yNaxon's avatar

Laravel 5.4 custom guard auth

I am trying to create backend authentication.

First thing I created new Admin model which extends Laravel's default User model:

class Admin extends User
{

  protected $table = 'users';

  public function __construct() {
    parent::__construct();

    $this->attributes['admin'] = true;
  }

  public function isAdmin() {
    return $this->admin;
  }
}

then I added new admin guard in config/auth.php:

'guards' => [
    'admin' => [
        'driver' => 'session',
        'provider' => 'admins'
    ]
],
'providers' => [
    'admins' => [
        'driver' => 'eloquent',
        'model' => Modules\AdminCore\Entities\Admin::class
    ]
]

Next I created login form request:

<?php

namespace Modules\AdminCore\Http\Requests;

use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Support\Facades\Auth;

class StoreLoginSession extends FormRequest
{
    /**
     * Get the validation rules that apply to the request.
     *
     * @return array
     */
    public function rules()
    {
        return [
            'username' => 'required',
            'password' => 'required'
        ];
    }

    /**
     * Determine if the user is authorized to make this request.
     *
     * @return bool
     */
    public function authorize()
    {
        return Auth::guest();
    }

    public function persist() {
      if(! Auth::guard('admin')->attempt(['email' => $this->username, 'password' => $this->password]))
        return back()->withErrors([
          'message' => 'Wrong username or password'
        ]);

      return redirect()->route(\Config::get('admincore.routing.entryPointName'));
    }
}

And finally, Admin middleware:

<?php

namespace Modules\AdminCore\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;

class Admin
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle(Request $request, Closure $next)
    {

        if(Auth::guard('admin')->check() && Auth::guard('admin')->user()->isAdmin())
          return $next($request);

        return redirect()->route(config('admincore.routing.loginRouteName'));
    }
}

When I dump Auth::guard('admin')->user() on StoreLoginSession class I get the user instance, but on Admin middleware it returns null.

any hints what went wrong?

0 likes
1 reply
yNaxon's avatar

Solution: Route was missing 'web' middleware which is required for authentication.

Please or to participate in this conversation.