A right kerfuffle

A blog about web development, programming and the awesomeness of the Internets

Category: Programming

Identifying non-authenticated users with fingerprints

When building an app without user authentication, you sometimes still want to limit anonymous user actions. One route could be using cookies or IP numbers, but both are limited in that cookies can be manipulated (or deleted) and IP numbers might change. Luckily, there’s a another alternative and its called fingerprints.

Much like a persons fingerprints, a device can be anonymously identified by the combination of certain metrics that are available to the browser. Your screen resolution, operating system and language settings are in themselves not enough to single you out – but adding up enough of these identifiers you have a pretty unique set.

So instead of setting up a system of cookies, I recommend using the fingerprint as an anonymous but unique user ID, one that can be persisted and used globally in your app.

Laravel routes in different files

When starting a new Laravel 5 project, all “web” routes reside in the routes/web.php. Adding a bunch of routes, maybe using Route::group for different controllers, quickly adds up and makes it hard to keep things neatly organized. Lucky for us it is very simple to add your own route files!

First create a new route file in routes folder. I’m gonna call mine admin.php and move all my admin area controllers to this file.

Open your app/Providers/RouteServiceProvider.php and find your method map():

public function map()
{
    $this->mapApiRoutes();

    $this->mapWebRoutes();

    // Add your own method here:
    $this->mapAdminRoutes();
}

And for your mapAdminRoutes() method you simply register a new route file. In my case I’m gonna use /admin as a prefix for my admin controllers, and control access through a special middleware:

protected function mapAdminRoutes()
{
    Route::prefix('admin')
        ->middleware(['web', 'authAdmin:admin_access'])
        ->namespace($this->namespace)
        ->group(base_path('routes/admin.php'))
    ;
}

There you go! Now my new route file can be stripped from its Route::group, and routes/web.php is kept to only public controllers.

Powered by WordPress & Theme by Anders Norén