Laravel 9 multiple user role based authentication example; Through this tutorial, i am going to show you how to implement multi user role based authentication in laravel 9 apps.
Laravel 9 Multiple User Role Based Authentication Example
Use the below given steps to implement multiple user role based authentication in laravel 9 apps:
- Step 1: Install Laravel 9 App
- Step 2: Connecting App to Database
- Step 3: Update migration and model
- Step 4: Create Middleware and Setting up
- Step 5: Make Route s
- Step 6: Update HomeController
- Step 7: Create Blade View
- Step 8: Update LoginController
- Step 9: Create Seeder
- Step 10: Start Development Server
Step 1: Install Laravel 9 App
Run the following comand on command prompt to download the laravel fresh setup on your system:
composer create-project --prefer-dist laravel/laravel LaraMulti
Step 2: Connecting App to Database
Then visit to laravel app project .env file and add database credential:
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=here your database name here
DB_USERNAME=here database username here
DB_PASSWORD=here database password here
Step 3: Update migration and model
Open the creates_users_table.php migration file, which is placed on Database/migration and update the following code into it:
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('users', function (Blueprint $table) {
$table->id();
$table->string('name');
$table->string('email')->unique();
$table->timestamp('email_verified_at')->nullable();
$table->string('password');
$table->tinyInteger('type')->default(0);
/* Users: 0=>User, 1=>Admin, 2=>Manager */
$table->rememberToken();
$table->timestamps();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::dropIfExists('users');
}
};
Now, open User.php and update following code into it:
<?php
namespace App\Models;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Laravel\Sanctum\HasApiTokens;
use Illuminate\Database\Eloquent\Casts\Attribute;
class User extends Authenticatable
{
use HasApiTokens, HasFactory, Notifiable;
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name',
'email',
'password',
'type'
];
/**
* The attributes that should be hidden for serialization.
*
* @var array
*/
protected $hidden = [
'password',
'remember_token',
];
/**
* The attributes that should be cast.
*
* @var array
*/
protected $casts = [
'email_verified_at' => 'datetime',
];
/**
* Interact with the user's first name.
*
* @param string $value
* @return \Illuminate\Database\Eloquent\Casts\Attribute
*/
protected function type(): Attribute
{
return new Attribute(
get: fn ($value) => ["user", "admin", "manager"][$value],
);
}
}
Then runt the following command on command for creating this field into the database.
php artisan migrate
Then install laravel 9 UI in your project using the below command:
composer require laravel/ui
Now, run the below command on terminal for creating login, registration, forget password and reset password blade files:
php artisan ui bootstrap --auth
Then run the following commands:
npm install npm run dev
Step 4: Create Middleware and Setting up
To create a middleware for checking the users. Who can access the admin area or who can access the normal user area.
php artisan make:middleware UserAccess
After creating a middleware, visit to app/Http/middleware directory and open UserAccess.php file. And update the code in this handle function.
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
class UserAccess
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse) $next
* @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
*/
public function handle(Request $request, Closure $next, $userType)
{
if(auth()->user()->type == $userType){
return $next($request);
}
return response()->json(['You do not have permission to access for this page.']);
/* return response()->view('errors.check-permission'); */
}
}
Then register this middleware in the app/Http/Kernel.php. So, open kernal.php and add the following $routeMiddleware property in it:
....
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'user-access' => \App\Http\Middleware\UserAccess::class,
];
....
Step 5: Make Routes
Visit to routes directory and open web.php file. Then add the following routes into it:
<?php
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\HomeController;
/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| contains the "web" middleware group. Now create something great!
|
*/
Route::get('/', function () {
return view('welcome');
});
Auth::routes();
/*------------------------------------------
--------------------------------------------
All Normal Users Routes List
--------------------------------------------
--------------------------------------------*/
Route::middleware(['auth', 'user-access:user'])->group(function () {
Route::get('/home', [HomeController::class, 'index'])->name('home');
});
/*------------------------------------------
--------------------------------------------
All Admin Routes List
--------------------------------------------
--------------------------------------------*/
Route::middleware(['auth', 'user-access:admin'])->group(function () {
Route::get('/admin/home', [HomeController::class, 'adminHome'])->name('admin.home');
});
/*------------------------------------------
--------------------------------------------
All Admin Routes List
--------------------------------------------
--------------------------------------------*/
Route::middleware(['auth', 'user-access:manager'])->group(function () {
Route::get('/manager/home', [HomeController::class, 'managerHome'])->name('manager.home');
})
Step 6: Update HomeController
Now open the HomeController.php file, which is placed on app/Http/Controllers/ directory. Then add the following code into it:
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
class HomeController extends Controller
{
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('auth');
}
/**
* Show the application dashboard.
