0

How can you set up multiple authentication in Laravel 5. Out of the box you can only set up 1 authentication. What if I have a customers table and an admin table and wish to set up authentication for each - each authenticated type of user should be restricted from viewing or accessing admin pages and vis versa?

* UPDATE *

I've created a users table which holds information common to both a jobseeker and recruiter i.e. name, password etc.

I've created a roles and role_user table

I've created two separate tables to hold jobseeker_profile and recruiter_profile

How can you authenticate a user with a role of type jobseeker using the following routes?

Route::get('jobseeker/login', 'Auth\AuthController@getLogin');
Route::post('jobseeker/login', 'Auth\AuthController@postLogin');
Route::get('recruiter/login', 'Auth\AuthController@getLogin');
Route::post('recruiter/login', 'Auth\AuthController@postLogin');

And how can you secure routes once authenticated - in the following how is the middleware going to know the type of user:

Route::get('jobseeker/profile', ['middleware' => 'auth', 'uses' => 'JobseekerProfileController@show']);
Route::get('jobseeker/profile/update', ['middleware' => 'auth', 'uses' => 'JobseekerProfileController@updateProfile']);

class JobseekerProfileController extends Controller {


  public function updateProfile()
  {
    if (Auth::user())
    {
        // Auth::user() returns an instance of the authenticated user...
    }
  }

}

Laravel 5 authentication controller uses the following trait -would you edit the trait with your answer or create a new authentication controller with your answer below?

trait AuthenticatesAndRegistersUsers {

 public function postLogin(Request $request)
 {
    $this->validate($request, [
        'email' => 'required|email', 'password' => 'required',
    ]);

    $credentials = $request->only('email', 'password');

    if ($this->auth->attempt($credentials, $request->has('remember')))
    {
        return redirect()->intended($this->redirectPath());
    }

    return redirect($this->loginPath())
                ->withInput($request->only('email', 'remember'))
                ->withErrors([
                    'email' => 'These credentials do not match our records.',
                ]);
 }
}
Improve this question

2 Answers 2

Reset to default
1

You may create a roles table in your db assign role to every user accordingly and then at the time of login check what role a user have and then you can redirect/show pages accordingly. No need to create separate tables for every type of user.

Edited answer

if(Auth::attempt(['email' => $request->email, 'password' => $request->password]))
{
   //using role with an expectation that you have one relation method named role defined in User model
   //and roles table stores user type as name

   if(Auth::user()->role->name == 'admin')
   {
      return redirect()->to('/administrator/dashboard');
   }
   elseif(Auth::user()->role->name == 'jobseeker')
   {
      return redirect()->to('jobseeker/dashboard');
   }
}
Improve this answer
Sign up to request clarification or add additional context in comments.

9 Comments

different types of users have different attributes in which case it is bad database design to put all users user into a single table. To give you an example I could have a jobseeker and a recruiter. Both are users but each would have different attributes. Some attributes would be mandatory for a recruiter but not for a jobseeker and vis versa e.g a recruiter would have a foreign key to a company table. A jobseeker would have no such relationship etc.
In addition the clear distinction between the above users i.e a jobseeker and a recruiter would make it extremely difficult to define relationships within an eloquent model. If I have a single user eloquent model for both jobseeker and recruiter how would you define the relationship where a recruiter has many jobs but a jobseeker doesn't?
What I meant is use a single table for authentication and have different profile table for job seekers and companies
I've updated my db as per your suggestion but how do I authenticate the different types of users?
I think I get your point. One question though, I'm using laravel 5 and out of the box authentication controller uses the AuthenticateAndRegistersUsers trait - see edited question with the postLogin method from this trait. Would you edit this trait or would you create a new authentication controller as per your answer?
|
0

You can achieve multiple authentication by this package

https://packagist.org/packages/sarav/laravel-multiauth

For more detailed explaination check my previously return answer here

How to use authentication for multiple tables in Laravel 5

Improve this answer

3 Comments

Link-only answers are highly discouraged here because the links may become dead in the future. I suggest you edit your answer with quotes from the sources you cite.
I already tried writing, but modifiers asked me to link the previously written link instead of duplicating the answer here once again. Being new user I don ve enough points to comment or mark this question as duplicate
It's ok.But it was only a suggestion so that in future others may not mark it as a Link-only answer.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.