Laravel 5.2 admin dashboard

问题

Some laravel master's help needed. I want to make admin account login and dashboard.

Out of the box laravel provides authentication with table users. I've added table roles and a column users(role_id) so i can differ users. Many hours of searching didnt help cause in most cases it was dumb way of duplicating of native authentication with two tables for different users.

Kernel.php

protected $middlewareGroups = [
    'web' => [
        \App\Http\Middleware\EncryptCookies::class,
        \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
        \Illuminate\Session\Middleware\StartSession::class,
        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
        \App\Http\Middleware\VerifyCsrfToken::class,
    ],
    'api' => [
        'throttle:60,1',
    ],
    'admin' => [
        'web',
        'auth',
    ],
];

routes.php

Route::group(['middleware' => 'admin'], function () {
    Route::get('admin', 'LoginController@showLoginForm');
    Route::post('admin', 'LoginController@authenticate');

    Route::get('dashboard', function () {
        return view('admin.dashboard');
    });
});

LoginController.php

public function showLoginForm()
{
    return view('admin.login');
}

public function authenticate(Request $request)
{
    $credential = [
        'email' => $request['email'],
        'password' => $request['password']
    ];

    if (Auth::attempt($credential) && $this->authAdmin($credential['email']))
    {
        //SOMETHING I DONT KNOW YET
        //BUT THEN
        return redirect()->route('dashboard');
    }
}

protected function authAdmin($email = null)
{
    $user = User::where('email', $email)->first();

    if ($user->role_id == '2')
    {
        return true;
    }
    return false;
}

When i go /dashboard i see basic login form and when i enter credentials i become logged, but session is the same with simple user. I am not sure about my LoginController methods. The question is: how to differ sessions to make admin account ? Some advices about above code desired.

回答1:

I was pretty close. So here's my solution to my own question.

First of all i've added method to check the role to user model User.php

In my case it looks like

public function isAdmin() {
    $st = false;
    if ($this->role_id == 2) {
        $st = true;
    }
    return $st;
}

Then i've crated middleware IsAdmin.php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Support\Facades\Auth;

class IsAdmin
{
    public function handle($request, Closure $next)
    {
        if (Auth::check() && Auth::user()->isAdmin()) { //check the proper role
            return $next($request);
        }
        else {
            return response()
                ->view('admin.forbidden')
                ->header('Content-Type', 'text/html');
        }
    }
}

Next i've edited Kernel.php

protected $routeMiddleware = [
    'auth' => \App\Http\Middleware\Authenticate::class,
    'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
    'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
    'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
    'admin' => \App\Http\Middleware\IsAdmin::class, //my middleware
];

routes.php looks like

Route::group(['middleware' => 'web'], function () {

    Route::group(['middleware' => 'admin'], function() {
        Route::get('/dashboard', 'LoginController@dashboard');
    });
});

And LoginController.php

namespace App\Http\Controllers;

use Illuminate\Http\Request;

use App\Http\Requests;
use Auth;

class LoginController extends Controller
{
    public function __construct()
    {
        $this->middleware('auth');
    }

    public function dashboard()
    {
        return view('admin.dashboard');
    }
}

You can simply restrict or allow actions to any role this way. I hope this will help someone.

来源：https://stackoverflow.com/questions/36039931/laravel-5-2-admin-dashboard