Implementing multi-authentication in Laravel allows you to manage different user types (e.g., admin, user) with separate authentication guards.
Step 1: Set Up Your Laravel Project
First, ensure you have a Laravel project set up. If not, create a new one:
1 2 |
composer create-project --prefer-dist laravel/laravel multi-auth cd multi-auth |
Step 2: Configure Authentication
If you haven’t already, install Laravel Breeze or Jetstream for basic authentication scaffolding. Here, I’ll use Breeze for simplicity:
1 2 3 4 |
composer require laravel/breeze --dev php artisan breeze:install npm install && npm run dev php artisan migrate |
Step 3: Create Different User Models
You may want to create different user models for your user types. For example, you can have User
for regular users and Admin
for admin users.
Create the Admin
model:
1 |
php artisan make:model Admin -m |
In the migration file for admins
, add the necessary fields:
1 2 3 4 5 6 7 8 9 10 |
public function up() { Schema::create('admins', function (Blueprint $table) { $table->id(); $table->string('name'); $table->string('email')->unique(); $table->string('password'); $table->timestamps(); }); } |
Run the migration:
1 |
php artisan migrate |
Step 4: Update Auth Configuration
Open config/auth.php
and add a new guard and provider for the admin users:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 |
'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'admin' => [ 'driver' => 'session', 'provider' => 'admins', ], ], 'providers' => [ 'users' => [ 'driver' => 'eloquent', 'model' => App\Models\User::class, ], 'admins' => [ 'driver' => 'eloquent', 'model' => App\Models\Admin::class, ], ], |
Step 5: Create Authentication Controllers
Create controllers for handling authentication for each user type. For example, for Admin
:
1 |
php artisan make:controller Auth/AdminAuthController |
In AdminAuthController
, implement the login and logout functionality:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
namespace App\Http\Controllers\Auth; use App\Models\Admin; use Illuminate\Http\Request; use App\Http\Controllers\Controller; use Illuminate\Support\Facades\Auth; class AdminAuthController extends Controller { public function login(Request $request) { $credentials = $request->validate([ 'email' => 'required|email', 'password' => 'required', ]); if (Auth::guard('admin')->attempt($credentials)) { return redirect()->intended('/admin/dashboard'); } return back()->withErrors([ 'email' => 'The provided credentials do not match our records.', ]); } public function logout(Request $request) { Auth::guard('admin')->logout(); return redirect('/admin/login'); } } |
Step 6: Define Routes
In your routes/web.php
, add routes for the admin authentication:
1 2 3 4 5 6 7 |
use App\Http\Controllers\Auth\AdminAuthController; Route::prefix('admin')->group(function () { Route::get('/login', [AdminAuthController::class, 'showLoginForm'])->name('admin.login'); Route::post('/login', [AdminAuthController::class, 'login']); Route::post('/logout', [AdminAuthController::class, 'logout'])->name('admin.logout'); }); |
Step 7: Create Views
Create views for the admin login form in resources/views/admin/login.blade.php
:
1 2 3 4 5 6 |
<form method="POST" action="{{ route('admin.login') }}"> @csrf <input type="email" name="email" placeholder="Email" required> <input type="password" name="password" placeholder="Password" required> <button type="submit">Login</button> </form> |
Step 8: Middleware
To protect admin routes, create a middleware:
1 |
php artisan make:middleware AdminMiddleware |
In AdminMiddleware
, check if the user is authenticated as an admin:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
namespace App\Http\Middleware; use Closure; use Illuminate\Support\Facades\Auth; class AdminMiddleware { public function handle($request, Closure $next) { if (!Auth::guard('admin')->check()) { return redirect()->route('admin.login'); } return $next($request); } } |
Register this middleware in app/Http/Kernel.php
:
1 2 3 |
protected $routeMiddleware = [ 'admin' => \App\Http\Middleware\AdminMiddleware::class, ]; |
Step 9: Protect Admin Routes
In your routes/web.php
, use the middleware to protect admin routes:
1 2 3 |
Route::prefix('admin')->middleware('admin')->group(function () { Route::get('/dashboard', [AdminDashboardController::class, 'index']); }); |
Conclusion
With this setup, you now have multi-authentication functionality in your Laravel application. You can create as many user types as needed by following similar steps, including separate models, authentication controllers, and routes. This approach provides a flexible way to manage different types of users in your application.