From 7ddc4f14586020b2b993fb975bdda98c3f7822af Mon Sep 17 00:00:00 2001
From: bad <badatnames@tutanota.com>
Date: Mon, 29 Nov 2021 15:46:16 +0100
Subject: [PATCH] Protect cart with an auth middleware

---
 routes/web.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/routes/web.php b/routes/web.php
index a24a01b..94838c1 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -33,9 +33,9 @@ Route::post('/login', [LoginController::class, "authenticate"])->name("login");
 Route::post('/register', [LoginController::class, "register"])->name("register");
 Route::any("/logout", [LoginController::class, "logout"])->name("logout");
 
-Route::post("/product/{product}/addToCart", [CartController::class, "addToCart"])->name("addToCart");
-Route::post("/product/{product}/removeFromCart", [CartController::class, "removeFromCart"])->name("removeFromCart");
+Route::post("/product/{product}/addToCart", [CartController::class, "addToCart"])->name("addToCart")->middleware("auth");
+Route::post("/product/{product}/removeFromCart", [CartController::class, "removeFromCart"])->name("removeFromCart")->middleware("auth");
 
 Route::resource("product", ProductController::class);
-Route::resource("order", OrderController::class);
+Route::resource("order", OrderController::class)->middleware("auth");
 Route::resource("image", ImageController::class)->only(["store", "delete", "create"])->middleware("auth.admin");