*
* @return \Illuminate\Contracts\Support\Renderable
*/
public function index()
{
return view('home');
}
/**
* Show the application dashboard.
*
* @return \Illuminate\Contracts\Support\Renderable
*/
public function adminHome()
{
return view('adminHome');
}
/**
* Show the application dashboard.
*
* @return \Illuminate\Contracts\Support\Renderable
*/
public function managerHome()
{
return view('managerHome');
}
}
Step 7: Create Blade View
Visit resources/views directory and create some blade view files.
Open the resources/views/home.blade. file and update the below code.
@extends('layouts.app')
@section('content')
<div class="container">
<div class="row justify-content-center">
<div class="col-md-8">
<div class="card">
<div class="card-header">Dashboard</div>
<div class="card-body">
@if(auth()->user()->is_admin == 1)
<a href="{{url('admin/routes')}}">Admin</a>
@else
<div class=”panel-heading”>Normal User</div>
@endif
</div>
</div>
</div>
</div>
</div>
@endsection
Now, I checked the user profile. If it is admin, it will navigate to the admin area. Otherwise, it will redirect to users area.
Create adminHome.blade.php file inside resources/views/ directory and update the following code:
@extends('layouts.app')
@section('content')
<div class="container">
<div class="row justify-content-center">
<div class="col-md-8">
<div class="card">
<div class="card-header">{{ __('Dashboard') }}</div>
<div class="card-body">
You are a Admin User.
</div>
</div>
</div>
</div>
</div>
@endsection
Create managerHome.blade.php file inside resources/views/ directory and update the following code:
@extends('layouts.app')
@section('content')
<div class="container">
<div class="row justify-content-center">
<div class="col-md-8">
<div class="card">
<div class="card-header">{{ __('Dashboard') }}</div>
<div class="card-body">
You are a Manager User.
</div>
</div>
</div>
</div>
</div>
@endsection
Step 8: Update on LoginController
Update methods in loginController, so go to app/Http/Controllers/Auth/ and open loginController.php file and add the following code into it:
<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
class LoginController extends Controller
{
/*
|--------------------------------------------------------------------------
| Login Controller
|--------------------------------------------------------------------------
|
| This controller handles authenticating users for the application and
| redirecting them to your home screen. The controller uses a trait
| to conveniently provide its functionality to your applications.
|
*/
use AuthenticatesUsers;
/**
* Where to redirect users after login.
*
* @var string
*/
protected $redirectTo = RouteServiceProvider::HOME;
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest')->except('logout');
}
public function login(Request $request)
{
$input = $request->all();
$this->validate($request, [
'email' => 'required|email',
'password' => 'required',
]);
if(auth()->attempt(array('email' => $input['email'], 'password' => $input['password'])))
{
if (auth()->user()->type == 'admin') {
return redirect()->route('admin.home');
}else if (auth()->user()->type == 'manager') {
return redirect()->route('manager.home');
}else{
return redirect()->route('home');
}
}else{
return redirect()->route('login')
->with('error','Email-Address And Password Are Wrong.');
}
}
}
Step 9: Create Seeder
Run the following command on terminal to create seeders; is as follows:
php artisan make:seeder CreateUsersSeeder
Then visit to database/seeders/ directory and open CreateUsersSeeder.php. And add the following code into it:
<?php
namespace Database\Seeders;
use Illuminate\Database\Console\Seeds\WithoutModelEvents;
use Illuminate\Database\Seeder;
use App\Models\User;
class CreateUsersSeeder extends Seeder
{
/**
* Run the database seeds.
*
* @return void
*/
public function run()
{
$users = [
[
'name'=>'Admin User',
'email'=>'[email protected]',
'type'=>1,
'password'=> bcrypt('123456'),
],
[
'name'=>'Manager User',
'email'=>'[email protected]',
'type'=> 2,
'password'=> bcrypt('123456'),
],
[
'name'=>'User',
'email'=>'[email protected]',
'type'=>0,
'password'=> bcrypt('123456'),
],
];
foreach ($users as $key => $user) {
User::create($user);
}
}
}
Execute the following command on terminal to seed from seeders; is as follows:
php artisan db:seed --class=CreateUsersSeeder
Step 10: Run development server
Run the following command on command prompt to start development server:
php artisan serve
Be First to Comment