Laravel-permission: How can i authenticate a user who has a specific permssion
I have a sub domain for 2 different types of users.
For example:
1> admin.example.com/login
2> example.com/login
now I want to allow only admin user to login on a particular sub domain.
I am trying to this in a weird way as here :point_down:
$auth = Auth::authenticate($credentials);
if($auth){
if(!Auth::user()->hasRole('admin')){
Auth::logout();
return redirect()->back();
}else{
return redirect()->to('/dashboard');
}
}
anandsiddharth
All 5 comments
Hi @anandsiddharth
You can have a look at implementing a middleware to check for the admin role and redirecting if that's not the case. You'll find a section on creating your own middleware in the readme.
Let me know if you need any help!
AlexVanderbist
on 7 Apr 2017
Thank you for your attention @AlexVanderbist
The middleware thing is slightly different from my question, I just simply want to know if their is way to authenticate only admin user in the admin auth controller not the regular user.
I have subdomains of 2 different types of users. It should act as 2 different application. One solution could be that I could redirect the specific user to his respective domain after login.
Is their any solution that I can set user role value in Auth class so that it will authenticate user with that particluar role.
anandsiddharth
on 7 Apr 2017
Personally I'm not a fan of asserting against the role a user has. In most
cases asserting against permissions is a lot easier.
What about just adding a permission "loging-to-" suffixed by the subdomain
name?
On Fri, 7 Apr 2017 at 10:17, Anand Siddharth notifications@github.com
wrote:
Thank you for your attention @AlexVanderbist
https://github.com/AlexVanderbist
The middleware thing is slightly different from my question, I just simply
want to know if their is way to authenticate only admin user in the admin
auth controller not the regular user.
I have subdomains of 2 different types of users. It should act as 2
different application. One solution could be that I could redirect the
specific user to his respective domain after login.
Is their any solution that I can set user role value in Auth class so that
it will authenticate user with that particluar role.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
https://github.com/spatie/laravel-permission/issues/253#issuecomment-292472706,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAdiDUmg_ilLm-zC_J9U3W7iVaM7UnVeks5rtfEugaJpZM4M2fUa
.
--
Freek Van der Herten https://spatie.be +32 495 84 27 91
freekmurze
on 7 Apr 2017
The package doesn't provide a way to authenticate users based on their roles or permissions out of the box.
I think the way you're doing it right now could work tho: if you want to check the roles of the user without logging the user in first you could do something like this:
$user = Auth::getProvider()->retrieveByCredentials($credentials);
if($user && $user->hasRole('admin')){
$rememberUser = true;
Auth::login($user, $rememberUser);
return redirect()->to('/dashboard');
}
return redirect()->back();
Good luck!
AlexVanderbist
on 7 Apr 2017
this is a much better way instead of authenticating and then checking,
thanx @AlexVanderbist
anandsiddharth
on 7 Apr 2017
Related issues
bhulsman
·
3Comments
dylangeorgeharbour
·
3Comments
notflip
·
3Comments
Dreambox13
·
3Comments
tripex
·
3Comments
Most helpful comment
The package doesn't provide a way to authenticate users based on their roles or permissions out of the box.
I think the way you're doing it right now could work tho: if you want to check the roles of the user without logging the user in first you could do something like this:
Good luck!