Advanced Laravel Authentication & Role Management System

👤 Shanta

23 Views

Oct 09, 2025

Contents

🌞 Light

🌙 Dark

Configuring Guards in auth.php

Here you’ll define multiple guards and providers inside config/auth.php.

Code Example (PrismJS-ready):

Language: PHP

// config/auth.php


'guards' => [
  'web' => [
    'driver' => 'session',
    'provider' => 'users',
  ],
  'admin' => [
    'driver' => 'session',
    'provider' => 'admins',
  ],
  'author' => [
    'driver' => 'session',
    'provider' => 'authors',
  ],
],


'providers' => [
  'users' => [
    'driver' => 'eloquent',
    'model' => App\Models\User::class,
  ],
  'admins' => [
    'driver' => 'eloquent',
    'model' => App\Models\Admin::class,
  ],
  'authors' => [
    'driver' => 'eloquent',
    'model' => App\Models\Author::class,
  ],
],

Creating Middleware for Each Role

Add role-specific middleware to protect each section of your app.

Code Example:

Language: PHP

// app/Http/Middleware/AdminMiddleware.php


namespace App\Http\Middleware;


use Closure;
use Illuminate\Support\Facades\Auth;


class AdminMiddleware
{
  public function handle($request, Closure $next)
  {
    if (!Auth::guard('admin')->check()) {
      return redirect()->route('admin.login');
    }
    return $next($request);
  }
}

Repeat similar middleware for AuthorMiddleware and UserMiddleware.

Installing Spatie Laravel Permission

Integrate a flexible RBAC (Role-Based Access Control) system using the Spatie Laravel Permission package or your own tables.

Install and publish the package configuration.

Code Example:

Language: BASH

composer require spatie/laravel-permission
php artisan vendor:publish --provider="Spatie\Permission\PermissionServiceProvider"
php artisan migrate

Defining Roles and Permissions

Code Example:

Language: PHP

use Spatie\Permission\Models\Role;
use Spatie\Permission\Models\Permission;


$admin = Role::create(['name' => 'admin']);
$author = Role::create(['name' => 'author']);
$user = Role::create(['name' => 'user']);


Permission::create(['name' => 'manage users']);
Permission::create(['name' => 'create snippet']);
Permission::create(['name' => 'approve snippet']);


$admin->givePermissionTo(['manage users', 'approve snippet']);
$author->givePermissionTo(['create snippet']);

Custom Login Controllers

Each guard (Admin, Author, User) will have its own login route, dashboard, and redirection logic.

Code Example:

Language: PHP

// app/Http/Controllers/Admin/Auth/LoginController.php
namespace App\Http\Controllers\Admin\Auth;


use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;


class LoginController extends Controller
{
  public function showLoginForm()
  {
    return view('admin.auth.login');
  }


  public function login(Request $request)
  {
    $credentials = $request->only('email', 'password');
    if (Auth::guard('admin')->attempt($credentials)) {
      return redirect()->route('admin.dashboard');
    }
    return back()->withErrors(['email' => 'Invalid credentials']);
  }


  public function logout()
  {
    Auth::guard('admin')->logout();
    return redirect()->route('admin.login');
  }
}

Protecting Routes

Code Example:

Language: PHP

// routes/admin.php


Route::middleware(['auth:admin'])->group(function () {
  Route::get('/dashboard', [AdminDashboardController::class, 'index'])
    ->name('admin.dashboard');
});

Blade Conditional for Role

Display menu items and sections dynamically based on user role.

Code Example:

Language: PHP

{{-- admin/dashboard.blade.php --}}
<ul>
  @if(auth()->user()->hasRole('admin'))
    <li><a href="{{ route('admin.users') }}">Manage Users</a></li>
  @endif


  @if(auth()->user()->hasRole('author'))
    <li><a href="{{ route('author.snippets') }}">My Snippets</a></li>
  @endif
</ul>

Role Badge Component

Code Example:

Language: PHP

<span class="px-2 py-1 text-xs rounded-full 
  {{ $role == 'admin' ? 'bg-red-100 text-red-700' : 
    ($role == 'author' ? 'bg-blue-100 text-blue-700' : 'bg-green-100 text-green-700') }}">
  {{ ucfirst($role) }}
</span>

Logout from All Sessions

Learn how to secure routes, prevent session leaks, and protect sensitive user data.

Language: PHP

auth()->logoutOtherDevices($request->password);

Enforcing Email Verification

Language: PHP

// routes/web.php
Route::middleware(['auth', 'verified'])->group(function () {
  // protected routes
});

End Result

After completing this snippet, you’ll have a fully functional, role-based authentication system where:

Admin, Author, and User each have their own login, dashboard, and permissions.
Routes are fully protected.
UI adapts dynamically to user roles.

🔗 Share Now

📦 Source Code

Download .ZIP

1.1 KB

Questions & Answers

Show release notes, version changes, or updates here.

0.0

0 reviews

5★

4★

3★

2★

1★

No reviews yet — be the first to leave feedback.

Advanced Laravel Authentication & Role Management System

Configuring Guards in auth.php

Creating Middleware for Each Role

Installing Spatie Laravel Permission

Defining Roles and Permissions

Custom Login Controllers

Protecting Routes

Blade Conditional for Role

Role Badge Component

Logout from All Sessions

Enforcing Email Verification

End Result

Ask a new question

Post a reply

Reply to this message

About SuriSnippet

Contact Us

FAQ