I’m using laravel breeze as auth scaffolding package.I want to create Multiple Authentication using laravel guards for two different registration form for two User Types (Admin, User).
The Main Idea of what I want to achieve :
I have two tables in the database one for admins and another for users what I want to achieve is if the admins choose to register an account as admin it will display a register form with specified fields for admin. after that I want to check if the user is logged in as admin or user if is logged in as admin is will redirect him/her to specified dashboard made only for admins.
It works fine for registration, but can’t login as a admin here is a simple explanation of what I want to achieve:
appModelsAdmin.php
<?php
namespace AppModels;
use IlluminateContractsAuthMustVerifyEmail;
use IlluminateDatabaseEloquentFactoriesHasFactory;
use IlluminateFoundationAuthUser as Authenticatable;
use IlluminateNotificationsNotifiable;
class Admin extends Authenticatable
{
use HasFactory, Notifiable;
protected $table = 'admins';
protected $fillable = [
'name',
'email',
'password',
];
configauth.php
<?php
return [
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
// Admin guards
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
'admin-api' => [
'driver' => 'token',
'provider' => 'admins',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => AppModelsUser::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
'admins' => [
'driver' => 'eloquent',
'model' => AppModelsAdmin::class,
],
],
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
'throttle' => 60,
],
'admins' => [
'provider' => 'admins',
'table' => 'password_resets',
'expire' => 60,
'throttle' => 60,
],
],
'password_timeout' => 10800,
];
appHttpMiddlewareRedirectIfAuthenticated.php
<?php
namespace AppHttpMiddleware;
use AppProvidersRouteServiceProvider;
use Closure;
use IlluminateHttpRequest;
use IlluminateSupportFacadesAuth;
class RedirectIfAuthenticated
{
public function handle(Request $request, Closure $next, ...$guards)
{
$guards = empty($guards) ? [null] : $guards;
// dd($guards);
foreach ($guards as $guard) {
switch ($guard) {
case 'admin':
if (Auth::guard($guard)->check()) {
return redirect()->route('admin.dashboard');
}
break;
default:
if (Auth::guard($guard)->check()) {
return redirect('/dashboard');
}
break;
}
}
return $next($request);
}
}
routesweb.php
<?php
use IlluminateSupportFacadesRoute;
use AppHttpControllersAdminRegisteredUserController;
use AppHttpControllersAdminAuthenticatedSessionController;
Route::get('/', function () {
return view('welcome');
});
Route::get('/dashboard', function () {
return view('dashboard');
})->middleware(['auth'])->name('dashboard');
require __DIR__ . '/auth.php';
Route::get('admin/dashboard', function () {
return view('backend.dashboard');
})->middleware(['auth:admin'])->name('admin.dashboard');
Route::get('/admin-register', [RegisteredUserController::class, 'create'])
->middleware('guest:admin')
->name('admin.register');
Route::post('/admin-register', [RegisteredUserController::class, 'store'])
->middleware('guest:admin');
Route::get('/admin-login', [AuthenticatedSessionController::class, 'create'])
->middleware('guest:admin')
->name('admin.login');
Route::post('/admin-login', [AuthenticatedSessionController::class, 'store'])
->middleware('guest:admin');
Route::post('/admin-logout', [AuthenticatedSessionController::class, 'destroy'])
->name('admin.logout')
->middleware('auth:admin');
appHttpControllersAdminAuthenticatedSessionController.php
namespace AppHttpControllersAdmin;
use AppHttpControllersController;
use AppHttpRequestsAdminLoginRequest;
use AppProvidersRouteServiceProvider;
use IlluminateHttpRequest;
use IlluminateSupportFacadesAuth;
class AuthenticatedSessionController extends Controller
{
public function create()
{
return view('admin.login');
}
public function store(LoginRequest $request)
{
$request->authenticate();
$request->session()->regenerate();
return redirect('admin/dashboard');
}
public function destroy(Request $request)
{
Auth::logout();
$request->session()->invalidate();
$request->session()->regenerateToken();
return redirect('/');
}
}
appHttpControllersAdminRegisteredUserController.php
<?php
namespace AppHttpControllersAdmin;
use AppHttpControllersController;
use AppModelsAdmin;
use AppProvidersRouteServiceProvider;
use IlluminateAuthEventsRegistered;
use IlluminateHttpRequest;
use IlluminateSupportFacadesAuth;
use IlluminateSupportFacadesHash;
class RegisteredUserController extends Controller
{
public function create()
{
return view('admin.register');
}
public function store(Request $request)
{
$request->validate([
'name' => 'required|string|max:255',
'email' => 'required|string|email|max:255|unique:users',
'password' => 'required|string|confirmed|min:8',
]);
Auth::login($user = Admin::create([
'name' => $request->name,
'email' => $request->email,
'password' => Hash::make($request->password),
]));
event(new Registered($user));
return redirect('admin/dashboard');
}
}
appHttpRequestsAdminLoginRequest.php
<?php
namespace AppHttpRequestsAdmin;
use IlluminateAuthEventsLockout;
use IlluminateFoundationHttpFormRequest;
use IlluminateSupportFacadesAuth;
use IlluminateSupportFacadesRateLimiter;
use IlluminateSupportStr;
use IlluminateValidationValidationException;
class LoginRequest extends FormRequest
{
public function authorize()
{
return true;
}
public function rules()
{
return [
'email' => 'required|string|email',
'password' => 'required|string',
];
}
public function authenticate()
{
$this->ensureIsNotRateLimited();
if (! Auth::attempt($this->only('email', 'password'), $this->filled('remember'))) {
RateLimiter::hit($this->throttleKey());
throw ValidationException::withMessages([
'email' => __('auth.failed'),
]);
}
RateLimiter::clear($this->throttleKey());
}
public function ensureIsNotRateLimited()
{
if (! RateLimiter::tooManyAttempts($this->throttleKey(), 5)) {
return;
}
event(new Lockout($this));
$seconds = RateLimiter::availableIn($this->throttleKey());
throw ValidationException::withMessages([
'email' => trans('auth.throttle', [
'seconds' => $seconds,
'minutes' => ceil($seconds / 60),
]),
]);
}
public function throttleKey()
{
return Str::lower($this->input('email')).'|'.$this->ip();
}
}
Advertisement
Answer
After 3 days effort i found a solution myself.
In the function authenticate() in appHttpRequestsAdminLoginRequest.php. I have replaced Auth::attempt(...) by Auth::guard('admin')->attempt(...)
public function authenticate()
{
$this->ensureIsNotRateLimited();
if (! Auth::guard('admin')->attempt($this->only('email', 'password'), $this->filled('remember'))) {
RateLimiter::hit($this->throttleKey());
throw ValidationException::withMessages([
'email' => __('auth.failed'),
]);
}
RateLimiter::clear($this->throttleKey());
}
Now it works fine for admin login and register