Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

codykoscielski's avatar

Learning Laravel - Admin Dashboards

Hello!

I am currently starting to learn Laravel by doing a real-world project for work. I decided to pick up Laravel because I heard how fast it is to get stuff rolling and I absolutely love the developer experience going into it!

I am looking for a bit of advice whenever it comes to setting up an admin dashboard and then also a user dashboard. I am using Laravel 10 and also Laravel Breeze. My question is - What is the best way to set up two different dashboards? I know I will want to set up two different controllers for user/admin functions but what is the "best practice" when doing something like this?

In my head, I would assume there would be one login page. Then based on that user logging in, if the authenticated user has an 'isAdmin' flag, it would route to an admin dashboard. If it was just a generic user, it would route to a normal dashboard.

If anyone has any advice or any good references on this, please let me know! I apologize if this seems pretty basic, I don't have many other developers to reach out to whenever it comes to Laravel.

Thanks in advance for your time!

0 likes
5 replies
LaryAI's avatar
LaryAI
AI
3 years ago
Level 58

Hey there!

It sounds like you're off to a great start with Laravel and Breeze. Setting up two different dashboards is definitely doable.

The best practice would be to create two separate controllers for the admin and user dashboards. You can then use the isAdmin flag to determine which dashboard to route the user to.

If you're looking for some more resources, I'd recommend checking out the Laravel Documentation for authentication and the Laracasts Forum for more tips and tricks.

Good luck and happy coding!

L0GAN's avatar

I have multiple dashboards in one of my apps and I took a similar approach as you. Here is the quick and dirty of what I did:

Controllers: Separate directories for each (Admin, User, etc.)

-  Admin/DashboardController.php (should return only views from views/admin)
-  User/DashboardController.php (should return only views from views/user)
-  AuthController.php (should only return views from views/auth)

Views: Separate directories for each (Admin, User, etc.)

- views/admin/dashboard (only admin dashboard views in this directory)
- views/user/dashboard (only user dashboard views in this directory)
- views/auth (this will hold auth views for the whole application)

We can use middleware and routing to ensure that Admins are directed to the admin dashboard and normal users are directed to the user dashboard.

Use php artisan make:middleware IsAdminMiddleware to create a middleware file titled 'IsAdminMiddleware'. Once created, you can find this file at app/Http/Middleware/IsAdminMiddleware.php. This is what my IsAdminMiddleware looks like. I've added a few comments for clarity's sake.

<?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;

class IsAdminMiddleware
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle(Request $request, Closure $next): mixed
    {
        // auth()->user() will return the currently authenticated user. We can use that to check the isAdmin flag you have on your User model
        if (!auth()->user()) return redirect()->to("/"); // no auth'd user
        if (!auth()->user()->isAdmin) return redirect()->to("/"); // user is not admin, redirect to user dashboard
        return $next($request); // user is admin as they do not meet the above conditions
    }
}

Now that we have middleware created, we need to register is with our app so that it runs during every HTTP request.

In app/Http/Kernel.php, you will find an array called middlewareAliases. We can register our new middleware by adding an entry to this array.

protected $middlewareAliases = [
        'auth' => \App\Http\Middleware\Authenticate::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class,
        'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
        'can' => \Illuminate\Auth\Middleware\Authorize::class,
        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
        'signed' => \App\Http\Middleware\ValidateSignature::class,
        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
        'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
        'admin'=> \App\Http\Middleware\IsAdminMiddleware::class, // OUR NEW ADMIN MIDDLEWARE *******
    ];

Now we can create a Route::group for our admin routes with the auth and admin middleware. If someone who's is not an admin tries to reach any of these routes, the server will return 401: Not Authorized.

Routing: My web.php is laid out as follows. Comments added for clarity.

