Cloudways

@cloudways

Creating Multiple Authentication in Laravel 5.5 Using Middleware

Every web application has a predefined set of users that have different roles and permissions. To verify the users, applications need to have an authentication module or functionality. Using Middleware, you can easily implement multiple authentication in Laravel.

In this article, I will demonstrate the middleware functionality. More specifically, I will show how to authenticate an admin user and a normal user.

Middleware

In web apps, developers often need to implement some functionality during the request hit on a particular URI. In practical terms, it is like layers that developers put in between the user request and the application response. Laravel 5.5 middleware provides a very flexible API to do this. In addition, developers could implement custom middleware in no time. They just need to fire one command and Laravel is all set up. The custom logic is placed inside a function and is defined in the application.

Prerequisites

For the purpose of this tutorial, I assume that you have a PHP application installed on a web server. My setup is:

  • PHP 7.1
  • MySQL
  • Laravel 5.5

To make sure that that I could focus on the tutorial without being bogged down by server setup and management issues, I decided to host my Laravel application on Cloudways managed servers because they take care of server level issues and has a powerful devstack that is optimized for hosting Laravel.

Create the Laravel Project

If you are on a hosting provider other than Cloudways or on localhost, open the Command terminal and enter the following command for creating the Laravel application:

composer create-project — prefer-dist laravel/laravel blog “5.5.*”

Configure the Database

After successfully installing the Laravel app, the next step is database configuration. Let’s open .env file and the config/database.php file and set database credentials in these files.

Set Admin Middleware

Next, open the migration of user in Database/migration/…user.php and update the following field for Admin.

$table->boolean(‘isAdmin’)->nullable();

Run the Migration

After creating the database and adding the configuration settings, run the following command to create tables in the database.

Php artisan migrate

Laravel Auth

Laravel provides a built-in authentication system for registration and login. Simply enter the following command in the terminal:

Php artisan make:auth

Create the Middleware Admin

Create a middleware by typing the following Laravel command:

php artisan make:middleware Admin

Next, go to app/Http/ Middleware/Admin.php. You will notice that the file already contains boilerplate code provided by Laravel. In this code, you only have to deal with a single function, handle() . Update the code in this function with the following code:

public function handle($request, Closure $next)
{
if(auth()->user()->isAdmin == 1){
return $next($request);
}
return redirect(‘home’)->with(‘error’,’You have not admin access’);
}

Now, register this route in the app/Http/Kernel.php . Update the $routeMiddleware property with:

<?php
// Kernel.php
protected $routeMiddleware = [
‘auth’ => \Illuminate\Auth\Middleware\Authenticate::class,
‘auth.basic’ => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
‘bindings’ => \Illuminate\Routing\Middleware\SubstituteBindings::class,
‘can’ => \Illuminate\Auth\Middleware\Authorize::class,
‘guest’ => \App\Http\Middleware\RedirectIfAuthenticated::class,
‘throttle’ => \Illuminate\Routing\Middleware\ThrottleRequests::class,
‘admin’ => \App\Http\Middleware\Admin::class,
];.
?>

Config the Admin Protected Route

Next, I will create the route for admin. Open the routes/web.php file and enter the following code in it:

Route::get(‘admin/routes’, ‘HomeController@admin’)->middleware(‘admin’);

Create the Controller

Let’s open the app/http/controller/HomeController and update the following methods.

public function index()
{
return view(‘home’);
}
public function admin()
{ return view(‘admin’); }

Create the Home View

After setting up the protected admin route, open the resources/views/home.blade.php file and update the following code:

@extends(‘layouts.app’)
@section(‘content’)
<div class=”container”>
@if(\Session::has(‘error’))
<div class=”alert alert-danger”>
{{\Session::get(‘error’)}}
</div>
@endif
<div class=”row”>
<div class=”col-md-8 col-md-offset-2">
<div class=”panel panel-default”>
<div class=”panel-heading”>Dashboard</div>
<?php if(auth()->user()->isAdmin == 1){?>
<div class=”panel-body”>
<a href=”{{url(‘admin/routes’)}}”>Admin</a>
</div><?php } else echo ‘<div class=”panel-heading”>Normal User</div>’;?>
</div>
</div>
</div>
</div>
@endsection

In this code, I used if(auth()->user()->isAdmin == 1) to check the user profile. If it is admin, it will navigate to the admin area. Otherwise, it will redirect to users area.

Create Admin View

Create a view called admin.blade.php in the root of the views folder, and add the following code to it:

@extends(‘layouts.app’)
@section(‘content’)
<div class=”row”>
<div class=”col-md-8 col-md-offset-2">
<div class=”panel panel-default”>
<div class=”panel-heading btn-primary”>WELCOME TO ADMIN ROUTE</div>
</div>
</div>
</div>
@endsection

Admin Auth

For setting up admin auth, first register a user through Laravel register and then change the status of isadmin to ‘1’. Next , login to the application:

User Auth

Here is how the results of user auth looks like:

I hope that now you could easily setup Multiple Authentication in Laravel projects. If you need help, just drop a comment and I will get back to you ASAP!

More by Cloudways

Topics of interest

More Related Stories