Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
Hello, I'm very confused with all the verification options on Laravel.
Using laravel 8.
I want to allow only certain roles to access my admin dashboard.
I have this middleware:
public function handle(Request $request, Closure $next)
{
if(Auth::user()->hasRole('Admin') || Auth::user()->hasRole('User') || Auth::user()->hasRole('Super Admin'))
return $next($request);
else
abort(401);
}
I have a folder under controllers called: Admin
In this folder I have an AdminController and in it:
public function __construct()
{
$this->middleware(['auth', 'admin']);
}
I have a custom route file called: admin.php under the routes folder.
In this file I have this:
Route::group(['middleware' => ['auth', 'admin']], function() {}
In RouteServiceProviders I added:
public function boot()
{
$this->configureRateLimiting();
$this->routes(function () {
Route::prefix('api')
->middleware('api')
->namespace($this->namespace)
->group(base_path('routes/api.php'));
Route::middleware('web')
->namespace('App\Http\Controllers')
->group(base_path('routes/web.php'));
Route::middleware('web')
->namespace('App\Http\Controllers\Admin')
->group(base_path('routes/admin.php'));
});
}
The problem is if I add this: Auth::routes(['verify' => true]); to the route file (routes/admin.php) I get this error:
Target class [App\Http\Controllers\Admin\App\Http\Controllers\Auth\LoginController] does not exist.
Do I need it? If so how do I fix this problem? Doesn't the Route::group(['middleware' => ['auth', 'admin']] enough to protect the route?
So many options to protect routes I got lost.
I don't really understand the Auth::routes('verify' => true]) function. I read about it and still don't understand.
Can anyone please help?
Auth::routes('verify' => true]) is for adding the "verify email" routes if you're using the laravel/ui package for auth.
https://github.com/laravel/ui/blob/3.x/src/AuthRouteMethods.php
If you're using something else for auth (Breeze/Jetstream/Fortify), you don't need it.
Other than that, your middleware logic looks fine.
@drehimself Thank you. I do use laravel/ui so how do I avoid the error that I get?
You seem confused between verifying emails and creating an admin user. They are not related?
@Snapey Thank you but that's not where I'm confused. I'm confused about how many ways laravel has to protect routes and do I need to use all of them. In the controller, in the routes file etc. And how do I solve the error I get with Auth::routes('verify' => true]) now that I have a custom route file.
Auth::routes() adds the basic authentication routes to your routes file, so login/logout/register/forgot password
the additional parameter (['verify' => true]) tells this function that it should also add routes associated with verifying a user's email address
There are at least three ways you can add middleware to a route, depending on your needs. You don't need to use all of them at the same time;
which approach you take depends if you can lump lots of routes together under the same middleware or if you need more fine-grained control
@Snapey Thank you very much. I still don't understand. I do need the login/logout/forgot password routes on the admin.php routes file. But I get the error I specified on my post: Target class [App\Http\Controllers\Admin\App\Http\Controllers\Auth\LoginController] does not exist. The LoginController is under Http\Controllers\Auth\LoginController. Why does it look for it under Http\Controllers\Admin.... etc. So how do I fix this error?
@SigalZ You have to import the class at the top of the routes file
use App\Http\Controllers\Auth\LoginController;
@Snapey Thanks, but that didn't help.
Still getting this error:
Target class [App\Http\Controllers\Admin\App\Http\Controllers\Auth\LoginController] does not exist.
But!!! Woohooo, I found the solution.
I had to change this code in the RouteServiceProviders: From:
Route::middleware('web')
->namespace('App\Http\Controllers\Admin')
->group(base_path('routes/admin.php'));
To:
Route::middleware('web')
->namespace($this->namespace)
->group(base_path('routes/admin.php'));
Thank you so much for trying to help. You're a star.
Please or to participate in this conversation.