はじめに
Laravel8で一般ログインと管理ログインを分けるために、マルチ認証を実装した方法を記載します。
概要
ユーザーは、
- 一般ユーザー側を users
- 管理者側を admin_users
URLは、
-
一般ユーザー側(users)
ログイン画面 /login
ホーム画面 /home -
管理側(admin_users)
ログイン画面 /admin/login
ホーム画面 /admin/home
として2つの管理画面を作ることを想定して実装します。
前提
- composerがインストールされている状態であること
- Laravelプロジェクトがインストール済みであること
- laravel/uiが導入済みである事
※laravel/uiのインストール方法は以下を参照
Laravel8 (laravel/ui)でのLogin機能の実装方法メモ
手順
1 管理者用のモデルとマイグレーションファイルを作成する
-mオプションをつけて、以下コマンドを打つ事で、モデルとマイグレーションファイルが一気に作成できます。
php artisan make:model AdminUser -m
以下ファイルが作成されます。
- app/Models/AdminUser.php(モデルファイル)
- database/migrations/日付_create_admin_users_table.php(マイグレーションファイル)
※オプションに関する詳細は以下を参照
Laravel 8.x Eloquentの準備
2 app/Models/User.phpの内容をコピーして貼り付ける
既にUser.php (一般ユーザー側のモデルファイル)が生成されているので、
中身をコピーしつつ、 class名を AdminUser に変えておきます。
app/Models/AdminUser.php
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Foundation\Auth\User as Authenticatable;
class AdminUser extends Authenticatable // class名をuserからAdminUserに変更
{
use HasFactory;
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name',
'email',
'password',
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password',
'remember_token',
];
/**
* The attributes that should be cast to native types.
*
* @var array
*/
protected $casts = [
'email_verified_at' => 'datetime',
];
}
3 作成したマイグレーションファイルもコピーする
database/migrations/2014_10_12_000000_create_users_table.php(マイグレーションファイル)の内容をコピーしてテーブル名を変更します。
database/migrations/日付_create_admin_users_table.php
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class CreateAdminUsersTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
// テーブル名をuserからadmin_usersに変更
Schema::create('admin_users', function (Blueprint $table) {
$table->id();
$table->string('name');
$table->string('email')->unique();
$table->timestamp('email_verified_at')->nullable();
$table->string('password');
$table->rememberToken();
$table->timestamps();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
// テーブル名をuserからadmin_usersに変更
Schema::dropIfExists('admin_users');
}
}
4 マイグレーションを実行する
マイグレーションを実行して管理者用のテーブルを作成する
$ php artisan migrate
5 認証系ファイルに管理者(admin_users)側の設定を行う
config/auth.phpに管理者(admin_users)側の設定を追加する。
まず始めに今回作成するファイルの全体のコードです。
config/auth.php
<?php
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => 'users', // webからusersに変更
'passwords' => 'users',
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session"
|
*/
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'users' => [ // usersを追加
'driver' => 'session',
'provider' => 'users',
],
'admin_users' => [ // admin_usersを追加
'driver' => 'session',
'provider' => 'admin_users',
],
'api' => [ // apiを追加
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
'admin_users' => [ // admin_usersを追加
'driver' => 'eloquent',
'model' => App\Models\AdminUser::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that each reset token will be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
'throttle' => 60,
],
'admin_users' => [ // admin_usersを追加
'provider' => 'admin_users',
'table' => 'admin_password_resets',
'expire' => 60,
'throttle' => 60,
],
],
/*
|--------------------------------------------------------------------------
| Password Confirmation Timeout
|--------------------------------------------------------------------------
|
| Here you may define the amount of seconds before a password confirmation
| times out and the user is prompted to re-enter their password via the
| confirmation screen. By default, the timeout lasts for three hours.
