Skip to content
Advertisement

laravel breeze Multi Auth – Admin Guard with two diffirent registration

I’m using laravel breeze as auth scaffolding package.I want to create Multiple Authentication using laravel guards for two different registration form for two User Types (Admin, User).

The Main Idea of what I want to achieve :

I have two tables in the database one for admins and another for users what I want to achieve is if the admins choose to register an account as admin it will display a register form with specified fields for admin. after that I want to check if the user is logged in as admin or user if is logged in as admin is will redirect him/her to specified dashboard made only for admins.

It works fine for registration, but can’t login as a admin here is a simple explanation of what I want to achieve:

appModelsAdmin.php

<?php

namespace AppModels;

use IlluminateContractsAuthMustVerifyEmail;
use IlluminateDatabaseEloquentFactoriesHasFactory;
use IlluminateFoundationAuthUser as Authenticatable;
use IlluminateNotificationsNotifiable;

class Admin extends Authenticatable
{
    use HasFactory, Notifiable;
    protected $table = 'admins';
    protected $fillable = [
        'name',
        'email',
        'password',
    ];

configauth.php

<?php

return [
   
    'defaults' => [
        'guard' => 'web',
        'passwords' => 'users',
    ],

   
    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],

        'api' => [
            'driver' => 'token',
            'provider' => 'users',
            'hash' => false,
        ],

        // Admin guards
        'admin' => [
            'driver' => 'session',
            'provider' => 'admins',
        ],

        'admin-api' => [
            'driver' => 'token',
            'provider' => 'admins',
        ],
    ],

    
    'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model' => AppModelsUser::class,
        ],

        // 'users' => [
        //     'driver' => 'database',
        //     'table' => 'users',
        // ],

        'admins' => [
            'driver' => 'eloquent',
            'model' => AppModelsAdmin::class,
        ],
    ],

    
    'passwords' => [
        'users' => [
            'provider' => 'users',
            'table' => 'password_resets',
            'expire' => 60,
            'throttle' => 60,
        ],

        'admins' => [
            'provider' => 'admins',
            'table' => 'password_resets',
            'expire' => 60,
            'throttle' => 60,
        ],
    ],
    
    'password_timeout' => 10800,

];

appHttpMiddlewareRedirectIfAuthenticated.php

<?php

namespace AppHttpMiddleware;

use AppProvidersRouteServiceProvider;
use Closure;
use IlluminateHttpRequest;
use IlluminateSupportFacadesAuth;

class RedirectIfAuthenticated
{
    public function handle(Request $request, Closure $next, ...$guards)
    {
        $guards = empty($guards) ? [null] : $guards;
        // dd($guards);
        foreach ($guards as $guard) {
            switch ($guard) {
                case 'admin':
                    if (Auth::guard($guard)->check()) {
                        return redirect()->route('admin.dashboard');
                    }
                    break;

                default:
                    if (Auth::guard($guard)->check()) {
                        return redirect('/dashboard');
                    }
                    break;
            }
        }

        return $next($request);
    }
}

routesweb.php

<?php

use IlluminateSupportFacadesRoute;
use AppHttpControllersAdminRegisteredUserController;
use AppHttpControllersAdminAuthenticatedSessionController;

Route::get('/', function () {
    return view('welcome');
});

Route::get('/dashboard', function () {
    return view('dashboard');
})->middleware(['auth'])->name('dashboard');

require __DIR__ . '/auth.php';

Route::get('admin/dashboard', function () {
    return view('backend.dashboard');
})->middleware(['auth:admin'])->name('admin.dashboard');

Route::get('/admin-register', [RegisteredUserController::class, 'create'])
    ->middleware('guest:admin')
    ->name('admin.register');

Route::post('/admin-register', [RegisteredUserController::class, 'store'])
    ->middleware('guest:admin');

Route::get('/admin-login', [AuthenticatedSessionController::class, 'create'])
    ->middleware('guest:admin')
    ->name('admin.login');

