Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

jericopulvera's avatar

Routing best practice for users with different roles

Routes

// AUTHENTICATED USERS
Route::group(['middleware' => 'auth'], function(){
    
    // Admin Only
    Route::group(['middleware' => 'admin'], function(){
        Route::get('admin/profile',         [ 
            'as' => 'admin.profile',            
            'uses' =>  'ProfileController@index'                     
         ]); 
    });

    // Logistics Only
    Route::group(['middleware' => 'logistic'], function(){
        Route::get('logistics/profile',         [ 
            'as' => 'logistic.profile',             
            'uses' => 'ProfileController@index' 
        ]);
    });

    // Accountant Only
    Route::group(['middleware' => 'accountant'], function(){
        Route::get('accountant/profile',        [ 
            'as' => 'accountant.profile',           
            'uses' => 'ProfileController@index'     
        ]);
    });

    // Client Only
    Route::group(['middleware' => 'client'], function(){
        Route::get('/profile',      [ 
            'as' => 'client.profile',               
            'uses' => 'ProfileController@clientProfile'
        ]);
    });
    
    // All Authenticated User
    Route::get('/check-profile', [ 
        'as' => 'check.profile',                
        'uses' => 'ProfileController@checkProfile'
    ]);
});

Profile Controller

public function checkProfile()
    {
        $role = auth()->user()->role()->first()->label;
        if ($role === 'Admin') {
            return redirect()->route('admin.profile');
        } elseif ($role === 'Logistic Officer') {
            return redirect()->route('logistic.profile');
        } elseif ($role === 'Accountant') {
            return redirect()->route('accountant.profile');
        } else {
            return redirect()->route('client.profile');
        }
    }

View

    <a href="{{ route('check.profile') }}> </a>

What's the better way right this? Is this bad practice?

0 likes
2 replies
ayekoto's avatar

show your middleware code, and assuming you are appropriately redirecting users inside your middleware,

you should need check profile function, all you just have to do is:

create a custom login code manually, then redirect there based on user roles...

Snapey's avatar
Snapey
9 years ago
Best Answer
Level 122

send everyone to the controller then deal with any differences in behaviour (such as showing a different view) there

or, if you want each to have a different profile controller then do that and dont check the role and then send them to the same controller (you currently send all to the same index method in the same controller).

Your middleware should be a simple gate

You should decide the correct route to send the user to in the view or make it so that everyone goes to the same endpoint. Resist redirecting the user to the appropriate controller as this will increase the access time.

1 like

Please or to participate in this conversation.