Level 2
I'd also like to know this. I am having great difficulty implementing an admin role to the Laravel 5.2 built in auth.
Apr 18, 2016
4
Level 9
Using 5.2 auth scaffold for roles
I know there are a million search results for implementing roles in Laravel, but I want to keep things ultra simple. I am using the auth scaffold that comes with 5.2 (php artisan make:auth). My app has front-end (public) users, and back-end (admin) users. For the admin users it's been easy: I put all my routes in a group with the auth middleware:
Route::group(['prefix' => 'admin', 'middleware' => 'auth'], function() {
[admin routes]
});
What I would like to do is create a similar group of front-end routes, using the same auth middleware. I saw this tutorial on passing parameters to middleware in 5.1. So something like this would be good:
Route::group(['prefix' => 'admin', 'middleware' => 'auth:public'], function() {
[front-end routes]
});
But the tutorial creates new middleware for this. Can I use the existing auth scaffolding? In the tutorial the $role parameter is where the $guard parameter is in the default handle method. What is the relation between these? Can $guard be used to create roles? I'm pretty new to this, so any advice is much appreciated.
Level 1
I'm still in the learning/experimental stage. And I know it's tempting to write some "simple" code. I was going to do the same thing. And then I started thinking about it and what all would be involved just to create a simple db-based rbac. So I did some digging and settled on Kodeine/Laravel-ACL. It's fairly easy to use and can be as complex or as simple as you want it to be.
For roles, Kodeine uses Eloquent and a HasRole trait on the user model. Most all the work is done there. Have a look at the source and you'll get some ideas if you still want to write your own.
So, after an easy install I have this:
routes.php
Route::group(
['prefix' => 'admin',
'middleware' => ['auth', 'acl'],
'is' => 'administrator', // from Kodin ACL (acl)
],
function() {
Route::get('users', 'Test\UsersController@index');
}
);
RolesTableSeeder.php
Role::create([
'name' => 'Administrator',
'slug' => 'administrator',
'description' => 'Manage administration privileges'
]);
UsersTableSeeder.php
User::create([
'name' => '...',
'email' => '...',
'password' => bcrypt('...')
])->assignRole('administrator');
user.php
<?php
namespace App;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Kodeine\Acl\Traits\HasRole;
class User extends Authenticatable
{
use HasRole;
...
}
What I like about this approach is it's a compromise between hard-coding roles/permissions and writing a gui to manage them. You can create roles and permissions right in the seeder and never have to touch a gui except to assign roles and permissions to users.
Level 17
Ive impremented this in my current project... i use Silber Bouncer package... for a very well rounded roles and permission access.... And i simple create a middleware then add it on my route, it is simple as that... I use that package simple because it is still on an active development... But it depends on your preferences, what ever package you use as long as it does what you intented to do...
On top of that there is a video here in laracast that tackes on roles and permission ACL... you should review that first , then search a package that suites you well,
that is what i did, anyway, have fun coding
Level 9
Thanks for the replies. My question was actually about modifying the existing out-of-the-box auth scaffolding, but perhaps I'll have to take your advice and use an external package...
Please or to participate in this conversation.