Route::post('/admin-login', [AuthenticatedSessionController::class, 'store'])
    ->middleware('guest:admin');
Route::post('/admin-logout', [AuthenticatedSessionController::class, 'destroy'])
    ->name('admin.logout')
    ->middleware('auth:admin');

appHttpControllersAdminAuthenticatedSessionController.php

namespace AppHttpControllersAdmin;

use AppHttpControllersController;
use AppHttpRequestsAdminLoginRequest;
use AppProvidersRouteServiceProvider;
use IlluminateHttpRequest;
use IlluminateSupportFacadesAuth;

    class AuthenticatedSessionController extends Controller
    {
        public function create()
        {
            return view('admin.login');
        }
    
           public function store(LoginRequest $request)
        {
            $request->authenticate();
    
            $request->session()->regenerate();
    
            return redirect('admin/dashboard');
        }
    
        public function destroy(Request $request)
        {
            Auth::logout();
    
            $request->session()->invalidate();
    
            $request->session()->regenerateToken();
    
            return redirect('/');
        }
    }

appHttpControllersAdminRegisteredUserController.php

<?php

namespace AppHttpControllersAdmin;

use AppHttpControllersController;
use AppModelsAdmin;
use AppProvidersRouteServiceProvider;
use IlluminateAuthEventsRegistered;
use IlluminateHttpRequest;
use IlluminateSupportFacadesAuth;
use IlluminateSupportFacadesHash;

class RegisteredUserController extends Controller
{
    public function create()
    {
        return view('admin.register');
    }

    public function store(Request $request)
    {
        $request->validate([
            'name' => 'required|string|max:255',
            'email' => 'required|string|email|max:255|unique:users',
            'password' => 'required|string|confirmed|min:8',
        ]);

        Auth::login($user = Admin::create([
            'name' => $request->name,
            'email' => $request->email,
            'password' => Hash::make($request->password),
        ]));

        event(new Registered($user));

        return redirect('admin/dashboard');
    }
}

appHttpRequestsAdminLoginRequest.php

<?php

namespace AppHttpRequestsAdmin;

use IlluminateAuthEventsLockout;
use IlluminateFoundationHttpFormRequest;
use IlluminateSupportFacadesAuth;
use IlluminateSupportFacadesRateLimiter;
use IlluminateSupportStr;
use IlluminateValidationValidationException;

class LoginRequest extends FormRequest
{
    public function authorize()
    {
        return true;
    }

    public function rules()
    {
        return [
            'email' => 'required|string|email',
            'password' => 'required|string',
        ];
    }

    public function authenticate()
    {
        $this->ensureIsNotRateLimited();

        if (! Auth::attempt($this->only('email', 'password'), $this->filled('remember'))) {
            RateLimiter::hit($this->throttleKey());

            throw ValidationException::withMessages([
                'email' => __('auth.failed'),
            ]);
        }

        RateLimiter::clear($this->throttleKey());
    }

    public function ensureIsNotRateLimited()
    {
        if (! RateLimiter::tooManyAttempts($this->throttleKey(), 5)) {
            return;
        }

        event(new Lockout($this));

        $seconds = RateLimiter::availableIn($this->throttleKey());

        throw ValidationException::withMessages([
            'email' => trans('auth.throttle', [
                'seconds' => $seconds,
                'minutes' => ceil($seconds / 60),
            ]),
        ]);
    }

    public function throttleKey()
    {
        return Str::lower($this->input('email')).'|'.$this->ip();
    }
}

Advertisement

Answer

After 3 days effort i found a solution myself.

In the function authenticate() in appHttpRequestsAdminLoginRequest.php. I have replaced Auth::attempt(...) by Auth::guard('admin')->attempt(...)

public function authenticate()
{
    $this->ensureIsNotRateLimited();

    if (! Auth::guard('admin')->attempt($this->only('email', 'password'), $this->filled('remember'))) {
        RateLimiter::hit($this->throttleKey());

        throw ValidationException::withMessages([
            'email' => __('auth.failed'),
        ]);
    }

    RateLimiter::clear($this->throttleKey());
}

Now it works fine for admin login and register

User contributions licensed under: CC BY-SA
9 People found this is helpful
Advertisement