Best solution for three types of users

Asked

Viewed 3,930 times

8

I’m starting to frameworks MVC with Laravel 5.3

I have 3 very different types of users, OperadoresDoSistema, AnunciantesDoPortal and ClientesCompradores, who can view the ad. Each one has his sessions, his dashboards, screens of login and other resources alone.

Reading the documentation, I find only one generation of authentication for a simple type of User. What is the best solution to create authentication for the 3 types?

  • Modify this Users table by integrating it with the 3 roles?

  • Modify the Laravel generator for this purpose by creating 3 type tables User?

  • Make my own authentication manually, supported by Guards and Auth?

The best way is to use external packages?

This is good practice?

I have read this post, but it didn’t solve me:

I’ve seen it before this video also, but it seemed to subvert the Laravel:

What is the most suitable solution? Which way is Laravel’s way?

laravel laravel-5

  • What is the right version of Laravel? 5.2 already makes it very simple

  • @Miguel he’s using the 5.3 I think

  • 1

    I usually handle user permissions at hand, I like to create by access level 1 to 3 for example, and handle permissions, for example a user with permission 1 cannot use a method that needs permission 2, but this is hierarchical level and depending on what you need, It won’t do you any good

  • Hi, @Felipepaetzold! Indeed, hierarchical permissioning does not suit me in this case.

1 answer

5


From Laravel 5.2 that a multi authentication system has become simple to do (I’m pretty sure that in 5.3 the system remains the same), in this case we have two types of users to authenticate (admin and client), but can be scalable for more:

config/auth.php:

...
'guards' => [ // acrescentar aqui mais tipos de utilizadores a autenticar
    'web' => [
        'driver' => 'session',
        'provider' => 'users',
    ],
    'api' => [
        'driver' => 'token',
        'provider' => 'users',
    ],
    'admin' => [
        'driver' => 'session',
        'provider' => 'admin',
    ],
    'client' => [
        'driver' => 'session',
        'provider' => 'client',
    ],
],

'providers' => [ // acrescentar aqui mais tipos de utilizadores e respetivos models a autenticar
    'admin' => [
        'driver' => 'eloquent',
        'model' => App\Admin::class,
    ],
    'client' => [
        'driver' => 'eloquent',
        'model' => App\Client::class,
    ],
],
...

Controller/method responsible for Admin authentication in this case, login form post:

public function admin_auth() {
    $credentials = array(request()->email, request()->password);
    if(!Auth::guard('admin')->attempt($credentials, request()->has('remember_me'))) { // note que no guard estou a especificar um dos que defini em `config/auth`
        return redirect('/'); // autenticação não foi bem sucedida
    }
    return redirect('/admin/dashboard'); // se entrar foi bem sucedida
}

Then on the route /admin/dashboard, and other routes where you need to be authenticated, either client or admin:

Route::group(['middleware' => ['guest']], function() {
    Route::get('/admin/dashboard', 'AdminController@home_dashboard'); // se entrar nesta rota é porque está autenticado e vamos para home do dashboard
}

Where in the middleware RedirectIfAuthenticated we may have:

public function handle($request, Closure $next, $guard = null) {
    $guards = array('admin', 'client'); // colocar também aqui os tipos de utilizadores com rotas autenticadas, os guards definidos em config/auth.php
    $guard = $request->segments()[0]; // ajustar, neste caso o guard é o primeiro segmento do url, ex: http://exemplo.com/admin/... ou http://exemplo.com/client/..., em que o $guard vai ser admin ou client dependendo do que vem depois do ...com/
    if(in_array($guard, $guards)) {
        if(Auth::guard($guard)->check()) { // verificar se este tipo de utilizador, guard, está autenticado
            return $next($request); // bem sucedido executar o código definido na rota (controlador/metodo)
        }
    }
    return redirect('/'); // utilizador não autenticado, redirecionar
}

Browser other questions tagged laravel laravel-5

You are not signed in. Login or sign up in order to post.