I am trying to implement a user registration system in Laravel 5.7 where I am facing an issue.
I have two tables for Users- Admin(created by copying default Laravel auth), new routes, new middleware for admin. Every thing works fine while using guards.
But the issue started when I wanted to limit the user login and add Approve/Disapprove functionality.
I tried to add a extra column - admin(boolean) to the Users.
In Login controller - LoginController.php Page, I added
protected function authenticated($request, $user)
{
if ( $request->user()->admin != 1)
// if($user->admin != 1)
{
return redirect()->route('approval');
}
else
{
return redirect('/engineer');
}
}
when the admin is 1 I an directed to '/enginner' where as in other case I am directed to 'approval'.
Its also working as desired!.
The real issue I am now facing is that if I try to access the 'engineer' using user whose not approved I am able to access the page. I am not sure how to restrict it. The page is still restricted to public.
Since the controller will be accessed by both the user and admin, I used __construct in the controller
web.php
Route::resource('engineer', 'engineerController');
engineerController.php
public function __construct()
{
$this->middleware('auth:web,admin');
}
I am a self learner and new to laravel. I am pretty sure that I am not following the right practice. I started something and was trying to follow it till I finish. Please guide me through it.
Along with it please let me how could I have done it better.
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire