laravel users


Since, we did the basic database operations required for a project, we can now go onto add authentication logic for the application. Laravel provides all of these in a single composer command.

ROUTE, VIEWS AND CONTROLLER

php artisan make:auth  

AFTER LOGIN

Laravel redirects the user to /home url after login. Lets redirect it to /admin ourselves.

protected $redirectTo = '/admin';  

Lets add a user for our database then before restricting unauthenticated user access. The registration page is created inside resources/views/auth/ directory and won't look good initially. We can redefine its css links to make it look good. For that, we need to open the app.blade.php file created inside the layouts folder created by artisan command make:auth and redefine its css and js links. The app.css file being linked to this file resides in public/css/ directory while app.js file resides in public/js directory.

RESTRICTION TO ADMINCONTROLLER

Once a user is created, we can restrict other unauthenticated users to access the admin dashboard. For that, we can use the magic method in our adminController to run the auth middleware.

public function __construct()
{
    $this->middleware('auth');
}  

LOG OUT

We'll also need to create the logout method in HomeController file that's generated by the artisan command make:auth where we also need to add use Auth prior to the class block and the route for logout.

<?php
namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Auth;

class HomeController extends Controller
{
  public function __construct()
  {
    $this->middleware('auth');
  }

  public function index()
  {
    return view('home');
  }

  public function logout(){
    Auth::logout();
    return redirect('login');
  }
} 

First two methods are generated by the artisan command while we added the third one.

Auth::routes();
Route::get('/home', 'HomeController@index');  
Route::get('logout','HomeController@logout');  

Here too, the first two routes are generated by the artisan command while we added the third. Now, we'll add this route in the master blade for easy access.

<a href="{{url('logout')}}" class="btn btn-default btn-flat">Sign out</a>  

REGISTER USER

Though everything is well setup for authentication in Laravel, anyone can register a new user in the app without any restriction by default. We need to stop that so that only authenticated user can register a new user. For that, we can define register route in web.php and create a method in HomeController for that one. Since HomeController calls the auth middleware in it's constructor, no user can be registered unless being authenticated. make sure that you add the new route for register below the Auth::routes(); command.

Route::get('register','HomeController@register');  

We can simply return the view of register.blade.php in the method and that'll happen only in the case the user is logged in.

public function register(){
  return view ('auth.register');
}  

Now, we can add the url to add new user in the navigation panel.

<a href="{{url('register')}}">Add User</a>

Once we go to the user registration page via dashboard, we'll need a link to get back to the dashboard as well. So, we'll change the link from frontend index page to admin from the layouts/app.blade.php file that extends the register.blade file

<a class="navbar-brand" href="{{url('admin')}}">Admin Dashboard</a>  

We can also remove the @if (Auth::guest()) section from the page as it's void for us now and keep the logout url much clean.

<a href="{{ url('/logout') }}">Logout</a>  

Everything for the backend has been done and dusted, we'll add a few data before working on frontend.