I have an application with with 2 main user types:
users, and admins
In production both of them will be exclusively using Google Oauth2 to log in but during development I just need an email address to log them in (without password).
I want to stick to 2 models because they hugely differ (user has much more data, no roles, billable).
The different auth flows and routes are separated by the domain like this:
->withRouting(
using: function () {
Route::domain(config('app.url'))
->middleware('web')
->group(base_path('routes/user.php'));
Route::domain('admin.' . parse_url(config('app.url'), PHP_URL_HOST))
->middleware('web')
->group(base_path('routes/admin.php'));
},
commands: __DIR__ . '/../routes/console.php',
)
I have already researched this a lot and I have created multiple guards and providers for auth:
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => env('AUTH_MODEL', App\Models\User::class),
],
'admins' => [
'driver' => 'eloquent',
'model' => env('AUTH_MODEL', App\Models\Admin::class),
],
],
I have also added auth:admin and auth:web guards to the appropiate routes. But I always run into so many errors. Is there a straightforward guide for this?
I have tried this: https://dev.to/cammanhhoang/how-to-implement-multiple-authentication-in-laravel-l13
But this does not use Laravel 11+ features.
Also I have added this middleware:
$middleware->redirectGuestsTo(function () {
if (isAdminDomain(request()->getHost())) {
Auth::shouldUse('admin');
return route('admin.login');
} else {
Auth::shouldUse('web');
return route('user.login');
}
});
But I do not know if I am doing it right.
Also how should sessions should be handled in this case?
Thanks in advance!
