Multi auth using one table Laravel 5.4

Question

I want to use the multi authentication Laravel but with only one table "users"

How can I implement this?

Answer 1

Separate drivers and models for each type of user that requires authentication is the correct way to go. You can read this thread, and learn more about it. With that being said, if you want something quick but not so secure and extensible, you could do the following:

You could have a flag in your Users migration that determines the type of user like so:

public function up()
    {
        Schema::create('users', function (Blueprint $table) {
            $table->increments('id');
            $table->string('name');
            $table->string('email')->unique();
            $table->string('password');
            $table->unsignedInteger('user_type');
            $table->rememberToken();
            $table->timestamps();
        });
    }

For this example, we will have a regular user as a type 1 and an Admin as a type 2.

Then, you could create a middleware that checks if the user has the required 'user_type' flag every single time your regular user programming logic differs to that of the admin. You could also check upon the instantiation of a specific Controller.

In this example, we'll create two middleware, one for the regular user, and another for the admin. This will protect the same User driver/model with different user type accessing each other resources, again, by using the attribute user_type we defined in the migration.

Creating the two middleware:

php artisan make:middleware UserMiddleware

and

php artisan make:middleware AdminMiddleware

We register them in our Kernel.php. It should look like this:

protected $routeMiddleware = [
        'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
        'can' => \Illuminate\Auth\Middleware\Authorize::class,
        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
        'user' => \App\Http\Middleware\UserMiddleware::class,
        'admin' => \App\Http\Middleware\AdminMiddleware::class
    ];

Once we have registered our middleware in our Kernel, we modify their handle() method to suit our needs:

UserMiddleware.php:

public function handle($request, Closure $next)
    {
        if(Auth::user()->user_type == 1)
            return $next($request);
        return redirect('/');
    }

AdminMiddleware.php:

public function handle($request, Closure $next)
    {
        if(Auth::user()->user_type == 2)
            return $next($request);
        return redirect('/');
    }

The Auth::user() Facade will return an instance of your logged in user in both cases, which then we check if it is a 1 or a 2. If they match their corresponding values, we proceed to wherever we are intended to go, else, we can redirect to somewhere else in your app, say, the home route /.

After this, we can proceed to protect routes or controllers with our brand new middleware.

For example, if you wanted to make a route only available to admins, but not to regular users, you could do:

routes/web.php:

Route::get('/admin', function () {
    return view('admin');
})->middleware('admin');

Then that specific route, will be protected to those Users that are created with the attribute user_type set to 2.

I hope this helps you a little bit.

Cheers!