Composer
Laravel Framework 6.0+
Laravel authentication backend that provides the following features.
- Email or username authentication
- Access control using roles and permissions.
composer require delgont/auth
php artisan vendor:publish --multiauth-config
username
email
- Login Controller.
Create your custom login controller and use
Delgont\Auth\Concerns\MultiAuthCredentials
. this will overide the credentials function
<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Delgont\Auth\Concerns\MultiAuthCredentials;
use Illuminate\Http\Request;
class LoginController extends Controller
{
/*
|--------------------------------------------------------------------------
| Login Controller - Multi Authentication using email or username
|--------------------------------------------------------------------------
| Use Delgont\Auth\Concerns\MultiAuthCredentials trait
| You must override the credentials and username functions as shown below
|
*/
use AuthenticatesUsers, MultiAuthCredentials;
/**
* Where to redirect users after login.
*
* @var string
*/
protected $redirectTo = '/';
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest')->except('logout');
}
protected function credentials(Request $request)
{
return $this->multiAuthCredentials($request);
}
public function username()
{
return 'username_email';
}
}
- Your login View.
<input id="username_email" type="text" class="form-control @error('username_email') is-invalid @enderror" name="username_email" value="{{ old('username_email') }}" required autocomplete="username_email" autofocus>
@error('username_email')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
- Access Protection using roles
User can have single role or multiple roles
Using role middleware to restrict access
Use Delgont\Auth\Concerns\ModelHasRoles
trait on your authenticable model
<?php
namespace App;
use Laravel\Passport\HasApiTokens;
use Illuminate\Notifications\Notifiable;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Delgont\Auth\Concerns\ModelHasRoles;
class User extends Authenticatable
{
/*
| Use Delgont\Auth\Concerns\ModelHasRoles trait
|
*/
use ModelHasRoles;
}
Assigning roles
# Giving role using role names
$model->assignRole(['admin','accountant']);
auth()->user()->assignRole(['admin','accountant']);
Protecting routes using the role middleware
Route::get('/test', 'TestController@test')->middleware('role:admin');
Route::get('/test', 'TestController@test')->middleware('role:admin|hello');
Using permission middleware to restrict access
Route::get('/momo', 'Momo@index')->name('momo')->middleware('permission:access_momo_dashboard');
Configure your default permissions in the permissions configuration file
<?php
return [
'delimiter' => '|',
'permissions' => [
'manage_users',
'access_momo_dashbaord'
]
];
`
Roles
php artisan make:roleRegistrar Roles/ExampleRoleRegistrar
php artisan role:sync