In Laravel 5.6 and below authorization gates and policies automatically return
false for unauthenticated users. New in Laravel 5.7, you can now allow guests to go through authorization checks by using a nullable type-hint or setting the default value as null:
By using a nullable type hint the
$user variable will be null when a guest user is passed to the gate, and you can then make decisions about authorizing the action. If you allow nullable types and return
true, then the guest will have authorization.
If you don’t use a nullable type hint, guests will automatically get this beautiful 403 response for Laravel 5.7, designed by Steve Schoger (@steveschoger):
Source link https://laravel-news.com/laravel-5-7-guest-user-gates-policies