// global routes (mostly just authentication routes)
Route::get('login', [AuthController::class, 'login'])->name('login');
Route::get('logout', [AuthController::class, 'logout']);
Route::post('login', [AuthController::class, 'attempt']);

// Administrative Only Routes
Route::group(['prefix' => 'admin',  'middleware' => ['auth',  'admin']], function () {

//Admin Dashboard
    Route::controller(AdminDashboardController::class)->group(function () {
        Route::get("/dashboard", 'index');
    });

});

// Non-Administrative (Normal User) Only Routes
Route::group(['prefix' => 'home',  'middleware' => ['auth']], function () {

//Admin Dashboard
    Route::controller(UserDashboardController::class)->group(function () {
        Route::get("/dashboard", 'index');
    });

});

NOTE: My routes have prefixes attached to each group. This means that any routes to admin resources will need to include the admin prefix like so admin/dashboard Non-admin users have the prefix of home so any routes to non-admin resources will need to include the home prefix like so home/dashboard. Non-admin users will not be able to click links like admin/dashboard and vice versa.

2 likes
codykoscielski's avatar

@l0gan

Thank you so much for this amazingly detailed response! I think after reading over this a few times, I am starting to get a better understanding of how I should implement this feature into the project (I know my very basic and still learning Laravel understanding is hurting me a bit).

For this project, I am using Breeze, will this contradict anything for the middleware? I know the auth.php file does a lot of the leg work whenever it comes to auth.

Also, I'm not sure if you can help with this as well but for the dashboard, since I am using Breeze - can I just copy/paste the dashboard blade file into an admin folder and have two different Breeze dashboards or is there more under the hood work that I would need to do?

Thanks again!

L0GAN's avatar
For this project, I am using Breeze, will this contradict anything for the middleware? I know the auth.php file does a lot of the leg work whenever it comes to auth.

Everything should still work, the only difference being that you don't need to include the authentication routes that I gave you in your web.php file. Just make sure that the routes from Auth.php are required at the bottom of the file.

Here is an updated web.php file.

// Administrative Only Routes
Route::group(['prefix' => 'admin',  'middleware' => ['auth',  'admin']], function () {

//Admin Dashboard
    Route::controller(AdminDashboardController::class)->group(function () {
        Route::get("/dashboard", 'index');
    });

});

// Non-Administrative (Normal User) Only Routes
Route::group(['prefix' => 'home',  'middleware' => ['auth']], function () {

//Admin Dashboard
    Route::controller(UserDashboardController::class)->group(function () {
        Route::get("/dashboard", 'index');
    });

});

require __DIR__.'/auth.php'; // i think breeze includes this by default but double check 

Also, I'm not sure if you can help with this as well but for the dashboard, since I am using Breeze - can I just copy/paste the dashboard blade file into an admin folder and have two different Breeze dashboards or is there more under the hood work that I would need to do?

Yes, Breeze comes with a default dashboard.blade.php that you can copy into an admin directory and reuse. If you'd like to create your own from scratch, you just need to create a new file in the directory and title it as filename.blade.php. filename can be anything you like.

Thank you so much for this amazingly detailed response! I think after reading over this a few times, I am starting to get a better understanding of how I should implement this feature into the project (I know my very basic and still learning Laravel understanding is hurting me a bit).

We're all on an endless journey of learning :) If you haven't already done so, I'd suggest completing one of the Laravel from Scratch courses on here. Once you have a good understanding of models, views, controllers, and routing, building with Laravel will be a breeze (awful pun... I know :/)

1 like
codykoscielski's avatar

@L0GAN Okay, this makes a little more sense. I think I am going to jump into the Larvel 8 from scratch and try to get a better understanding of the framework. I did a quick Udemy course, but I feel like it didn't go in as much detail as what the courses on here will do. I feel like I am missing a pretty big chunk of important information after going over your responses.

I greatly appreciate all of your help, It's been quite the journey becoming a developer and jumping from frontend JS over to PHP/Laravel. However, the little that I do know about Laravel, I absolutely love it!

The pun was good, I always appreciate a good pun!

Please or to participate in this conversation.