A good practise to seperate admin content from user content in Laravel

Question

Working on a Laravel project to learn the framework. I just want some opinions/discussion on how to seperate for example an admin menu and admin content from a regular users content. Since Im new to the framework i do not know if my way is a good way to do this, maybe there is a better practise.

Right now i do checks in routes.php with before filters so unauthorized people not can access admin content.

Route::group(array('before' => 'superAdmin'), function()
{
    Route::get('/admin_start', array(
        'as' => 'admin_start',
        'uses' => 'HomeController@getAdminStart'
    ));
});

I have a main.blade.php layout file that determine if admin or the user menu should be shown.

<body>
    @if(Auth::check())
        @if (Auth::user()->hasRole('Superadmin'))
            @include('layout.navigationadmin')
        @else
            @include('layout.navigationuser')           
        @endif
    @endif
    @yield('content')
</body>

Is this a good/safe approach?

Answer 1

Your endpoint is protected in your code above, but if you're looking for a better way to add menu items based on user role, id recommend view composers to bind certain data to your views.

Something like:

Composers.php: Add the file app/composers.php, include it in app/start/global.php, and put this in it.

View::composer(['layouts.master'], function($view){

    if(Auth::check()){
        $authClass = 'logged-in';

        $items = MenuMaker::getInternalItems();

        if(Auth::user()->hasRole('Superadmin'))
            $items = array_merge($items, [ 'your admin items' ])

    } else {
        $items  = MenuMaker::getPublicItems();

        $authClass = 'logged-out';

        $view->with('mainNav', View::make('components.mainNavPublic', ['items' => $items]))
                ->with('authClass', $authClass);

    }

});

View:

<body class="{{ $authClass }}">
    {{ $mainNav }}
    @yield('content')
</body>

Answer 2

Depending on how structurally different the admin content and the visitor (non-authenticated) content are, and also how strictly you want to enforce your separation of concern.

Admin Page/View is really different from non-authenticated user's view

I would start with different base layout (your blade layout where you extend from). Note that this doesn't mean that they are totally separate from each other, you can always include the same fragments/partial blade view where they are commonly shared.

They are different in some panels/sub-components/etc., but otherwise they look a lot like each other

Can share the same layout, but try to re-use as many chunk of sub-views as possible. You'll know at some point when you have too many if/else statement just to include different templates; it'll probably be a good idea to rethink option 1. And if you are modularising your blade templates, it easy to do switch.

In your case, if the nav is really the only thing that differentiate admin and normal user, feel free to go for option 2. Otherwise probably option 1. Just my two cents.

Answer 3

It will work, but I wouldn't say best practice. Laravel has filters for these things, here is a good resource to build one with a login: http://culttt.com/2013/09/16/use-laravel-4-filters/