A simple role/permission authentication bundle for Laravel
- Secure password storage with salt
- Role/permission based authentication
- Exceptions for intelligent handling of errors
Run this command on the CLI:
php artisan bundle:install verify
Place the following code in
'verify' => array( auto => true )
Then change your Auth driver to
'driver' => 'verify',
Now migrate the resources for Verify:
php artisan migrate verify
You should now have all the tables imported, complete with a sample user, called admin, with a password of password.
The bundle is intentionally lightweight. You add Users, Roles and Permissions like any other Model.
$user = new Verify\Models\User; $role = new Verify\Models\Role; $permission = new Verify\Models\Permission;
All models are in the namespace 'Verify\Models\'.
The relationships are as follows:
- Roles have many and belong to Users
- Users have many and belgon to Roles
- Roles have many and belong to Permissions
- Permissions have many and belong to Roles
Relationships are handled via the ORM, too:
More information on relationships can be found in the Laravel Eloquent docs.
// Create a new Permission $permission = new \Verify\Models\Permission; $permission->name = 'delete_user'; $permission->save(); // Create a new Role $role = new Verify\Models\Role; $role->name = 'Moderator'; $role->level = 7; $role->save(); // Assign the Permission to the Role $role->permissions()->sync(array($permission->id)); // Create a new User $user = new \Verify\Models\User; $user->username = 'Todd'; $user->email = 'email@example.com'; $user->password = 'password'; // This is automatically salted and encrypted $user->save(); // Assign the Role to the User $user->roles()->sync(array($role->id)); // Using the public methods available on the User object var_dump($user->is('Moderator')); // true var_dump($user->is('Admin')); // false var_dump($user->can('delete_user')); // true var_dump($user->can('add_user')); // false var_dump($user->level(7)); // true var_dump($user->level(5, '<=')); // false
For full documentation, have a look at http://docs.toddish.co.uk/verify.