
@@ -36,9 +36,9 @@ Route::post('/login', [\App\Http\Controllers\AuthController::class, 'authenticat
 Route::post('/logout', [\App\Http\Controllers\AuthController::class, 'logout'])->name('logout');
 
 
-Route::delete('/ideas/{idea}', [\App\Http\Controllers\IdeaController::class, 'destroy'])->name('ideas.destroy');
+Route::delete('/ideas/{idea}', [\App\Http\Controllers\IdeaController::class, 'destroy'])->name('ideas.destroy')->middleware('auth');
 
-Route::post('/ideas/{idea}/comments', [\App\Http\Controllers\CommentController::class, 'store'])->name('ideas.comments.store');
+Route::post('/ideas/{idea}/comments', [\App\Http\Controllers\CommentController::class, 'store'])->name('ideas.comments.store')->middleware('auth');
 
 Route::get('/terms', function (){
     return view('terms');