Hi,
i have changed my user authentication model and i have roles type in one table 'Admin' and 'Staff'. I have put an check in the controller for this, and also i am using 'middleware' => 'auth' in Route group. but problem i am facing is that if am logged in with the staff login and access any of the admin area link it takes me to the admin area. in the model i am using
use Authenticatable, Authorizable, CanResetPassword;
how can i restrict the staff user not to access the admin area. i have also tried the 'before' => 'auth' in the route file but no luck.
Looking for your positive response.
Thanks,
The auth is just checking if it's logged in, which they are so allows them.
Create another middleware which runs after the auth and checks the user to makes sure they are admin, if not then log them out and send them to the login screen.
Then include that middleware with the admin routes.
Please or to participate in this conversation.