Does laratrust play well with Multi-Auth setup allowed in 5.2+ ?

[unitedworx]

I am thinking of moving from 5.1 LTS to 5.2 since I have a project that I want to separate my regular users (mainly admins) with Vendors/Suppliers stored in a 2nd table.

I wont be using groups or permissions on Suppliers but I am wondering if laratrust plays well in a Multi-Auth setup.

Anyone using laratrust in a Multi-Auth setup to share their experience ?

[santigarcor]

@unitedworx no it does not support multi-auth setup.

[unitedworx]

can you elaborate a bit further? does this mean that if I create a Multi-Auth setup this package wont work at all? or does it mean that in a Multi-Auth setup I wont be able to use lararust on secondary auth table but I will be able to use laratrast on the regular/main user table?

[santigarcor]

No no, it works using the default users auth provider.

[unitedworx]

:) I guess I will have to give it a try and see if it works or not.

When you setup multi auth you can not use Auth::user() but you have to use Auth::guard('vendor')->user(); if I understand correctly from the docs :)

[DanJFletcher]

@unitedworx How did you make out? Did you get mult-auth working?

[unitedworx]

@DanJFletcher didn't try this out yet. I still haven't decided to break apart from 5.1 LTS in order to be able to use multi-auth and try this. I am considering my options.. I am leaning towards a custom solution instead of moving away from LTS just to be able to use multi-auth.

[DanJFletcher]

Ah ok - fair enough. Thanks for getting back to me 👍

[santigarcor]

In order to make laratrust work with multi auth there has to be some changes in the database structure in order to use the polymorphic relationships that eloquent provides.

[ebbbang]

To the best of my knowledge, You should use either Multi-Auth or a Role-Permission based approach.
Both essentially complete the same requirement. I have used both, and I would suggest you to go with Roles & Permissions approach.

Auth should only be used to authenticate users not distinguish between them. Authenticate users and then check if they have the required Role or Permission.
If you want your application to scale up, use Roles and Permissions.

Let me know if you need a detailed explanation with examples.

[santigarcor]

@ebbbang So basically you are saying that applying multi auth to Laratrust is not worth it?

[ebbbang]

Exactly ...

There isn't any clear advantage to it. It's like adding sugar to a sweetner.

Hope you get my point.

[unitedworx]

@ebbbang speak for yourself! Keeping my users table clean from my vendors is my goal here. No way to merge them for the sake of authentication !

It's not adding sugar to a sweetener but keeping apples and oranges in different baskets

[santigarcor]

The change that has to be made to accomplish it is not that big so maybe i'll work on that later.

[unitedworx]

Thanks for considering this @santigarcor makes sense to support multi auth since laravel deemed this important enough to be baked in the core of the framework!

[santigarcor]

The new version will fix this, i'm working on the docs to tag a release.

[unitedworx]

wow, your time is much appreciated.