|
*/
'password_timeout' => 10800,
];
- 「ガード」と「プロバイダ」について
Laravelの認証機構は、「ガード」と「プロバイダ」で構成されています。
ガード:
リクエストごとにユーザーを認証する方法を定義します。たとえば、Laravelには、セッションストレージとクッキーを使用して状態を維持する「セッション」ガードを用意しています。
プロバイダ:
永続ストレージからユーザーを取得する方法を定義します。LaravelはEloquentとデータベースクエリビルダを使用してユーザーを取得するためのサポートを用意しています。ただし、アプリケーションの必要性に応じて、追加のプロバイダを自由に定義できます。
dafaultをwebからuserに変更することで、
6 管理者用のコントローラーの作成
現在のapp/Http/Controllers/Authとpp/Http/Controllers/HomeController.phpをまるごとコピーして、新規ディレクトリのapp/Http/Controllers/Admin/Authに移動してください。
(ユーザー用のものをそのままコピペ)
そのあとに、少々変更を加えていきます。
app/Http/Controllers/Admin/Auth/ConfirmPasswordController.php
<?php
// App\Http\Controllers\AuthからApp\Http\Controllers\Admin\Authに変更
namespace App\Http\Controllers\Admin\Auth;
// App\Http\ControllersからApp\Http\Controllers\Controllerに変更
use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use Illuminate\Foundation\Auth\ConfirmsPasswords;
class ConfirmPasswordController extends Controller
{
/*
|--------------------------------------------------------------------------
| Confirm Password Controller
|--------------------------------------------------------------------------
|
| This controller is responsible for handling password confirmations and
| uses a simple trait to include the behavior. You're free to explore
| this trait and override any functions that require customization.
|
*/
use ConfirmsPasswords;
/**
* Where to redirect users when the intended url fails.
*
* @var string
*/
protected $redirectTo = RouteServiceProvider::HOME;
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('auth');
}
}
app/Http/Controllers/Admin/Auth/ForgotPasswordController.php
<?php
// App\Http\Controllers\AuthからApp\Http\Controllers\Admin\Authに変更
namespace App\Http\Controllers\Admin\Auth;
// App\Http\ControllersからApp\Http\Controllers\Controllerに変更
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
class ForgotPasswordController extends Controller
{
/*
|--------------------------------------------------------------------------
| Password Reset Controller
|--------------------------------------------------------------------------
|
| This controller is responsible for handling password reset emails and
| includes a trait which assists in sending these notifications from
| your application to your users. Feel free to explore this trait.
|
*/
use SendsPasswordResetEmails;
}
app/Http/Controllers/Admin/Auth/LoginController.php
<?php
// App\Http\Controllers\AuthからApp\Http\Controllers\Admin\Authに変更
namespace App\Http\Controllers\Admin\Auth;
// App\Http\ControllersからApp\Http\Controllers\Controllerに変更
use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
class LoginController extends Controller
{
/*
|--------------------------------------------------------------------------
| Login Controller
|--------------------------------------------------------------------------
|
| This controller handles authenticating users for the application and
| redirecting them to your home screen. The controller uses a trait
| to conveniently provide its functionality to your applications.
|
*/
use AuthenticatesUsers;
/**
* Where to redirect users after login.
*
* @var string
*/
protected $redirectTo = RouteServiceProvider::HOME;
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest')->except('logout');
}
}
app/Http/Controllers/Admin/Auth/RegisterController.php
<?php
// App\Http\Controllers\AuthからApp\Http\Controllers\Admin\Authに変更
namespace App\Http\Controllers\Admin\Auth;
// App\Http\ControllersからApp\Http\Controllers\Controllerに変更
use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use App\Models\AdminUser; // App\Models\UserからApp\Models\AdminUserに変更
use Illuminate\Foundation\Auth\RegistersUsers;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator;
class RegisterController extends Controller
{
/*
|--------------------------------------------------------------------------
| Register Controller
|--------------------------------------------------------------------------
|
| This controller handles the registration of new users as well as their
| validation and creation. By default this controller uses a trait to
| provide this functionality without requiring any additional code.
|
*/
use RegistersUsers;
/**
* Where to redirect users after registration.
