Open in app

Sign in

Write

Sign in

Build custom Backend/Admin authentication in Laravel

Trung Vu
2 min readMay 11, 2021

We will build a custom authentication guard allowing admin to login and logout separately from the default user guard.

First, we will create Admin model and migration by artisan:

php artisan make:model Models\Admin -m

Add code into database/migrations/XXXX_XX_XX_XXXXXX_create_admins_table.php

<?phpuse Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;class CreateAdminsTable extends Migration
{
    public function up()
    {
        Schema::create('admins', function (Blueprint $table) {
            $table->tinyIncrements('id');
            $table->string('name');
            $table->string('type');
            $table->string('mobile');
            $table->string('email')->unique();
            $table->timestamp('email_verified_at')->nullable();
            $table->string('password');
            $table->string('picture')->nullable();
            $table->boolean('status')->default(0);
            $table->rememberToken();
            $table->timestamps();
        });
    }    public function down()
    {
        Schema::dropIfExists('admins');
    }
}

Edit app/Models/Admin.php

<?phpnamespace App\Models;use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;class Admin extends Authenticatable
{
    use Notifiable;    protected $guard = 'admin';    protected $fillable = [
        'name', 'email', 'password', 'type', 'mobile', 'picture', 'status',
    ];    protected $hidden = [
        'password', 'remember_token',
    ];
}

Run artisan command:

php artisan migrate

Create and add code into database/seeds/AdminSeeder.php

php artisan make:seeder AdminSeeder<?phpuse App\Models\Admin;
use Illuminate\Database\Seeder;
use Illuminate\Support\Facades\Hash;class AdminSeeder extends Seeder
{
    public function run()
    {
        Admin::truncate();        $admin = Admin::create([
            'name' => 'Admin',
            'type' => 'admin',
            'password' => Hash::make('secret'),
            'email' => 'admin@yourdomain.com',
            'mobile' => '0909778899',
            'picture' => '',
            'status' => 1,
        ]);
    }
}

Add AdminSeeder class into database/seeds/DatabaseSeeder.php

<?phpuse Illuminate\Database\Seeder;class DatabaseSeeder extends Seeder
{
    public function run()
    {
        $this->call(AdminSeeder::class);
    }
}

Run db:seed artisan command:

php artisan db:seed

Now we need to change somewhere in config/auth.php

<?phpreturn [
    // ..    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],        'admin' => [
            'driver' => 'session',
            'provider' => 'admins',
        ],        // ..
    ],    'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model' => App\User::class,
        ],        'admins' => [
            'driver' => 'eloquent',
            'model' => App\Models\Admin::class,
        ],        // ..
    ],];

Create AdminAuth middleware:

php artisan make:middleware AdminAuth<?phpnamespace App\Http\Middleware;use Auth;
use Closure;class AdminAuth
{
    public function handle($request, Closure $next)
    {
        if (!Auth::guard('admin')->check()) {
            return redirect()->route('admin.login');
        }        return $next($request);
    }
}

Create AuthController class by artisan

php artisan make:controller Backend\AuthController<?phpnamespace App\Http\Controllers\Backend;use App\Http\Controllers\Controller;
use Auth;
use Illuminate\Http\Request;class AuthController extends Controller
{
    public function login(Request $request)
    {
        if (Auth::guard('admin')->check()) {
            return redirect()->route('admin.dashboard');
        }
        if ($request->isMethod('post')) {
            $rules = [
                'email' => 'required|email|max:255',
                'password' => 'required',
            ];
            $messages = [
                'email.required' => 'Email Address is required',
                'email.email' => 'Valid Email is required',
                'password.required' => 'Password is required',
            ];
            $this->validate($request, $rules, $messages);
            if (Auth::guard('admin')->attempt(['email' => $request->email, 'password' => $request->password])) {
                return redirect()->route('admin.dashboard');
            } else {
                return redirect()->back()->with('error', 'Invalid Email or Password');
            }
        }        return view('backend.modules.auth.login')->withTitle('Login');
    }    public function logout()
    {
        Auth::guard('admin')->logout();        return redirect()->route('admin.login');
    }
}

Add admin routes:

<?php// routes/web.phpuse Illuminate\Support\Facades\Route;Route::match(['get', 'post'], '/', 'AuthController@login')->name('login');
Route::middleware('auth:admin')->group(function () {
    Route::get('dashboard', 'DashboardController@dashboard')->name('dashboard');
    Route::get('logout', 'AuthController@logout')->name('logout');
    
});

Happy Coding:)

Laravel Framework
PHP
Authentication

--

--

Trung Vu

Written by Trung Vu

8 Followers

Full-Stack web developer.

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams