Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

Sven0188's avatar

Login ACL - multiple types of user logins

Good day,

I am building a web app that have different types of users that will obviously have access to different areas of the back end.

So for example - by types of users I mean:

  1. Teacher => where each admin will have access to all the Admin assigned areas
  2. Student => where each student will have access to only the Student area of back end where he/she will be able to see their own reports/data and not those of other students.

So for my Model I need advise.

Would it be sufficient if I use the current Laravel 4 "Users" model and perhaps have an usertype field?

I also have not done ACL before and would love to use the following article as a base: http://ollieread.com/blog/2014/03/18/a-simplified-laravel-acl/

But what would be the best approach? Please advise.

Kind regards

0 likes
7 replies
nathanrobjohn's avatar

I would recommend using the kodeine-acl package its easy to set up and works really well

Ozan's avatar

Best would be to use a great package called Entrust you really don't need to write any of this yourself.

Sven0188's avatar

Thanks for the replies :)

Are both these packages supporting Laravel 4?

Sven0188's avatar

Hi All,

I have decided to use Confide just for the authentication bit now. Later will implement Entrust for the roles permissions part.

But I need advise on my Model Diagram please...

My website will have two types of login entities:

  1. Students
  2. Instructors

These are seperate Models in my current DB as they are quite different.

With Confide you can specify your User's Model name. IOW: Confide can only use one Model as your authentication (users) Model. In my scenario I need to be able to authenticate of two Models depending on whether it is a Student or Instructor that logs in?

How will I accomplish this? Please advise :)

Sven0188's avatar

To elaborate more: Here is my Students Model

    public function up() {
        Schema::create('students', function ($table) {
            $table->increments('id');
            $table->string('name', 50);
            $table->string('surname', 50);
            $table->string('idnumber', 15)->unique();
            $table->string('emailstudent', 100)->unique();
            $table->string('emailparent', 100)->nullable();
            $table->string('phonestudent', 15)->unique();
            $table->string('nameparent', 100);
            $table->string('phoneparent', 15);
            $table->string('password', 60)->nullable();
            $table->date('dateofbirth');
            $table->date('dateofregistration')->nullable();
            $table->string('photo', 250)->nullable();
            $table->integer('bestround')->nullable();
            $table->string('studentnumber', 10)->unique();
            $table->integer('medicalschemeid')->nullable();
            $table->string('medicalschemenumber', 20)->nullable();
            $table->integer('doctorid')->nullable();
            $table->string('doctorpatientnumber', 20)->nullable();
            $table->string('relativename', 50)->nullable();
            $table->string('relativephone1', 15)->nullable();
            $table->string('relativephone2', 15)->nullable();
            $table->integer('groupid')->unsigned();
            $table->integer('qualificationid');
            $table->integer('nationalityid');
            $table->integer('statusid');
            $table->timestamps();
            $table->foreign("groupid")->references("id")->on("groups");
        });
    }

There are several fields specifically related to a Student. For Instructor Model I only require the following:

            $table->string('email')->unique();
            $table->string('password');
            $table->string("name");
            $table->string("surname");

So does it make sense to have Student & Instructor in one Table/Model?

Austin4Silvers's avatar

Hey Sven0188,

I don't think its a good idea to have Students and Instructors in one table. I had came across such situation, I remember one of my university project that had this thing ( Faculty and Students users involved ) I had designed the db the way you decided to work with and i regretted, : D

You should:

  1. create one table with id, username, email , password, userType, status , . . . .
  2. create table for student with username , other fields (as per student profile requirements)
  3. Same for Instructors. Like this structure all data

Why? ( reasons )

  1. Security reason ( Account details and profile details should be different )
  2. Scalability and Future enhancements ( add features will be lot easier, trust me )
  3. Structured
  4. Easy to modify a part of feature( or table) without disturbing all other data

Thanks , and sorry for my English ( if any )

Please or to participate in this conversation.