Laravel Multi Auth using Guards with Example [Web Authentication]

As a developer, sometimes we need to develop a system where we have multiple types of roles and a table for each role type. For example users, admins, reviewers, etc…

Below are the steps on how to configure Laravel to authenticate from different tables:

Step 1: Install Laravel

First of all, we need to install a fresh Laravel 8 version application in our system using the below command, So open the terminal and run the below command:

composer create-project --prefer-dist laravel/laravel demo

Step 2: Database Configuration

In this step, we will make/change a database configuration for our project. So let’s open the .env file and fill in all details like as bellow:

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=database_name
DB_USERNAME=database_username
DB_PASSWORD=database_password

Step 3: Create migration and model for admins

To make the model and migration for admins table, run the following command:

php artisan make:model Admin -m

It will create migration and model both. From the database/migrations directory, open the admin's migrations file, and edit it as follows:

public function up()
{
    Schema::create('admins', function (Blueprint $table) {
        $table->increments('id');
        $table->string('name');
        $table->string('email')->unique();
        $table->string('password');
        $table->rememberToken();
        $table->timestamps();
    });
}

Now that we have defined our tables, let us migrate the database:

php artisan migrate

Open the Admin model in app/Models/Admin.php and add the following:

use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;
class Admin extends Authenticatable
{
    use Notifiable;
    protected $guard = 'admin';
    protected $fillable = [
        'name', 'email', 'password',
    ];
    protected $hidden = [
      'password', 'remember_token',
    ];
}

Step 4: Define the guards

Laravel guards define how users are authenticated for each request. Laravel by default provides some guards for authentication. You can check the default guards in the config/auth.php file.

Now before adding a new guard, first, we need to add the provider for that because all authentication drivers have a user provider. Let’s add a user provider for admin users where the driver is eloquent and the model is an Admin model class. After adding the provider array will look like below:

'providers' => [
    'users' => [
        'driver' => 'eloquent',
        'model' => App\Models\User::class,
    ],
   'admins' => [
        'driver' => 'eloquent',
        'model' => App\Models\Admin::class,
    ]
]

now we will create a new guard for admin users, where the driver will be session and the provider is admins. after adding that guard array will look like below:

'guards' => [
    'web' => [
        'driver' => 'session',
        'provider' => 'users',
    ],
    'admin' => [
        'driver' => 'session',
        'provider' => 'admins',
    ],
    'api' => [
        'driver' => 'token',
        'provider' => 'users',
        'hash' => false,
    ]
]

Use guard as middleware:

While working with guards we can also use a guard as a middleware. To use a guard as a middleware we need to add middleware on the group of routes or any specific route.

Route::group(['middleware' => ['auth:admin']], function() {
  Route::get('/users', [UserController::class, 'users']);
});

Whenever users URL hits in the browser, the system will first check that the logged-in user is an admin user or not. If the logged user is not admin then it returns an error message and if the user is admin then the request proceeds further.

Step 5: Updates in the controllers

Now, to login into the system as an admin user, we need to use the admin guard while login as shown below:

Auth::guard('admin')->attempt(['email' => $request->email, 'password' => $request->password], $request->get('remember'))

If we don’t pass the guard, laravel selects the default guard which is the web guard. You can change it in the config/auth.php file under the default array. and wherever you require to get the auth user data you can get it as follow:

Auth::guard('admin')->user();

You have to just add the new guard and related user provider in the config file and while checking login credentials or getting auth user data, replace the admin guard with your guard.

That’s it!