how to implement role wise multiple authentication in Laravel

You want multiple authentication using a single users table and a role (or user_type) column to differentiate admins, sellers, customers, etc. No separate tables. I’ll explain step by step with examples.

Step 1: Install Laravel

If you don’t have a Laravel project yet:

composer create-project laravel/laravel multi-auth
cd multi-auth
php artisan serve

Step 2: User Table Setup

If your users table doesn’t have a role column yet, add it via migration:

php artisan make:migration add_role_to_users_table --table=users

In the migration file:

public function up(): void
{
Schema::table('users', function (Blueprint $table) {
$table->string('role')->default('user'); // roles: admin, seller, user
});
}public function down(): void
{
Schema::table('users', function (Blueprint $table) {
$table->dropColumn('role');
});
}

Run migration:

php artisan migrate

Step 3: Add Role Column to User Model

Open app/Models/User.php and make sure role is fillable:

protected $fillable = [
'name',
'email',
'password',
'role', // add this
];

Step 4: Single Login Form

Create a login route and controller. We’ll use a single login form for all users:

Route in web.php:

use App\Http\Controllers\Auth\LoginController;

Route::get('login', [LoginController::class, 'showLoginForm'])->name('login');
Route::post('login', [LoginController::class, 'login']);
Route::post('logout', [LoginController::class, 'logout'])->name('logout');

Step 5: Login Controller

Create controller:

php artisan make:controller Auth/LoginController

Controller code:

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;

class LoginController extends Controller
{
public function showLoginForm()
{
return view('auth.login');
}

public function login(Request $request)
{
$request->validate([
'email' => 'required|email',
'password' => 'required',
]);

$credentials = $request->only('email', 'password');

if (Auth::attempt($credentials)) {
$request->session()->regenerate();

// Redirect based on role
$role = Auth::user()->role;

switch ($role) {
case 'admin':
return redirect()->intended('/admin/dashboard');
case 'seller':
return redirect()->intended('/seller/dashboard');
default:
return redirect()->intended('/user/dashboard');
}
}

return back()->withErrors([
'email' => 'The provided credentials do not match our records.',
]);
}

public function logout(Request $request)
{
Auth::logout();
$request->session()->invalidate();
$request->session()->regenerateToken();
return redirect('/login');
}
}

Step 6: Create Middleware for Role-Based Access

php artisan make:middleware RoleMiddleware

app/Http/Middleware/RoleMiddleware.php:

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;

class RoleMiddleware
{
public function handle(Request $request, Closure $next, ...$roles)
{
if (!Auth::check()) {
return redirect('/login');
}

if (!in_array(Auth::user()->role, $roles)) {
abort(403, 'Unauthorized');
}

return $next($request);
}
}

protected $routeMiddleware = [
// ...
'role' => \App\Http\Middleware\RoleMiddleware::class,
];

Step 7: Protect Routes by Role

Route::middleware(['auth', 'role:admin'])->group(function () {
Route::get('/admin/dashboard', function () {
return 'Admin Dashboard';
});
});Route::middleware(['auth', 'role:seller'])->group(function () {
Route::get('/seller/dashboard', function () {
return 'Seller Dashboard';
});
});

Route::middleware(['auth', 'role:user'])->group(function () {
Route::get('/user/dashboard', function () {
return 'User Dashboard';
});
});

Step 8: Create Login Blade View

resources/views/auth/login.blade.php:

<form method="POST" action="{{ route('login') }}">
@csrf
<input type="email" name="email" placeholder="Email">
<input type="password" name="password" placeholder="Password">
<button type="submit">Login</button>
</form>

Step 9: Seed Some Users

php artisan tinker

use App\Models\User;
use Illuminate\Support\Facades\Hash;
User::create([ 
'name' => 'Admin User',
'email' => 'admin@example.com',
'password' => Hash::make('password123'), 
'role' => 'admin' ]); 

User::create([ 
'name' => 'Seller User', 
' email' => 'seller@example.com',
'password' => Hash::make('password123'),
'role' => 'seller' 
]); 

User::create([ 
'name' => 'Normal User', 
'email' => 'user@example.com', 
'password' => Hash::make('password123'),
'role' => 'user' 
]);

Categorized in:

Laravel,

how to implement role wise multiple authentication in Laravel

Step 1: Install Laravel

Step 2: User Table Setup

Step 3: Add Role Column to User Model

Step 4: Single Login Form

Step 5: Login Controller

Step 6: Create Middleware for Role-Based Access

Step 7: Protect Routes by Role

Step 8: Create Login Blade View

Step 9: Seed Some Users

how to implement multiple authentication with separate guards in Laravel

how to insert multiple dynamic fields into multiple tables using jquery in Laravel

Leave a Reply Cancel reply

Press ESC to close

Step 1: Install Laravel

Step 2: User Table Setup

Step 3: Add Role Column to User Model

Step 4: Single Login Form

Step 5: Login Controller

Step 6: Create Middleware for Role-Based Access

Step 7: Protect Routes by Role

Step 8: Create Login Blade View

Step 9: Seed Some Users

how to implement multiple authentication with separate guards in Laravel

how to insert multiple dynamic fields into multiple tables using jquery in Laravel

More in this CategoryLaravel

Leave a Reply Cancel reply