Create Multi Auth using Guards in Laravel Application

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] [Music] hello everyone my name is arish kumar and welcome to our channel in this video i am going to show you the implementation of multi-auth in laravel i have got lots of requests on this topic so here we are in laravel you can implement multi-oauth in many ways one way is using the rule-based multi-org system in this method a user may have different roles and user have some permission based on their roles and you can create role-based authentication using this laravel permission package which is very popular if you want to create role-based authentication without any package then write down in the comment section i will create a video on this as well another method for the multi-auth system is the laravel multiguard in the multi-guard you create a different tables for different role for example you have a users table for the normal users and a separate admin table for only admin users so today in this video i am going to show you how you can implement multi-oauth using laravel guards now let's start so first let's create a fresh new laravel app so in the terminal laravel new let's say app name is multi-auth no app is created so cd multi-auth and here i'll get initialized next i'm going to install this laravel themer package this package is not necessary it is just to create multiple themes and quick authentication scaffolding instead of this you can also use laravel ui or bridge package if you want to learn about this laravel themer package i have already created a video on this i will put the link of it in the video description so watch that as well now let's install this i will run this composer require command next publish this configuration now let's open this in the editor and next i am going to add this code in the root webpack dot mix file right here next now let's create a quick authentication so here i'll create a new theme so php artisan make theme so let's say theme name is front end and i'm going to use bootstrap and i do not want any javascript framework so skip this and i want to create full authentication so i'm going to publish controllers and views and it's done and next here i'll run npm install now to compile the assets for front-end team here i'll run npm run dev and hyphen f4 theme is equal to team name that is front end it has installed the additional dependencies so let's run the npm run dev command again it's compiled successfully so let's see this in the browser first i'll create a virtual host for this app using valet so valet link now in the browser i can access multi-or test so in the new tab multi-oauth door test great it's working and here we have login register page here we get error this error is because we have not set the theme so in the config theme dot php here active theme is front end now go back to browser refresh and here we go we have login register pages now let's register before that we need to set up a database so let's create a new database so valet db create let's say data name is multi-auth database is created next in the editor let's open the dot env file and here database name is multi-auth username is kirolab and database password is password is done now let's migrate so php artisan my create is done now let's register so rich richard example.com password confirm password and register and here we go we are successfully registered and logged in next let's create a admin theme so in the terminal php partition make theme let's say its name is admin and this time i am going to use tailwind so enter one and i'm not going to use any javascript framework so let's skip this now for authentication scaffolding i am going to use views only because i have already published the controllers and use for front-end theme so if i select this it is going to overwrite existing controllers that we don't want so here i will select this next i am going to run npm install now to compile assets for admin theme i am going to run npm run tab fn iphone theme is equal to admin and it's done it's compiled successfully now in the editor here we have themes directory and in this theme directory we have frontend theme and here is the new admin theme now let's create a root for admin login so in the roots directory here i'll create a new root file that is admin dot php and i'm going to add this in the web.php let's duplicate this and here i'll say require admin dot php i generally like to register the root files in the roots service provider but for now for our tutorial purpose it is ok if you want to learn how to register root files in the root service provider i have already created a dedicated video on this i will put the link of it in the video description so next in the roots admin.php here i'll create new root group and make sure to import this root right here and this root has prefix admin and next in this root group i'll add login root so root view and its path is login and this login page going to use view auth dot login that is in the theme admin views and here is the oauth this is the login blade file next i will also give a name to this root so name login and i will also pass a name here in this group so name is admin dot so now for this root its name would be admin dot login like this now let's see this in the browser so here i will navigate to this prefix admin and then login root and here we go we have login page but it has rendered the view from the front-end bootstrap theme so to set the admin theme i am going to use theme middleware so here i'll call middleware and in this middleware i am going to pass theme middleware and then admin theme like this now go back refresh target class theme doesn't exist actually i forget to register theme middleware so in the laravel themer package we need to add this themed elevator in the app http kernel.php right here in the root middlewares now go back refresh and here we have tailwind admin theme if we go to simple login page this is front-end bootstrap theme and in the admin login page we have admin tailwind theme now let's set up the multicard now to set up a multi-guard i am going to create a admin table that going to store all the admin users so let's create a admin