Multiple role-based authentication in LaravelSolomon EsemeBlockedUnblockFollowFollowingJan 26Hey guys, in this article, am going to show you how to implement multiple role-based authentication in Laravel even if you have many different users and multiple dashboards respectively.
multiple role-based authentication in LaravelBefore we delve into achieving that, let me breakdown my scenarios or problems i was facing in a project I was working for a company, that made me to spent almost two weeks trying to figure it out.
In this project, I was presented with six (6) different users and their respective dashboards too, the users were as follows viz:Super AdminAdminPlayersTeamsAcademicsScoutsSo, the problem was to redirect the users to their respective dashboards on successful logins and restrict access to any other dashboards even if they typed in the URL to or try to access the other dashboard, it should redirect them back to their default dashboard.
As I read through many blog posts, video tutorials and questionings which was great, I discovered that whenever I successfully implement a solution, I will always discover a fault during security test/checks such as “too many redirect errors” or enabling a logged in player to access a scout dashboard etc.
I also discovered many solutions such as the use of guards, middleware etc.
which helped tremendously.
GETTING STARTEDEnough of the house keeping things, let move down to how I successfully implement multiple role-based authentication in Laravel and save myself two weeks of sleepless nights.
We will start by installing a fresh new Laravel project, you can skip these steps if you are comfortable with it.
CREATING A FRESH LARAVELType in the following commands in your projects folder assuming you have php 7.
* and composer installed.
You can check here to learn how to install Laravel.
composer create-project –prefer-dist laravel/laravel MultiAuthSETTING UP YOUR DATABASE AND .
ENV FILEThe next step is to setup your database migrations and configuring your environment file.
Go to your phpMyAdmin and create a database.
Open your user migration file and add the following columnsAfter that, open your .
env file and pass in your database credentialsRun your migrationsphp artisan migrateYou can set up database seeders to fill your database with data or you can add it manually, which ever way is good, or you can simply use my code examples since I have set up a database seeder already just for this example.
SETTING UP USER AUTH.
After setting up your database and running migrations, the next step is to use Laravel default authentication which is just fine for our example, Thanks to Laravel teams.
By just running:php artisan make:authYou should successfully set up a complete user registration and login system out of the box, now visit your newly created Laravel project by typing.
php artisan serveAnd typing 127.
1:8000 in the browser.
At this stage, you can decide to seed six (6) different users with corresponding user role or manually insert them in database.
So, our user role is going to be numerical as follows:Super AdminAdminPlayerTeamAcademicScoutAfter properly seeding the dummy user data, if you are happy with it, lets move to the next step.
CREATING DASHBOARD CONTROLLERSThe next step will be to create the different dashboard controllers for the different users.
Typephp artisan make:controller AdminControllerphp artisan make:controller PlayerControllerRepeat until you complete the six (6) dashboards.
CREATING MIDDLEWARESAfter creating the different controllers, the next step is to create the different middleware corresponding to the different user roles.
TYPEphp artisan make:middleware Adminphp artisan make:middleware PlayerRepeat until you complete the six (6) middlewares.
After creating the middleware, now go to into the kernel.
php file under the $routeMiddleware array and register them.
After registering the middleware appropriately, the next step is assigning the middleware to the different controllers or routes you want to protect.
SETTING UP VIEWS AND ROUTESGo to your views folder and create the different view dashboards.
Remember the dashboard files can be inside different folders, it doesn’t matter, just route them correctly inside your controllers.
Different user dashboardsInside each of the dashboards, i added a dummy text, just to demonstrate.
After creating the view, go to web.
php under routes folder and set up the different routes to access the different dashboards.
Now, here is the interesting part, in my example or project, I prefer assigning the middleware to the routes instead of adding it into the Controller constructors.
EDITING THE MIDDLEWAREAfter registering and assigning the middleware to the routes or controllers, let edit the contents of each of the middlewares.
So, inside the handle method, check if the user is Authenticated and redirect according to the user role to the different dashboards.
EDITING THE LOGIN AND REGISTER CONTROLLERAfter a successful login, you need to redirect the user to the appropriate dashboard based on the user role.
You can do same with Register Controller or you can simply redirect users to verify page and after verification, you can redirect to dashboard or login page again depending on your project.
CONCLUSIONSWow!!!.Congratulations, that was a long read and code typing, you can watch the video here.
So far, the problem we have solved is preventing a logged in user from accessing other users’ dashboard and also preventing “too many redirect errors” when working with guards wrongly.
we understand that there are many ways to kill a rat, we want to hear your thoughts and best practices on how to solve this same issue, if you have encounter it before, how did you solve it, lets hear it in the comment section below and we will update this post accordingly.
You can get the full source code hereIf you enjoy this post make sure you share it with your friends, DROP 50 CLAPS and subscribe to my growing channel.
If you are interested in backend development (or you’re internet enthusiast) both (Mobile | Web | Desktop) subscribe to my Youtube channel, we will be posting a collection of help full tutorials and guides like this one for artisansOriginally published at codelikemad.
ng on January 26, 2019.