Laravel 5.8.38でマルチユーザー認証を実装したいと思ったが、あまり参考記事がなかったので色々調べて何とかできたのでその方法を記載します。
config/auth.php(認証設定)の設定
以下のように設定します。
config.php
<?php
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session", "token"
|
*/
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
/** 以下を追加 **/
'user' => [
'driver' => 'session',
'provider' => 'users',
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
/** ここまで **/
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
/** 以下を追加 **/
'admins' => [
'driver' => 'eloquent',
'model' => App\Models\Admin::class,
],
/** ここまで **/
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that the reset token should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
],
/** 以下を追加 **/
'admins' => [
'provider' => 'admins',
'table' => 'password_resets',
'expire' => 60,
],
/** ここまで **/
],
];
adminsテーブルを作成するためマイグレーションファイルを作成する
php artisan make:migration create_admins_table
内容は、ユーザーテーブルのマイグレーションファイルを参考にする。
<?php
use Illuminate\Support\Facades\Schema;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class CreateAdminsTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('admins', function (Blueprint $table) {
$table->bigIncrements('id');
$table->string('name');
$table->string('email')->unique();
$table->timestamp('email_verified_at')->nullable();
$table->string('password');
$table->rememberToken();
$table->timestamps();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::dropIfExists('admins');
}
}
Adminモデルを作成する
app配下にModelsディレクトリを作成する。
add/Models/Adminを作成する。
内容はUserモデルを参考にする。
<?php
namespace App\Models;
use Illuminate\Notifications\Notifiable;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Database\Eloquent\Model;
class Admin extends Authenticatable
{
use Notifiable;
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name', 'email', 'password',
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password', 'remember_token',
];
/**
* The attributes that should be cast to native types.
*
* @var array
*/
protected $casts = [
'email_verified_at' => 'datetime',
];
}
認証エラー時の設定
app/Exceptions/Handler.phpに未ログイン時の対応(unauthenticated)を設定。
Illuminate\Auth\AuthenticationExceptionを継承しているのでunauthenticatedメソッドをオーバーライド。
app/Exceptions/Handler.php
app/Exceptions/Handler.php
<?php
namespace App\Exceptions;
use Exception;
use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
/** 以下追加 **/
use Request;
use Response;
use Illuminate\Auth\AuthenticationException;
/** ここまで **/
class Handler extends ExceptionHandler
{
protected $dontReport = [
//
];
protected $dontFlash = [
'password',
'password_confirmation',
];
public function report(Exception $exception)
{
parent::report($exception);
}
public function render($request, Exception $exception)
{
return parent::render($request, $exception);
}
/** 以下追加 **/
protected function unauthenticated($request, AuthenticationException $exception)
{
// JSONの対応
if($request->expectsJson()) {
return response()->json(['error' => 'Unauthenticated.'], 401);
}
// Adminの対応
if(in_array('admin', $exception->guards())){
return redirect()->guest('admin/login');
}
// Userの対応
return redirect()->guest(route('login'));
}
/** ここまで **/
}
ルーティングの設定
route/web.php
web.php
// 'middleware'=>'auth:admin'を追加
Route::group(['prefix' => 'admin', 'middleware'=>'auth:admin'], function(){
//管理者ログインしたユーザーのみアクセス可能にしたいルーティングを記述
Route::get('home', 'Admin\HomeController@index')->name('admin.home');
});
//ログインやログアウト後のページに関しては、非ログイン時にアクセスするので'middleware'=>'auth:admin'の外に記述する
Route::get('admin/login', 'Admin\LoginController@showLoginForm')->name('admin_login');
Route::post('admin/login', 'Admin\LoginController@login')->name('admin_login');
Route::post('admin/logout', 'Admin\LoginController@logout')->name('admin_logout');
Route::get('admin/register', 'Admin\RegisterController@showRegisterForm')->name('admin.register');
Route::post('admin/register', 'Admin\RegisterController@register')->name('admin.register');
管理者ユーザーなので登録などは画面からさせない場合は、登録に関するregisterの部分は必要ありません。
コントローラーの設定
app
┗ Http
┗ Controllers
┠ Admin
┃ ┠ HomeController.php
┃ ┠ RegisterController.php
┃ ┗ LoginController.php
┠ Auth
┃ ┠ ForgotPasswordController.php
┃ ┠ LoginController.php // 変更する
┃ ┠ RegisterController.php
┃ ┠ ResetPasswordController.php
┃ ┗ VerificationController.php
┠ Controller.php
┗ HomeController.php
Admin/HomeController.php
<?php
namespace App\Http\Controllers\Admin;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller; // 追記
class HomeController extends Controller
{
public function __construct()
{
$this->middleware('auth:admin'); // 変更
}
public function index()
{
return view('admin.home'); // 変更
}
}
Admin/LoginController.php
<?php
namespace App\Http\Controllers\Admin; // 変更
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request; // 追加※
class LoginController extends Controller
{
use AuthenticatesUsers;
protected $redirectTo = '/admin/home'; // 変更
public function __construct()
{
$this->middleware('guest:admin')->except('logout'); // 変更
}
/** 以下追記 **/
public function showLoginForm()
{
return view('admin.login');
}
protected function guard()
{
return \Auth::guard('admin');
}
public function logout(Request $request)
{
\Auth::guard('admin')->logout();
return redirect('/admin/login');
}
/** ここまで **/
}
Admin/RegisterController.php
<?php
namespace App\Http\Controllers\Admin;
use App\Models\Admin;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator;
use Illuminate\Foundation\Auth\RegistersUsers;
class RegisterController extends Controller
{
/*
|--------------------------------------------------------------------------
| Register Controller
|--------------------------------------------------------------------------
|
| This controller handles the registration of new users as well as their
| validation and creation. By default this controller uses a trait to
| provide this functionality without requiring any additional code.
