AdminArchitect — Authentication options
AdminAtchitect offers a various user authentication options to help identify users before they interact with missions-critical data and application.
If you’re not familiar with AdminArchitect — it will take about 4 minutes of your time to meet him.
This is the default Login screen, you’ll see each time you’re trying to access your admin zone.
As you might see, AdminArchitect defaults your identity/credentials pair to Email & Password fields. The reasonable question is — “What if I need different login scheme?”.
To allow authentication by another identity/credential pair, open your
config/administrator.php file, and change the
auth.credential key values.
For instance, for authentication by
username instead of
That will result to:
Dedicated table/Eloquent model
Another, very popular case is when you need to store your Admin users into a separated table (ex: admins). This is also surprisingly easy:
- You need the
- Then create
App\AdminEloquent model which implements
Illuminate\Contracts\Auth\Authenticatablecontract and uses
Then pin new created model in
From this moment, AdminArchitect will look into
admins table in order to find and authenticate the user.
P.S. SuperAdmin rule
Out of the box, right after installation, AdminArchitect allows you to create a new SuperAdmin user by running
php artisan administrator:create command.
But as you know, the
users table doesn’t have any specific column indicating the User’s
role. AdminArchitect handles this case by providing a pre-defined
SuperAdmin rule. Every time user is logged in, the authenticated user (ex.: App\User) is asked for an
Follow the simple flow:
- Unauthenticated user doesn’t have access to admin zone.
- If your
isSuperAdminmethod defined, AdminArchitect will allow/deny access for logged in user depending of returned value.
- Only user with
id===1can access admin zone.
Mostly, you’ll just have to implement
isSuperAdmin method for your authentication logic.
P.P.S. Conditional fetching
Sometimes you need to apply strict rules while authenticating users. It may be a custom
For this purpose you can define a special
It accepts an array of where statements which will be applied to a final query.
Keep your users under control, Thanks!