*
* @var string
*/
protected $redirectTo = RouteServiceProvider::HOME;
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest');
}
/**
* Get a validator for an incoming registration request.
*
* @param array $data
* @return \Illuminate\Contracts\Validation\Validator
*/
protected function validator(array $data)
{
return Validator::make(
$data,
[
'name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
'password' => ['required', 'string', 'min:3', 'confirmed']
]
);
}
/**
* Create a new user instance after a valid registration.
*
* @param array $data
* @return \App\Models\AdminUser
*/
protected function create(array $data)
{
return AdminUser::create( //UserからAdminUserに変更
[
'name' => $data['name'],
'email' => $data['email'],
'password' => Hash::make($data['password'])
]
);
}
}
app/Http/Controllers/Admin/Auth/ResetPasswordController.php
<?php
// App\Http\Controllers\AuthからApp\Http\Controllers\Admin\Authに変更
namespace App\Http\Controllers\Admin\Auth;
// App\Http\ControllersからApp\Http\Controllers\Controllerに変更
use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use Illuminate\Foundation\Auth\ResetsPasswords;
class ResetPasswordController extends Controller
{
/*
|--------------------------------------------------------------------------
| Password Reset Controller
|--------------------------------------------------------------------------
|
| This controller is responsible for handling password reset requests
| and uses a simple trait to include this behavior. You're free to
| explore this trait and override any methods you wish to tweak.
|
*/
use ResetsPasswords;
/**
* Where to redirect users after resetting their password.
*
* @var string
*/
protected $redirectTo = RouteServiceProvider::HOME;
}
app/Http/Controllers/Admin/Auth/VerificationController.php
<?php
// App\Http\Controllers\AuthからApp\Http\Controllers\Admin\Authに変更
namespace App\Http\Controllers\Admin\Auth;
// App\Http\ControllersからApp\Http\Controllers\Controllerに変更
use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use Illuminate\Foundation\Auth\VerifiesEmails;
class VerificationController extends Controller
{
/*
|--------------------------------------------------------------------------
| Email Verification Controller
|--------------------------------------------------------------------------
|
| This controller is responsible for handling email verification for any
| user that recently registered with the application. Emails may also
| be re-sent if the user didn't receive the original email message.
|
*/
use VerifiesEmails;
/**
* Where to redirect users after verification.
*
* @var string
*/
protected $redirectTo = RouteServiceProvider::HOME;
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('auth');
$this->middleware('signed')->only('verify');
$this->middleware('throttle:6,1')->only('verify', 'resend');
}
}
app/Http/Controllers/Admin/HomeController.php
<?php
// App\Http\ControllersからApp\Http\Controllers\Adminに変更
namespace App\Http\Controllers\Admin;
// App\Http\ControllersからApp\Http\Controllers\Controllerに変更
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
class HomeController extends Controller
{
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
//authからauth:admin_usersに変更
$this->middleware('auth:admin_users');
}
/**
* Show the application dashboard.