|
*/
use RegistersUsers;
/**
* Where to redirect users after registration.
*
* @var string
*/
protected $redirectTo = '/admin/home';
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest:admin');
}
public function showRegisterForm()
{
return view('admin.register');
}
/**
* Get a validator for an incoming registration request.
*
* @param array $data
* @return \Illuminate\Contracts\Validation\Validator
*/
protected function validator(array $data)
{
return Validator::make($data, [
'name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
'password' => ['required', 'string', 'min:8', 'confirmed'],
]);
}
/**
* Create a new user instance after a valid registration.
*
* @param array $data
* @return \App\Models\Admin
*/
protected function create(array $data)
{
return Admin::create([
'name' => $data['name'],
'email' => $data['email'],
'password' => Hash::make($data['password']),
]);
}
protected function guard()
{
return \Auth::guard('admin');
}
}
【Auth/LoginController.php修正】
※Userだけログアウト
app/Http/Controllers/Auth/LoginController.php
Auth/LoginController.php
use Illuminate\Http\Request; // 追記
class LoginController extends Controller
{
・・・
public function __construct()
{
//$this->middleware('guest')->except('logout');
$this->middleware('guest:user')->except('logout'); // 変更
}
/** 以下追記 **/
public function showLoginForm()
{
return view('auth.login');
}
protected function guard()
{
return \Auth::guard('user');
}
public function logout(Request $request)
{
\Auth::guard('user')->logout();
return redirect('/login');
}
/** ここまで **/
【User側HomeController.php修正】
※Userだけログアウト
app/Http/Controllers/HomeController.php
HomeController.php
public function __construct()
{
// $this->middleware('auth');
$this->middleware('auth:user');
}
ビューの作成
以下の構成にする。
┗ Views
┠ admin
┃ ┠ home.blade.php
┃ ┠ register.blade.php
┃ ┗ login.blade.php
┠ auth
┃ ┠ passwords
┃ ┠ register.blade.php
┃ ┠ login.blade.php
┃ ┗ verify.blade.php
┠ layout
┃ ┠ admin.blade.php
┃ ┠ app.blade.php
┠ home.blade.php
┗ welcom.blade.php
resources/views/layouts/admin.blade.php
route変更
route(‘login’) -> route(‘admin.login’)
route(‘logout’) -> route(‘admin.logout’)
resources/views/layouts/admin.blade.php
<!DOCTYPE html>
<html lang="{{ str_replace('_', '-', app()->getLocale()) }}">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- CSRF Token -->
<meta name="csrf-token" content="{{ csrf_token() }}">
<title>{{ config('app.name', 'Laravel') }}</title>
<!-- Scripts -->
<script src="{{ asset('js/app.js') }}" defer></script>
<!-- Fonts -->
<link rel="dns-prefetch" href="//fonts.gstatic.com">
<link href="https://fonts.googleapis.com/css?family=Nunito" rel="stylesheet">
<!-- Styles -->
<link href="{{ asset('css/app.css') }}" rel="stylesheet">
</head>
<body>
<div id="app">
<nav class="navbar navbar-expand-md navbar-light bg-white shadow-sm">
<div class="container">
<a class="navbar-brand" href="{{ url('/') }}">
{{ config('app.name', 'Laravel') }}
</a>
<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="{{ __('Toggle navigation') }}">
<span class="navbar-toggler-icon"></span>
</button>
<div class="collapse navbar-collapse" id="navbarSupportedContent">
<!-- Left Side Of Navbar -->
<ul class="navbar-nav mr-auto">
</ul>
<!-- Right Side Of Navbar -->
<ul class="navbar-nav ml-auto">
<!-- Authentication Links -->
@guest
<li class="nav-item">
<a class="nav-link" href="{{ route('admin.login') }}">{{ __('Login') }}</a>
</li>
@if (Route::has('register'))
<li class="nav-item">
<a class="nav-link" href="{{ route('admin.register') }}">{{ __('Register') }}</a>
</li>
@endif
@else
<li class="nav-item dropdown">
<a id="navbarDropdown" class="nav-link dropdown-toggle" href="#" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" v-pre>
{{ Auth::user()->name }} <span class="caret"></span>
</a>
<div class="dropdown-menu dropdown-menu-right" aria-labelledby="navbarDropdown">
<a class="dropdown-item" href="{{ route('admin.logout') }}"
onclick="event.preventDefault();
document.getElementById('logout-form').submit();">
{{ __('Logout') }}
</a>
<form id="logout-form" action="{{ route('admin.logout') }}" method="POST" style="display: none;">
@csrf
</form>
</div>
</li>
@endguest
</ul>
</div>
</div>
</nav>
<main class="py-4">
@yield('content')
</main>
</div>
</body>
</html>
resources/views/admin/home.blade.php
継承元変更
@extends(‘layouts.app’) -> @extends(‘layouts.admin’)
resources/views/admin/home.blade.php
@extends('layouts.admin')
@section('content')
<div class="container">
<div class="row justify-content-center">
<div class="col-md-8">
<div class="card">
<div class="card-header">Dashboard</div>
<div class="card-body">
@if (session('status'))
<div class="alert alert-success" role="alert">
{{ session('status') }}
</div>
@endif
You are logged in!