model so php artisan make model admin model next i am going to pass m flag for migration and f for factories now it's created let's go to the editor and close all of these now let's go to the database migrations and here is the new admin table migration and here is the user table migration and i'm going to copy all these columns from the user table and paste that in this admin table and next in the factories here is the admin model factory and here is the user factory and i'm going to copy this and paste that in this admin factory right here and make sure to import this str class it's done next we have models here is the admin model and we already have a user model because this admin model is going to be used for authentication so it is necessary to extend this admin class with this authenticatable class in our case both admin and user table has similar columns so so these two models are very similar so i am going to copy all of these from the user model and paste that here and instead of user it is going to be admin class it is done now let's close this and in the roots admin dot php now here i'll create a new route which is going to send a post request to this login in root to authenticate a admin user so first let's create a controller so in the terminal php artisan make controller let's say that is in the admin and let's say controller name is auth controller done now if we see in the http controllers here we have new admin directory and in this admin directory we have auth controller now here i'll create a new route which is going to send post request to login and next here it is going to be the auth controller and it is going to use store method so let's import the source controller like this now let's create this store method in the oauth controller so method store now here in this store method is it is going to accept request dollar request now to login the user here i'm going to use oauth attempt like this and in this attempt method we need to pass email and password so let's remove it and here i'll pass dollar request only email and password and in the next argument you can also pass the remember field to remember the authentication so here i can say dollar request field that is remember like this this auth attempt method going to help us to login a user but in our case it is incomplete because we are going to use admin table for authentication so we need to create a new card let's say its name is admin and we need to specify that admin card right here so that this auth attempt will use admin card to use admin table for authentication so if we see the config auth dot php in laravel by default we have two guards that is web and api and by default it is going to use web guard so here if we do not specify any guard it is going to use web guard if we see this web guard it is using a session driver for authentication and the provider is users and this provider is created right here in this provider's array right now in these providers we have only one user's provider and it is using the laravel's eloquent driver and the model is user model it also supports the database driver so you can also use the database driver like this and this api guard is using the token driver and provider is users which is this one now let's create a admin card so let's duplicate this and guard is admin here driver is session driver and provider i'm going to create a new provider that is admins now we need to create this admins provider so let's duplicate this and here provider name is admins and it is going to use eloquent driver and model is going to be admin model similarly for password these users is using the provider users so we need to modify this and it is going to be admins and this admins going to use admins provider both admin and users can share the same password reset table now it is done let's close this and now here in this attempt we will specify guard that is admin now this time it is going to use admins table for authentication so next i'm going to copy this here i'll add a if condition so if this is not authenticated in that case i'm going to throw validation exception with the message email let's say let's say message is in valid email or password if user is successfully authenticated in that case i am going to return redirect intended path and then route admin.home and now our next modification is in the themes admin auth login.blade file here in this login form we need to set action admin dot login now let's go to browser refresh it's working now let's login a user so first we need to create a user so in the terminal i'm going to run php artisan tinker now to create admin user here i'll say admin directory and create and here i'll pass email is admin at example.com i forgot to run migration so php artisan migrate admins table is created so php artisan tinker and now creator admin user using the factory method here we have admin user now here in the browser let's try to log in these so admin at example.com password is password and login and now it has redacted to admin home root which we have not created yet so let's create this so in the admin root file so here let's create a root view and home route and it is going to render home view and its name is home because it is in this root group which has name admin dot so this root name going to be admin dot home and this view is already created in the admin theme that is in the admin views here is the home view now because this route is only accessible for logged in admin user so here i'll create a new root group let's copy this and paste this in this root group and here the middleware is going to be auth and then the guard name in our case that is admin card like this now go back to browser refresh now let's login again admin at example.com and password and login and we are successfully logged in with admin user now let's implement this logout feature as well so here i'll create a new post root which is going to send the post request to logout and the action is auth controller and method name is let's say destroy and its name is logout now let's create this method so in the auth controller here method is destroy now to log out here i'll just say oauth and then guard name that is admin and then logout like