Laravel Authorization is the service provided by the framework for authorization methodology. It provides them using Gates and Policies.
Laravel also provides a simple way to organize authorization logic and control access to resources. There are a variety of methods and helpers to assist you in organizing your authorization logic.
Gates are similar to routes and Policies we can think of like Controllers.
Gates are Closures that determine if a user is authorized to perform a given action and are typically defined in the App\Providers\AuthServiceProvider
class using the Gate facade.
Policies are classes that organize authorization logic around a particular model or resource. For example, if your application is a blog, you may have a Post model and a corresponding PostPolicy to authorize user actions such as creating or updating posts.
We can generate policy using the below artisan command :
php artisan make:policy PostPolicy --model=Post
Reference :