</div>
</div>
</div>
</div>
</div>
@endsection
resources/views/auth/login.blade.php
継承元変更
@extends(‘layouts.app’) -> @extends(‘layouts.admin’)
route変更
route(‘login’) -> route(‘admin.login’)
resources/views/auth/login.blade.php
@extends('layouts.admin')
@section('content')
<div class="container">
<div class="row justify-content-center">
<div class="col-md-8">
<div class="card">
<div class="card-header">{{ __('Login') }}</div>
<div class="card-body">
<form method="POST" action="{{ route('admin.login') }}">
@csrf
<div class="form-group row">
<label for="email" class="col-md-4 col-form-label text-md-right">{{ __('E-Mail Address') }}</label>
<div class="col-md-6">
<input id="email" type="email" class="form-control @error('email') is-invalid @enderror" name="email" value="{{ old('email') }}" required autocomplete="email" autofocus>
@error('email')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
</div>
<div class="form-group row">
<label for="password" class="col-md-4 col-form-label text-md-right">{{ __('Password') }}</label>
<div class="col-md-6">
<input id="password" type="password" class="form-control @error('password') is-invalid @enderror" name="password" required autocomplete="current-password">
@error('password')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
</div>
<div class="form-group row">
<div class="col-md-6 offset-md-4">
<div class="form-check">
<input class="form-check-input" type="checkbox" name="remember" id="remember" {{ old('remember') ? 'checked' : '' }}>
<label class="form-check-label" for="remember">
{{ __('Remember Me') }}
</label>
</div>
</div>
</div>
<div class="form-group row mb-0">
<div class="col-md-8 offset-md-4">
<button type="submit" class="btn btn-primary">
{{ __('Login') }}
</button>
@if (Route::has('password.request'))
<a class="btn btn-link" href="{{ route('password.request') }}">
{{ __('Forgot Your Password?') }}
</a>
@endif
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
@endsection
resources/views/auth/register.blade.php
継承元変更
@extends(‘layouts.app’) -> @extends(‘layouts.admin’)
route変更
route(‘login’) -> route(‘admin.login’)
resources/views/auth/register.blade.php
@extends('layouts.admin')
@section('content')
<div class="container">
<div class="row justify-content-center">
<div class="col-md-8">
<div class="card">
<div class="card-header">{{ __('Register') }}</div>
<div class="card-body">
<form method="POST" action="{{ route('admin.register') }}">
@csrf
<div class="form-group row">
<label for="name" class="col-md-4 col-form-label text-md-right">{{ __('Name') }}</label>
<div class="col-md-6">
<input id="name" type="text" class="form-control @error('name') is-invalid @enderror" name="name" value="{{ old('name') }}" required autocomplete="name" autofocus>
@error('name')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
</div>
<div class="form-group row">
<label for="email" class="col-md-4 col-form-label text-md-right">{{ __('E-Mail Address') }}</label>
<div class="col-md-6">
<input id="email" type="email" class="form-control @error('email') is-invalid @enderror" name="email" value="{{ old('email') }}" required autocomplete="email">
@error('email')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
</div>
<div class="form-group row">
<label for="password" class="col-md-4 col-form-label text-md-right">{{ __('Password') }}</label>
<div class="col-md-6">
<input id="password" type="password" class="form-control @error('password') is-invalid @enderror" name="password" required autocomplete="new-password">
@error('password')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
</div>
<div class="form-group row">
<label for="password-confirm" class="col-md-4 col-form-label text-md-right">{{ __('Confirm Password') }}</label>
<div class="col-md-6">
<input id="password-confirm" type="password" class="form-control" name="password_confirmation" required autocomplete="new-password">
</div>
</div>
<div class="form-group row mb-0">
<div class="col-md-6 offset-md-4">
<button type="submit" class="btn btn-primary">
{{ __('Register') }}
</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
@endsection
こちらでマルチユーザー認証を実装することができました。
ちなみにこれでエラーが出る場合は、namespaseのパスが間違っていたりなどが多いと思いますので、エラーが出る場合は見直してみるようにして下さい。
私も、パスが間違っていて表示されなかったりで苦戦しました。。笑