*
* @return \Illuminate\Contracts\Support\Renderable
*/
public function index()
{
//homeからadmin.homeに変更
return view('admin.home');
}
}
7 ビューファイルの作成
管理者用のviewも、コントローラーと同様に新規のディレクトリを切って作成していきます。
現在の「resources/views/auth」と「resources/views/home.blade.php」をまるごとコピーして、新規ディレクトリの「resources/views/admin」に移動してください。
以下のファイルが揃っていればOKです。
- resources/views/admin/auth/login.blade.php
- resources/views/admin/auth/passwords/confirm.blade.php
- resources/views/admin/auth/passwords/email.blade.php
- resources/views/admin/auth/passwords/reset.blade.php
- resources/views/admin/auth/register.blade.php
- resources/views/admin/auth/verify.blade.php
- resources/views/admin/home.blade.php
resources/views/admin/auth/login.blade.php
@extends('layouts.app')
@section('content')
<div class="container">
<div class="row justify-content-center">
<div class="col-md-8">
<div class="card">
<div class="card-header">{{ __('Login') }}</div>
<div class="card-body">
<form method="POST" action="{{ route('admin.login') }}">
@csrf
<div class="row mb-3">
<label for="email" class="col-md-4 col-form-label text-md-end">{{ __('Email Address') }}</label>
<div class="col-md-6">
<input id="email" type="email" class="form-control @error('email') is-invalid @enderror" name="email" value="{{ old('email') }}" required autocomplete="email" autofocus>
@error('email')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
</div>
<div class="row mb-3">
<label for="password" class="col-md-4 col-form-label text-md-end">{{ __('Password') }}</label>
<div class="col-md-6">
<input id="password" type="password" class="form-control @error('password') is-invalid @enderror" name="password" required autocomplete="current-password">
@error('password')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
</div>
<div class="row mb-3">
<div class="col-md-6 offset-md-4">
<div class="form-check">
<input class="form-check-input" type="checkbox" name="remember" id="remember" {{ old('remember') ? 'checked' : '' }}>
<label class="form-check-label" for="remember">
{{ __('Remember Me') }}
</label>
</div>
</div>
</div>
<div class="row mb-0">
<div class="col-md-8 offset-md-4">
<button type="submit" class="btn btn-primary">
{{ __('Login') }}
</button>
@if (Route::has('password.request'))
<a class="btn btn-link" href="{{ route('admin.password.request') }}">
{{ __('Forgot Your Password?') }}
</a>
@endif
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
@endsection
resources/views/admin/auth/passwords/confirm.blade.php
@extends('layouts.app')
@section('content')
<div class="container">
<div class="row justify-content-center">
<div class="col-md-8">
<div class="card">
<div class="card-header">{{ __('Confirm Password') }}</div>
<div class="card-body">
{{ __('Please confirm your password before continuing.') }}
<form method="POST" action="{{ route('admin.password.confirm') }}">
@csrf
<div class="row mb-3">
<label for="password" class="col-md-4 col-form-label text-md-end">{{ __('Password') }}</label>
<div class="col-md-6">
<input id="password" type="password" class="form-control @error('password') is-invalid @enderror" name="password" required autocomplete="current-password">
@error('password')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
</div>
<div class="row mb-0">
<div class="col-md-8 offset-md-4">
<button type="submit" class="btn btn-primary">
{{ __('Confirm Password') }}
</button>
@if (Route::has('password.request'))
<a class="btn btn-link" href="{{ route('admin.password.request') }}">
{{ __('Forgot Your Password?') }}
</a>
@endif
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
@endsection
resources/views/admin/auth/passwords/email.blade.php
@extends('layouts.app')
@section('content')
<div class="container">
<div class="row justify-content-center">
<div class="col-md-8">
<div class="card">
<div class="card-header">{{ __('Reset Password') }}</div>
<div class="card-body">
@if (session('status'))
<div class="alert alert-success" role="alert">
{{ session('status') }}
</div>
@endif
<form method="POST" action="{{ route('admin.password.email') }}">
@csrf
<div class="row mb-3">
<label for="email" class="col-md-4 col-form-label text-md-end">{{ __('Email Address') }}</label>
<div class="col-md-6">
<input id="email" type="email" class="form-control @error('email') is-invalid @enderror" name="email" value="{{ old('email') }}" required autocomplete="email" autofocus>
@error('email')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
</div>
<div class="row mb-0">
<div class="col-md-6 offset-md-4">
<button type="submit" class="btn btn-primary">
