Multiple authentications are very important in the big application of laravel. If you work on a big project then you frequently prefer to various tables, like we always prefer “users” table for an end user registration and “admins” table for admin user that means secure strong protection. We forever use Auth for performing user authentication but you have searched how to make admins with auth. The following steps are used to done this requirement.
Step 1: Open the composer and point to project directory. Run the following command for creating a new laravel project, if you already setup the project just avoid this step. Also update .env file for Database connection.
|
1 |
composer create-project --prefer-dist laravel/laravel blog "5.2.*" |
|
1 2 3 4 5 6 |
DB_CONNECTION=mysql DB_HOST=localhost DB_PORT=3306 DB_DATABASE=database_name DB_USERNAME=username DB_PASSWORD=password |
Step 2: Now we need to get default authentication controller for users. In laravel, default predefined User model, User table migration and their own authentication controller are there. We can enable that with the help of following commands.
|
1 2 3 |
php artisan make:auth php artisan migrate |
Step 3: Now we are going to create Admin model for Admin users. This will be done by the following command
|
1 |
php artisan make:model Admin |
Now open up Admin model file, In that you will see that it extends default Model class. In sequence to perform authentication with Admin model we want to replace Model class with Authenticatable class. Also add the required variables such as fillable and hidden.
|
1 2 3 4 5 |
use Illuminate\Database\Eloquent\Model; class Admin extends Model { // } |
To be change like below,
|
1 2 3 4 5 6 7 8 9 10 |
use Illuminate\Foundation\Auth\User as Authenticatable; class Admin extends Authenticatable { protected $fillable = [ 'name', 'email', 'password', ]; protected $hidden = [ 'password', 'remember_token', ]; } |
Step 4: Now we are going to create migration class for Admin table. This will be done by the following command.
|
1 |
php artisan make:migration create_admins_table |
Open the Admin migration and add the required field like user table else use following code,
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 |
<?php use Illuminate\Database\Schema\Blueprint; use Illuminate\Database\Migrations\Migration; class CreateAdminsTable extends Migration { /** * Run the migrations. * * @return void */ public function up() { Schema::create('admins', function (Blueprint $table) { $table->increments('id'); $table->string('name'); $table->string('email')->unique(); $table->string('password', 60); $table->rememberToken(); $table->timestamps(); }); } /** * Reverse the migrations. * * @return void */ public function down() { Schema::drop('admins'); } } |
Step 5: Now the migrate command to create admins table in DB. Following command use to do this,
|
1 |
php artisan migrate |
Step 6: Setup Gaurd in auth.php for admis, this file contain guards, providers, and passwords. Just add the one role for admin privilege.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 |
<?php return [ 'defaults' => [ 'guard' => 'web', 'passwords' => 'users', ], 'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'api' => [ 'driver' => 'token', 'provider' => 'users', ], // For admins 'admins' => [ 'driver' => 'session', 'provider' => 'admins' ] ], 'providers' => [ 'users' => [ 'driver' => 'eloquent', 'model' => App\User::class, ], // For admins 'admins' => [ 'driver' => 'eloquent', 'model' => App\Admin::class ] ], 'passwords' => [ 'users' => [ 'provider' => 'users', 'email' => 'auth.emails.password', 'table' => 'password_resets', 'expire' => 60, ], 'admins' => [ 'provider' => 'admins', 'email' => 'admin.emails.password', 'table' => 'password_resets', 'expire' => 60, ], ], ]; |
Step 7: Now we need to define Admin authentication controller. It’s very easy to do this. Just copy the auth folder from app/Http/Controllers path and paste it same place and rename it as AdminAuth.
(Make sure that you’ve changed the namespace in AuthController and PasswordController files).
Then little bit work is there like redirection path for login and logout, guard name and two functions for showing the login and registration view for admin. For this add the following code in app/Http/Controllers/AdminAuth/AuthController.php
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
protected $redirectTo = '/admin'; protected $guard = 'admins'; protected $redirectAfterLogout = 'admin/login'; public function showAdminLogin() { if (view()->exists('auth.authenticate')) { return view('auth.authenticate'); } return view('admin.login'); } public function showAdminRegistration() { return view('admin.register'); } |
Step 8: Now we need to define Admin login and registration page. It’s also very easy to do this. Just copy the auth folder from resources/views/auth path and paste it same place and rename it as admin.
(Make sure that you want to create the layout for admin view and extend with login and register blade files in admin folder).
Then little bit work is there like redirection path for Home, Login and Register links in that admin layout and form post URL also. it seems like,
{{ url(‘/login’) }} => {{ url(‘admin/login’) }}
{{ url(‘/register’) }} => {{ url(‘admin/register’) }}
Here by default Auth::->user() will get users authentication only. If we want to chage it for admin use gaurd name in this fuction like Auth::guard(‘admins’)->user() and Auth::guard(‘admins’)->user()->name;
Step 9: Now we going to create Controller for Admin user, run the following command to create an AdminController class.
|
1 |
php artisan make:controller AdminController |
In this file, just define index function show the admin dashboard page if the admin user gets logged in.
|
1 2 3 |
public function index(){ return view('admin.dashboard'); } |
Step 10: One important thing we missed to add for the admin user, that is middleware function. Middleware function is use to restrict normal end users to access the particular pages in our application. It helps to hide some information from end users. Following command use to create middleware for restricting not admin users,
|
1 |
php artisan make:middleware RedirectIfNotAdmin |
in RedirectIfNotAdmin middleware file just add the guard name and redirection path,
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
namespace App\Http\Middleware; use Closure; use Auth; class RedirectIfNotAdmin { /** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @param string|null $guard * @return mixed */ public function handle($request, Closure $next, $guard = 'admin') { if (!Auth::guard($guard)->check()) { return redirect('/admin/login'); } return $next($request); } } |
Register our middleware in kernel.php
|
1 2 3 4 |
protected $routeMiddleware = [ ... 'admins' => \App\Http\Middleware\RedirectIfNotAdmin::class, ]; |
Add the middleware in AdminController file using __construct() method. AdminController file look like,
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
namespace App\Http\Controllers; use Illuminate\Http\Request; use App\Http\Requests; use App\Http\Controllers\Controller; use Illuminate\Support\Facades\Auth; class AdminController extends Controller { public function __construct(){ $this->middleware('admins'); } public function index(){ return view('admin.dashboard'); } } |
Finally, add the routes for admin users, by default users routes are added in routes. following code for admin route in routes.php file
|
1 2 3 4 5 6 7 8 9 10 |
/Admin Login Routes Route::get('/admin/login','AdminAuth\AuthController@showAdminLogin'); Route::post('/admin/login','AdminAuth\AuthController@login'); Route::get('/admin/logout','AdminAuth\AuthController@logout'); // Admin Registration Routes Route::get('admin/register', 'AdminAuth\AuthController@showAdminRegistration'); Route::post('admin/register', 'AdminAuth\AuthController@register'); Route::get('/admin', 'AdminController@index'); |
Now we test the multi-auth function using bellow URL address,
For Users,
example.com/login
example.com/register
For Admins,
example.com/admin/login
example.com/admin/register
