CODEWITHSUNDEEP
phplaravel
user7456955
user7456955

Reputation:

Route restriction in Laravel for selected role

I have a users table with two types of users: Vendor and Customer. Every thing is fine with login if vendor role is 1 redirect to vendor Dashboard and for customer role is 2 redirect to customer dashboard but after login how to prevent route to customer dashboard if logged as vendor and vice versa Controller for login depend on role:

class CustomerLoginController extends Controller
{
    public function __construct()
    {
        $this->middleware('guest:web');
    }

    public function showLoginForm()
    {
        return view('Customer.login');
    }

    public function login(Request $request)
    {
        $this->validate($request,[
            'email'=>'required|email',
            'password'=>'required|min:6',
        ]);

        if (Auth::guard('web')->attempt(['email'=>$request->email,'password'=>$request->password,'active'=>1,'role_id'=>2], $request->remember)) {

            return redirect()->intended(route('customer.dashboard'));

        } elseif (Auth::guard('web')->attempt(['email'=>$request->email,'password'=>$request->password,'active'=>1,'role_id'=>1],$request->remember)) {
            return redirect()->intended(route('vendor.dashboard'));

        }
        return redirect()->back()->withInput($request->only('email','remember'));
    }

}

after login route controller:

public function __construct()
{
    $this->middleware('auth');
}
public function index()
{
    return view('index.customer.customerdashboard');
}

public function vendor()
{
    return view('index.vendor.vendordashboard');
}

Upvotes: 0

Views: 1066

Answers (1)

Lloople
Lloople

Reputation: 1844

You need to create a middleware with

php artisan make:middleware PortectedVendorRoutesMiddleware

Then, in the handle method of that file, add the logic to check for the user's role

public function handle($request, Closure $next)
{
    if (auth()->user()->role_id == 1) {
       return $next($request);
    }


    abort(404);
}

Now you need to protect your routes

Route::group(['middleware' => App\Http\Middleware\ProtectVendorRoutesMiddleware::class], function () {

    // Your protected vendor routes here
});

Or since Laravel 5.5

Route::middleware([App\Http\Middleware\ProtectVendorRoutesMiddleware::class])->group(function () {

    // Your protected vendor routes here
});

Repeat the process for Customer routes.

Upvotes: 1

Related Questions