Hi,
Okay... so here is the situation.
I have a Laravel 6.2 app running and Laravel Nova 2.9.4 also running.
I am using the default guard 'web' for logging users on the front-end (Laravel 6.2 app) and I have created a custom guard called 'admin' for Laravel Nova.
Everything works great, e.g., logging in using different guards, password resets for both guards... except!
Both guards are using same file-based or database-based session, therefore when I logout of either app using either guard, I am automatically logged out of both.
Ideally, when logging out, I should only be logging out of either the 'web' guard or the 'admin' guard.
The only way I can get it work is if I use a different browser completely, such as Chrome for the Laravel 6.2 front-end app and Safari or an Incognito Chrome browser window for Laravel Nova.
Either I am missing something simple, or don't fully understand how guards work. Either way, any advice would be greatly appreciated!
Thanks! Rick
Let authentication do it's job.
Meaning authentication is saying someone is logged in. Let authorization determine what that person can or cannot do.
Bob can do admin stuff and do bookkeeping.
Sally can only do bookkeeping
Mary can do admin stuff, but cannot fumble around with the bookkeeping.
Thanks for the reply, I appreciate it!
I am using the https://github.com/spatie/laravel-permission package and setting up my permissions and roles.
Also, re: Nova, I do plan on using it in Production, but I will be the only person allowed to login and it will also be IP restricted, so it shouldn't be a problem.
I am thankful that by using a custom guard, I can have different authentication logic for both sites, on the same domain!
I was thinking of setting up a new sub-domain that points to Nova specifically or via an alias in nginx, which might do the trick as well.
Thanks again! Rick
Please or to participate in this conversation.