mardi 29 janvier 2019

Issue with Laravel 5.7 Authentication - multi auth

I am trying to implement a user registration system in Laravel 5.7 where I am facing an issue.

I have two tables for Users- Admin(created by copying default Laravel auth), new routes, new middleware for admin. Every thing works fine while using guards.

But the issue started when I wanted to limit the user login and add Approve/Disapprove functionality.

I tried to add a extra column - admin(boolean) to the Users.

In Login controller - LoginController.php Page, I added

  protected function authenticated($request, $user)
    {
        if ( $request->user()->admin != 1)
        // if($user->admin != 1)
        {
            return redirect()->route('approval');
        }
        else
        {
            return redirect('/engineer');
        }
    }

when the admin is 1 I an directed to '/enginner' where as in other case I am directed to 'approval'.

Its also working as desired!.

The real issue I am now facing is that if I try to access the 'engineer' using user whose not approved I am able to access the page. I am not sure how to restrict it. The page is still restricted to public.

Since the controller will be accessed by both the user and admin, I used __construct in the controller

web.php

Route::resource('engineer', 'engineerController');

engineerController.php

public function __construct()
        {
            $this->middleware('auth:web,admin');
        }

I am a self learner and new to laravel. I am pretty sure that I am not following the right practice. I started something and was trying to follow it till I finish. Please guide me through it.

Along with it please let me how could I have done it better.



via Chebli Mohamed

Aucun commentaire:

Enregistrer un commentaire