0

I want to use the multi authentication Laravel but with only one table "users"

How can I implement this?

Yassine Mabrouk
  • 11
  • 1
  • 6
  • If you asking about separate dashboard for user and admin, then you may add new column as type in user table –  Jun 13 '17 at 10:49
  • The need for my project is like this, because I have backoffice for admins, but now I want to implement a small backoffice for the simple users, and this small backoffice is totally different than the admins – Yassine Mabrouk Jun 13 '17 at 10:51
  • @FairyDancer i want to implement a small backoffice for simple users only – Yassine Mabrouk Jun 13 '17 at 10:54
  • is the menu are same for both users? –  Jun 13 '17 at 10:56
  • The menu is different, My project is an online donation site, I want to create a small space for the site users so that they can consult their donations and their profile and they can comment for each cause – Yassine Mabrouk Jun 13 '17 at 11:02
  • I recommend using 2 separate drivers for each authentication model. While this takes a bit more to implement, it ensures code reusability and extensibility. – idelara Jun 13 '17 at 20:25

1 Answers1

4

Separate drivers and models for each type of user that requires authentication is the correct way to go. You can read this thread, and learn more about it. With that being said, if you want something quick but not so secure and extensible, you could do the following:

You could have a flag in your Users migration that determines the type of user like so:

public function up()
    {
        Schema::create('users', function (Blueprint $table) {
            $table->increments('id');
            $table->string('name');
            $table->string('email')->unique();
            $table->string('password');
            $table->unsignedInteger('user_type');
            $table->rememberToken();
            $table->timestamps();
        });
    }

For this example, we will have a regular user as a type 1 and an Admin as a type 2.

Then, you could create a middleware that checks if the user has the required 'user_type' flag every single time your regular user programming logic differs to that of the admin. You could also check upon the instantiation of a specific Controller.

In this example, we'll create two middleware, one for the regular user, and another for the admin. This will protect the same User driver/model with different user type accessing each other resources, again, by using the attribute user_type we defined in the migration.

Creating the two middleware:

php artisan make:middleware UserMiddleware

and

php artisan make:middleware AdminMiddleware

We register them in our Kernel.php. It should look like this:

protected $routeMiddleware = [
        'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
        'can' => \Illuminate\Auth\Middleware\Authorize::class,
        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
        'user' => \App\Http\Middleware\UserMiddleware::class,
        'admin' => \App\Http\Middleware\AdminMiddleware::class
    ];

Once we have registered our middleware in our Kernel, we modify their handle() method to suit our needs:

UserMiddleware.php:

public function handle($request, Closure $next)
    {
        if(Auth::user()->user_type == 1)
            return $next($request);
        return redirect('/');
    }

AdminMiddleware.php:

public function handle($request, Closure $next)
    {
        if(Auth::user()->user_type == 2)
            return $next($request);
        return redirect('/');
    }

The Auth::user() Facade will return an instance of your logged in user in both cases, which then we check if it is a 1 or a 2. If they match their corresponding values, we proceed to wherever we are intended to go, else, we can redirect to somewhere else in your app, say, the home route /.

After this, we can proceed to protect routes or controllers with our brand new middleware.

For example, if you wanted to make a route only available to admins, but not to regular users, you could do:

routes/web.php:

Route::get('/admin', function () {
    return view('admin');
})->middleware('admin');

Then that specific route, will be protected to those Users that are created with the attribute user_type set to 2.

I hope this helps you a little bit.

Cheers!

idelara
  • 1,786
  • 4
  • 24
  • 48
  • Thank you @JackGal , i will try this logic ^^ – Yassine Mabrouk Jun 14 '17 at 10:04
  • @YassineMabrouk No worries. I added a reference to my answer in case you might want to explore the multiple auth drivers. I hope my answer is able to help you! – idelara Jun 14 '17 at 10:12
  • ,I tried your logic unfortunately, I could not solve my need :( – Yassine Mabrouk Jun 16 '17 at 11:18
  • By using this method, can we open both admin and normal user pages in a single browser window? also if we logout or logged in from admin then it should not affect the normal user Auth and vise versa. – Hari Dec 07 '17 at 04:06