0đź‘Ť
âś…
use server side security instead of client side like this
Route::group(['middleware' => ['permission:permission1|permission2']], function () {
Route::get('/protected_URL',function(){
return "I can only access this if i only have permission1 and permission2";
});
});
this was only authenticated user and user having “permission1” and “permission2” have access to this page, otherwise it will thought access denied error where you can easily catch this error with axios and display Access Denied message
Source:stackexchange.com