Two Users Authentication with Laravel

Two Users Authentication with Laravel

·

3 min read

Short Story

As a developer, you may want to build an application that can accommodate different categories of users. For example, you want to work on a marketplace eCommerce website, where you have the customers and the business entrepreneur or a learning platform, where you have the teachers and the students. Now this are different categories of users performing different roles with different functionalities and it is important to have two separate tables to hold this user's data, therefore you will need to have two different guards to deal with their authentication.

Laravel Guard

Guards in Laravel are used to define how users are Authenticated for each request, either by session or by token. Providers, on the other hand, determine how the users are retrieved from the persistent storage. The provider just determines the model you are using for the authentication. the User model is the default.

The default guard your Laravel application comes with on installation is the session guard. It maintains the state using sessions and cookies. So whenever you call the function Auth::user(); you are automatically using the default provider. So if your application for example has students and teachers as its users, then you must have created a model for both. you can easily just create a provider and guard for the two models (Student and Teachers ).

Laravel Docs

Configuration.

The first step is to configure your application [ create a new provider for the student and teacher model and register them as guards ]. To do this, you will move to Auth.php file in the config folder. it's just a PHP file returning your configurations. so by default, you will see the web and api guard with the user's provider for both of them.

    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],
        'api' => [
            'driver' => 'token',
            'provider' => 'users',
            'hash' => false,
        ],
    ],

You can create more guards by adding an array in the format below.

    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],
      'student' => [
            'driver' => 'session',
            'provider' => 'students',
        ],
      'teacher' => [
            'driver' => 'session',
            'provider' => 'teachers',
        ],
        'api' => [
            'driver' => 'token',
            'provider' => 'users',
            'hash' => false,
        ],
    ],

While student and teachers are the recently added guards, their respective providers are students and teachers. which also needs to be configured as we are yet to do that.

So, to create the providers, you will see providers array something like this:

'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model' => App\Models\User::class,
        ],
    ],

Just like the guard, you can just create new arrays using the same format as it is above, with the name of the providers as indicated in the guard.

'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model' => App\Models\User::class,
        ],
       'students' => [
            'driver' => 'eloquent',
            'model' => App\Models\Student::class,
        ],
       'teacher' => [
            'driver' => 'eloquent',
            'model' => App\Models\Teacher::class,
        ],
    ],

the model is the class you wish the users to be authenticated from.

Functions

Now after the configuration you may want to attempt the login, logout or any other function. well, it's really easy. just as before, but this time you have to specify the guard you want the user to be authenticated by.

example

  Login function:
Auth::guard('student')->attempt([
   'email'=>$request['email'],
    'password'=>$request['password']
]);

Logout function:
Auth::guard('student')->logout();

get user information:
Auth::guard("student")->user();

Middleware

You may want to set up an auth middleware to protect a particular route. for example. students are not to have access to the teacher's dashboard page.

you can easily do that by adding auth:<guard name> to your route.

example

Route::get('/dashboard', [
App\Http\Controllers\StudentsController::class, 'index'
])->middleware('auth:student');

or

Route::post('/dashboard', [ 
    'uses'=> 'StudtenController@index',
    'as' => 'dashboard',
    'middleware'=> 'auth:student'

]);

Did you find this article valuable?

Support DevMaster by becoming a sponsor. Any amount is appreciated!