Authorization

In general, authorization can be used in Lumen the same way it is used in Laravel. We will cover a few differences here, but you should refer to the full Laravel documentation for additional details.

Differences From Laravel

Defining Abilities

Defining Policies

Unlike Laravel, Lumen does not have a $policies array on its AuthServiceProvider. However, you may still call the method on the Gate facade from within the provider's boot method:

Checking Abilities

You may "check" abilities just as you would in the full Laravel framework. First, you may use the Gate facade. If you choose to use the facade, be sure to enable facades in your file. Remember, we don't need to pass the User instance into the allows method since the currently authenticated user will automatically be passed to your authorization callback: