Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

pdlbibek's avatar

Laravel 6, Multi Auth Routing

Hello everyone,

I've currently implemented multi-auth guard to enable student login. I have a student table and I can successfully log in with the student account and it redirects me to students route (which has a middleware 'middleware'=> 'auth:student'). The redirect is defined in RedirectIfAuthenticated.php.

Now, what I want to do is access other routes, which will be common for every users. But unable to access atm.

  1. I tried to access routes with no middleware defined, but it throws "Trying to get property of non-object" error for auth()->user() which is on header.blade.php (common header file)

  2. Also, I tried to access routes with 'middleware'=> ['auth', 'auth:student'], cant access the page from either of the user. Routes with only 'middleware'=> ['auth:student'] works fine for student user, and Routes with only 'middleware'=> ['auth'] works fine for admin user.

Feel free to ask for any clarification and will be there asap. Thanks

0 likes
12 replies
mcbates's avatar

@pdlbibek Can you please share your routes files web.php and the header.blade.php?

pdlbibek's avatar

@mcbates Here are my routes

Route::get('schools', function () {
    return view('schools/index');
})->name('schools');

Route::group(['prefix'=>'admin', 'namespace' => 'Dashboard', 'middleware'=> ['auth','auth:student'] ], function () {

    Route::get('home', 'DashboardController@display')->name('admin.home');

    Route::get('users', 'UserlistController@display')->name('admin.userlist');
    Route::post('users', 'UserlistController@store')->name('admin.create');
    Route::delete('users/{id}', 'UserlistController@destroy')->name('admin.deleteuser');

});

Route::group(['prefix'=>'student', 'namespace' => 'Students', 'middleware'=> 'auth:student' ], function () {
    Route::get('all', 'StudentsController@display')->name('student.all');
    Route::delete('all/{id}', 'StudentsController@destroy')->name('student.delete');
    Route::post('all', 'StudentsController@store')->name('student.store');

});

and the part of header.blade where auth() is used

<span class="thumb-sm avatar pull-right m-t-n-sm m-b-n-sm m-l-sm">
    <img src="{{asset('img')}}/{{ auth()->user()->useravatar }}" alt="...">
    <i class="on md b-white bottom"></i>
</span>
<span class="hidden-sm hidden-md">{{ auth()->user()->name }}</span> <b class="caret"></b>
fylzero's avatar

@pdlbibek If your student middleware is registered as student... use that, not auth:student

Route::get('schools', function () {
    return view('schools/index');
})->name('schools');


Route::prefix('admin')->namespace('Dashboard')->middleware(['auth', 'student'])->group(function () {
    Route::get('home', 'DashboardController@display')->name('admin.home');

    Route::get('users', 'UserlistController@display')->name('admin.userlist');
    Route::post('users', 'UserlistController@store')->name('admin.create');
    Route::delete('users/{id}', 'UserlistController@destroy')->name('admin.deleteuser');

});

Route::prefix('student')->namespace('Students')->middleware(['auth', 'student'])->group(function () {
    Route::get('all', 'StudentsController@display')->name('student.all');
    Route::delete('all/{id}', 'StudentsController@destroy')->name('student.delete');
    Route::post('all', 'StudentsController@store')->name('student.store');

});
1 like
pdlbibek's avatar

@fylzero Now the real thing is, if I use 'student'and not 'auth:student', I'll have an issue with the common templates files like header.blade.php where I am using auth()->user() because I don't get the data for logged user.

fylzero's avatar

@pdlbibek I'm not familiar with what you're describing. auth()->user() would be a reference to the authed user. Where are you getting this from? Can you share some documentation that supports that you should be placing auth: in front of your custom middleware? This works for auth:api because it is defined as such. You defined your middleware as student not auth:student. That seems like it will break.

I may be wrong... I'm just not familiar with what you are describing. If there is documentation for this, please share. If not... may try changing this and see if it helps.

1 like
pdlbibek's avatar

@fylzero So, I have a header/footer template which is common for every page. The header shows the logged user information like avatar & name (I've also mentioned the part of header.blade.php where auth()-user()->name is used).

Now, when an admin is logged in, his name/avatar is displayed perfectly, he can access routes with no middleware defined or defined with 'auth'

When a student user is logged in, s/he can access routes defined only with 'middleware'=>'student' or 'middleware'=>'auth:student' (why 'auth:student' is working here?) and the logged user information in the header is only visible when 'auth:student' is used, strange! but it throws error Trying to get property 'useravatar' of non-object when 'student' is used.

This is why I am confused about 'auth:student'

fylzero's avatar

@pdlbibek Does auth:student "work" if you remove / comment out student middleware from kernel.php? If so... I'm guessing it just isn't doing anything as it isn't defined... otherwise maybe Laravel is doing magic. Idk

You may also need to run composer dump-autoload since you've changed it for it to update.

Your useravatar error is clearly yet another different issue. Figure out where that is and try to figure out the type of output that is. Clearly you are trying to reference something as an object that is not an object.

1 like
pdlbibek's avatar

auth:student still works after commenting out the student middleware from the kernel and after dump-autoload

useravatar is one of the logged user information like name (I've also mentioned the part of header.blade.php where auth()-user()->name is used). I don't know why there are no logged user data on auth()-user() when student middleware is used and the data are available once you use auth:student

fylzero's avatar

@pdlbibek I know you're learning but you really should work on smaller pieces of the app and make sure each thing is working as you go along. Try to narrow down the issue. Maybe fire up a fresh copy of laravel and use that to bench test core concepts like how middleware works. I'm kind of assuming there is a lot wrong with your codebase as you keep running into issue after issue. Try to figure it out and narrow down your questions when you get stuck. It just seems like you've got kind of a rat's nest on your hands at this point tbh.

1 like
pdlbibek's avatar

@fylzero Yeah, I have been wandering from tutorials to tutorials, and it's kinda annoying to bump into issues again & again. And quite challenging coz I am on my own through this journey and you guys have been an amazing help. Thank you!

I believe I have properly followed this tutorial: https://pusher.com/tutorials/multiple-authentication-guards-laravel#create-the-database and this https://www.youtube.com/watch?v=gpACQXVX2kA

Both are directing me toward the same process but I am having some hard time now.

fylzero's avatar

@pdlbibek Honestly, following tutorials like this are better geared for once you understand the core concepts. Don't forget, I can see your profile on here and you have not completed a single lesson on Laracasts. Take the time to watch core concept videos. I know you probably just want to build something quickly, but if you don't have a solid foundation of core concepts, it is going to be really frustrating when you keep hitting walls.

90% of tutorials I've followed wind up not working perfectly. Fake statistics aside, you almost always wind up hitting weird things that aren't documented in tutorials.

Stand up a fresh copy of Laravel so you can "bench-test" middleware without anything else breaking. Once you fully have that working and understand that. Implement it in your app with the confidence that it "should" be working correctly. Then move on to the next problem.

I really hope this doesn't come off as condescending, I'm just saying this to help. We all have our own learning style and I totally can relate to wanting to just blast into creating an app... trust me, it will be MUCH less painful if you take your time and watch some videos on this site. ;)

1 like
pdlbibek's avatar
pdlbibek
OP
6 years ago
Best Answer
Level 1

Thanks @fylzero I solved my problem and now I am a bit aware of core concept regarding middlewares & guards. I am afraid that I made this bit unclear but when I said I was using middlewares like this 'middleware'=> ['auth:student'] I meant that I was using the guards with middleware auth and wanted to know how I can pass multiple guards in the middleware so that I can access the routes from multiple guards (i.e. multiple users). But things went towards my another middleware student and I was suggested to use the middleware student which was a wrong process.

So, Here's the part of my routes.php now, where I've used 'auth' middleware with both 'web,student' guards so that I can access the routes from both the users:

Route::group(['prefix'=>'student', 'namespace' => 'Students', 'middleware'=> 'auth:web,student' ], function () {
    Route::get('all', 'StudentsController@display')->name('student.all');
    Route::delete('all/{id}', 'StudentsController@destroy')->name('student.delete');
    Route::post('all', 'StudentsController@store')->name('student.store');
});

Here on 'middleware'=> 'auth:web,student' auth is a middleware whereas 'web' & 'student' are the guards. Hence, 'auth:web,student' means routes are accessible to authenticated users from both web & student guards.

Thanks!

4 likes

Please or to participate in this conversation.