In your Auth
filter you can access the route parameter ('user/{id}'
) and can check logged in user's id
with the id
passed in the url
like
Route::filter('auth', function($route)
{
// get the id from rouqe
$id = $route->getParameter('id');
if( Auth::check() && Auth::user()->id != $id) {
// not authenticated user, so access is denied
return Redirect::to('/');
}
});