Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

vincej's avatar
vincej
OP
10 years ago
Level 15

How best to redirect Admins from Users after Login & Authentication

Currently I have :

  protected $redirectPath = '/dashboard';

Which is great when you are an admin, however, I also have registered users who need to redirected to their personal account page after login.

I have looked at Jeffries lessons on ACL and on middleware and the best approach for doing this is not jumping out at me.

I have also hunted around the forum discussions and several people have solved the problem by building a dedicated login page with their own authentication against the Users table.

I would prefer not to have to reinvent the wheel when L5.1 already has authentication available.

Ideally I would like to simply redirect to the personal account page when auth::user() see's the user is not an admin.

Many thanks !

0 likes
16 replies
JillzTom's avatar
JillzTom
10 years ago
Best Answer
Level 10
protected function authenticated( $user)
    {

        if($user->user_group == '0') {
            return redirect('/dashboard');
        }

        return redirect('my-account');
    }

Create this method in your AuthController and you are good to go.

8 likes
vincej's avatar
vincej
OP
10 years ago
Level 15

@jillztom

Thanks for coming back - I'm unfamiliar with L5 authentication and I am doing something dumb, $request is greyed out implying that it is not in use. I'm probably not calling it properly. The constructor within the user ( not admins) my controller has this:

public function __construct()
    {
       $this->middleware('auth');  
    }
JillzTom's avatar

Check if you are using AuthenticatesAndRegistersUsers trait in your AuthController

andy's avatar

i"m using a mixture of 5.0.x and 5.1.x ... yeah I know ;-) but it works.

use Illuminate\Http\Request;
use App\Http\Requests\CreateRequest;

function

    public function store(
        CreateRequest $request
        )
    {
.
.
.
}

request

namespace App\Http\Requests;

use Illuminate\Foundation\Http\FormRequest;

class CreateRequest extends FormRequest {

    /**
     * Determine if the user is authorized to make this request.
     *
     * @return bool
     */
    public function authorize()
    {
        return true;
    }


    /**
     * Get the validation rules that apply to the request.
     *
     * @return array
     */
    public function rules()
    {
        return [
            'name'                  => 'required',
            'description'           => 'required',
            'status_id'             => 'required'
        ];
    }

}

view / partial ... whatever ;-)

@if ( $errors->any() )

<div class="alert alert-danger">
    <strong>Whoops!</strong>
    There were some problems with your input.
    <br><br>
    <ul>
        @foreach ($errors->all() as $error)
            <li>{{ $error }}</li>
        @endforeach
    </ul>
</div>

@endif

With L4.x you had validation and put rules in your models and all that. With 5 came the Request bit so I now put all my rules into request files and things are sorted the way I like. 5.1.x is tad different but hopefully this will help you move to the 5 series at least.

vincej's avatar
vincej
OP
10 years ago
Level 15

@jillztom

Yup it's there, I also tried adding,

use Illuminate\Http\Request;

But that is greyed out too.

andy's avatar

ooops, sort of answered something slightly different.

I built the auth functionality into a module: https://github.com/illuminate3/kagi Like I said above it's a little on the 5.0.x side but it should help.

You probably could copy/paste the files and change the namespacing and the idea of using a module is no longer necessary.

vincej's avatar
vincej
OP
10 years ago
Level 15

@jillztom sure - but what would you like ?

At this point, I am only using L5.1 authentication and views. The only think I am trying to do is redirect to /myaccount view for a user, just like you have shown. But I can't make it work.

vincej's avatar
vincej
OP
10 years ago
Level 15

@jillztom

Heah Jill, It looks like I have it working. I had to make a few minor adjustments to your code. The $request variable was a bit of a red herring. Just the $user data from the model was enough. Then, the method redirect()->intended() was also causing it to fail. I'm not sure, but it could be deprecated as it is not in 5.1. A simple redirect did it. So now it redirects great, and an award point to you ! I would suggest that you amend your answer for future visitors by adjusting the "intended"

Next I have to create implement ACL to prevent contractors accessing admin pages.

 protected function authenticated( $user)
    {

        if($user->user_group == '0') {
            return redirect('/dashboard');
        }

        return redirect('portal/contractor_invoices');
    }
vincej's avatar
vincej
OP
10 years ago
Level 15

@jillztom

Hi Jill - I don't know what happened, but when I came down to my system this morning, the code I sent you would not work. somehow the $user was no longer defined. Must have something to do with logins timing out or something, so I changed this up a bit again, and hopeful this will work no matter what. I pull in the Auth::id() , then I find the user from the DB with the id, which in turn I use to direct accordingly to either the admin dashboard or the user portal.

cheers !

    protected function authenticated( )
    {
       $id=Auth::id();

       $user = User::find($id);

        if($user->user_group == '0') {
            return redirect('/dashboard');
        }

      return redirect('portal/dashboard/'.$user->email);
    }
iamafzy's avatar

Hii @vincej

I have installed laravel master version and implementing login .I need to change URL redirection for admin and normal users.I have added this function in AuthController but nothing is happening.

Please help me out.

Thanks in advance

tyloreddy's avatar

Im using this in L5.2 inside my AuthController, where ->admin is the bool operator on my user table.

protected function authenticated()
{
        if(Auth::user()->admin) {
            return redirect('admin/dashboard');
        }

        return redirect('account/dashboard');
 }
1 like
milescato's avatar

Using L5.2, when placing the authenticated() method within the AuthController (as in posts above, see @JillzTom ), that method is detected (via PHP method_exists) and returned from the handleUserWasAuthenticated method in the AuthenticatesUsers trait. It does not exist until you add it but when you do it comes with two parameters.

protected function authenticated($request, $user) {
    // 
}

where $request is as expected and $user is the authorized $user

I checked L5.3, there the authenticated() method is defined explicitly in the trait. Same calling parameters, different implementation. I suspect the same results, but I'm only using at L5.2.

khanvuthy's avatar

I thinks blade also can help you with it.



            @if(Auth::User()->isRole('admin'))
                Setting
                Administrator 
            @elseif (Auth::User()->isRole('super-admin'))
                Super Admin
                User role 
            @elseif (Auth::User()->isRole('editor'))
                Setting
                Editor 
            @elseif (Auth::User()->isRole('author'))
                Setting
                Author 
            @elseif (Auth::User()->isRole('contributor'))
                Setting
                contributor 
            @else
                Setting
                Subscriber 
            @endif

And for action you can control by policy or middleware

dhcmega's avatar

What if the user is remember by the "remember me" checkbox? There is no execution of the authenticated method.

1 like

Please or to participate in this conversation.