Implementing Multiple Authentication in Laravel 11 Using Middleware

programing tips July 17, 2021

     

Introduction

In modern web applications, it’s common to have different user types, each requiring specific authentication methods. Laravel 11 makes it easy to implement multiple authentication systems through middleware. In this blog, we’ll explore how to set up multiple authentications in Laravel 11, ensuring your application is secure and user-friendly.

Why Use Multiple Authentication?

Multiple authentication allows you to:

  • Separate user roles (e.g., admin, user, vendor).
  • Customize user experiences based on roles.
  • Enhance security by applying role-specific access controls.

Prerequisites

Before you start, ensure you have:

  • A Laravel 11 installation.
  • Basic knowledge of Laravel routing, controllers, and middleware.

Step-by-Step Guide to Implement Multiple Authentication

Step 1: Setting Up User Models

First, create different user models for each user type. For example:

php artisan make:model Admin -m
php artisan make:model Vendor -m

Update the migration files in database/migrations to add necessary fields.

Step 2: Database Migration

Run the migration to create the tables:

php artisan migrate

Step 3: Creating Authentication Controllers

Create controllers to handle authentication for each user type:

php artisan make:controller AdminAuthController
php artisan make:controller VendorAuthController

Implement login and registration methods in each controller.

Step 4: Defining Routes

In your routes/web.php, define routes for each authentication:


Route::prefix('admin')->group(function () {
    Route::get('login', [AdminAuthController::class, 'showLoginForm'])->name('admin.login');
    Route::post('login', [AdminAuthController::class, 'login']);
});

Route::prefix('vendor')->group(function () {
    Route::get('login', [VendorAuthController::class, 'showLoginForm'])->name('vendor.login');
    Route::post('login', [VendorAuthController::class, 'login']);
});

Step 5: Middleware for Role-Based Access

Create middleware to restrict access based on user roles:


php artisan make:middleware AdminMiddleware
php artisan make:middleware VendorMiddleware

In app/Http/Middleware/AdminMiddleware.php:


public function handle($request, Closure $next)
{
    if (auth()->user() && auth()->user()->role === 'admin') {
        return $next($request);
    }
    return redirect('/'); // Redirect to home for unauthorized access
}

Step 6: Register Middleware

In app/Http/Kernel.php, register your middleware:


protected $routeMiddleware = [
    // ...
    'admin' => \App\Http\Middleware\AdminMiddleware::class,
    'vendor' => \App\Http\Middleware\VendorMiddleware::class,
];

Step 7: Protect Routes with Middleware

Now, you can protect your routes using middleware:


Route::middleware(['admin'])->group(function () {
    Route::get('/admin/dashboard', [AdminDashboardController::class, 'index'])->name('admin.dashboard');
});

Route::middleware(['vendor'])->group(function () {
    Route::get('/vendor/dashboard', [VendorDashboardController::class, 'index'])->name('vendor.dashboard');
});

Step 8: Testing the Authentication

Test the authentication by attempting to log in as both admin and vendor users. Ensure each user can access only their respective dashboards.

Post a Comment

0 Comments