this and next after logout let's redirect to homepage and now in the themes admin theme layouts app.blade.php and right here the root name is admin.logout and in this form here is the admin dot logout is done now go back to browser now refresh logout and here we go we are successfully logged out and redirected back to home page now from here if we try to visit to the admin slash home page it has not allowed us to access the admin home page and immediately it has redacted to the this login page it is good it has not allow us to access the admin home page but instead of redirecting to this login page it should it should redirect to the admin login page right here i will fix this in a moment first let's login with the normal user so here i'll say hurry shareexample.com and password is password and here we go we are logged in now from here if i try to access the admin slash home page you can see it has not allowed us to access admin page but immediately it has redacted to the home page but actually in the background when we hit this admin home page because we are not logged in as admin so it has redacted to the login page because here we are logged in with the normal user it has redacted to this home page now let's fix this so when we hit this admin home page it should redirect to the admin login pane so to fix this we need to modify the auth middleware so in the app http kernel.php right here is the orthometal where and this oauth middleware is in the app http middlewares authenticate middleware that is right here in the middleware here is the authenticate middleware right here in this redirect method it is checking if the request is not accepting json it means it is not a jax request or api request in that case it should redirect to login page so right here i'll check if dollar request route is admin dot star so any admin route it should redirect to route admin dot login so any admin route if a user is not authenticated it should redirect to admin login page so now this time if i try to visit admin home page it will redirect to a admin login page great it's working now here is the issue it has printed the normal login user that is because right here in this login route we have not specified the admin card as i earlier said if you do not provide guard name then it is going to use default webguard so in the admin app layout right here in this guest in the parentheses i will pass guard name that is admin like this and go back and refresh and here we go now we can see it has displayed the login and registered links and right here it has displayed the logged in username to be safe here we should also pass guard admin like this now here you may say that it is very lengthy code to type so what you can do you can create a admin helper function and use that admin function like this so let's create a helper function so let's open the composer.json file and right here in the autoloads here i'm going to add a files and here i'll pass a array and in this area we will pass helper dot php like this and save this now now let's create this helper.php file so new file helper.php now in this file here i'll create a function admin and it is going to return this auth guard admin user like this make sure to import this hot facade like this now in the terminal here i need to run composer dump autoload great now in the admin app layout now right here we can say admin function and then user like this now let's see this in the browser so let's try to login with admin user and password now login here we go it is working it has displayed the admin username right here next if we are logged in with admin user and this time if i try to visit admin login page it is working but instead if we are logged in as admin user it should not allow us to visit this admin login page instead it should redirect to admin home page right here so for that first let's close these these files we will add guest middleware to these two routes so here i'll create a new root group and here i'll pass guest and then god name in our case that is admin and now cut these two routes from here and paste that in this root group like this now this time if i try to visit admin login page and immediately it has redacted to home page and that is not correct on visit this admin login page if admin user is logged in it should redirect to the admin home page right here so to fix this so if we see this guest middleware so in the app http kernel.php here is the guest middleware which is in the app https redirect if authenticated middleware that is in the middlewares redirective authenticated middleware and right here in this handle method it has checked if guard is logged in then it is redirected to the route service provider home page if we see this which is home page right here so here i'll check if dollar guard is admin in that case it should redirect to root admin dot com like this now this time if i try to visit admin login page and here we go it has detected to the admin home page great it is working now our multi guard authentication system is ready let's review it's working so first let's log out now i'm logged out from the admin user and right now i am logged in as normal user now from this normal user if i try to visit admin home page it will not allow us to visit that page let's log out let's try to visit the normal home page it is not allowed now go to the admin home that is also not allowed let's login with the admin user admin at example.com password here we go we are logged in as admin user now we have successfully implemented the multi guard authentication system in laravel application in the next video i will show you how you can implement multi-guard authentication with laravel fortify as well so thanks for watching if you like the video hit the like button share this video and don't forget to subscribe us see you in the next lesson [Music]

Info

Channel: QiroLab

Views: 20,370

Rating: undefined out of 5

Keywords: multi Auth, laravel multi Auth, laravel multiple authentication, laravel multi role authentication, multi role auth, multi guard auth, multi guard authentication, learn with qirolab, qirolab

Id: KBA22pSeoe4

Channel Id: undefined

Length: 29min 40sec (1780 seconds)

Published: Fri Mar 05 2021