防止用户未经授权访问网页

How can I prevent the users to access my web pages via url browsing. I mean I need to check whether the user is logged in before accessing any web pages. The application should not allow to access the page to user just by url.

Shall I have to check in every controller for authentication or is there any other way?

Suppose I have a controller DistributorController. Now the methods inside this controllers are,

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Session;
use App\Distributor;

class DistributorController extends Controller
{
    /**
     * Display a listing of the resource.
     *
     * @return \Illuminate\Http\Response
     */
    public function index()
    {
        //
    }

    function fetchData()
    {
        $distributors = Distributor::all()->toArray();
        return compact('distributors');
    }

    /**
     * Show the form for creating a new resource.
     *
     * @return \Illuminate\Http\Response
     */
    public function create()
    {
        return view('pages.distributors', $this->fetchData());
    }

    /**
     * Store a newly created resource in storage.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return \Illuminate\Http\Response
     */
    public function store(Request $request)
    {
        try{
            // code block
        }
        catch (\Exception $e) {
            // code block
        }
    }

    /**
     * Display the specified resource.
     *
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
    public function show($id)
    {
        //
    }

    /**
     * Show the form for editing the specified resource.
     *
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
    public function edit($id)
    {
        //
    }

    /**
     * Update the specified resource in storage.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
    public function update(Request $request, $id)
    {
        //
    }

    /**
     * Remove the specified resource from storage.
     *
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
    public function destroy($id)
    {
        //
    }
}

In your web.php file where you define the routes, you can group the routes and surround them using the Auth middleware. You can read more here

I think you may check for the user session for example

if (!$_SESSION['id']){              // if user session is not found
                     header("location:http://yoursite.index.php"); //redirect anywhere
       }
  else { 
           // Your code 'view page'  
       }

Hope my answer solves it :)