{{ __('Send Password Reset Link') }}
</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
@endsection
resources/views/admin/auth/passwords/reset.blade.php
@extends('layouts.app')
@section('content')
<div class="container">
<div class="row justify-content-center">
<div class="col-md-8">
<div class="card">
<div class="card-header">{{ __('Reset Password') }}</div>
<div class="card-body">
<form method="POST" action="{{ route('admin.password.update') }}">
@csrf
<input type="hidden" name="token" value="{{ $token }}">
<div class="row mb-3">
<label for="email" class="col-md-4 col-form-label text-md-end">{{ __('Email Address') }}</label>
<div class="col-md-6">
<input id="email" type="email" class="form-control @error('email') is-invalid @enderror" name="email" value="{{ $email ?? old('email') }}" required autocomplete="email" autofocus>
@error('email')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
</div>
<div class="row mb-3">
<label for="password" class="col-md-4 col-form-label text-md-end">{{ __('Password') }}</label>
<div class="col-md-6">
<input id="password" type="password" class="form-control @error('password') is-invalid @enderror" name="password" required autocomplete="new-password">
@error('password')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
</div>
<div class="row mb-3">
<label for="password-confirm" class="col-md-4 col-form-label text-md-end">{{ __('Confirm Password') }}</label>
<div class="col-md-6">
<input id="password-confirm" type="password" class="form-control" name="password_confirmation" required autocomplete="new-password">
</div>
</div>
<div class="row mb-0">
<div class="col-md-6 offset-md-4">
<button type="submit" class="btn btn-primary">
{{ __('Reset Password') }}
</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
@endsection
resources/views/admin/auth/passwords/register.blade.php
@extends('layouts.app')
@section('content')
<div class="container">
<div class="row justify-content-center">
<div class="col-md-8">
<div class="card">
<div class="card-header">{{ __('Register') }}</div>
<div class="card-body">
<form method="POST" action="{{ route('admin.register') }}">
@csrf
<div class="row mb-3">
<label for="name" class="col-md-4 col-form-label text-md-end">{{ __('Name') }}</label>
<div class="col-md-6">
<input id="name" type="text" class="form-control @error('name') is-invalid @enderror" name="name" value="{{ old('name') }}" required autocomplete="name" autofocus>
@error('name')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
</div>
<div class="row mb-3">
<label for="email" class="col-md-4 col-form-label text-md-end">{{ __('Email Address') }}</label>
<div class="col-md-6">
<input id="email" type="email" class="form-control @error('email') is-invalid @enderror" name="email" value="{{ old('email') }}" required autocomplete="email">
@error('email')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
</div>
<div class="row mb-3">
<label for="password" class="col-md-4 col-form-label text-md-end">{{ __('Password') }}</label>
<div class="col-md-6">
<input id="password" type="password" class="form-control @error('password') is-invalid @enderror" name="password" required autocomplete="new-password">
@error('password')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
</div>
<div class="row mb-3">
<label for="password-confirm" class="col-md-4 col-form-label text-md-end">{{ __('Confirm Password') }}</label>
<div class="col-md-6">
<input id="password-confirm" type="password" class="form-control" name="password_confirmation" required autocomplete="new-password">
</div>
</div>
<div class="row mb-0">
<div class="col-md-6 offset-md-4">
<button type="submit" class="btn btn-primary">
{{ __('Register') }}
</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
@endsection
resources/views/admin/auth/passwords/verify.blade.php
@extends('layouts.app')
@section('content')
<div class="container">
<div class="row justify-content-center">
<div class="col-md-8">
<div class="card">
<div class="card-header">{{ __('Verify Your Email Address') }}</div>
<div class="card-body">
@if (session('resent'))
<div class="alert alert-success" role="alert">
{{ __('A fresh verification link has been sent to your email address.') }}
</div>
@endif
{{ __('Before proceeding, please check your email for a verification link.') }}
{{ __('If you did not receive the email') }},
<form class="d-inline" method="POST" action="{{ route('admin.verification.resend') }}">
@csrf
<button type="submit" class="btn btn-link p-0 m-0 align-baseline">{{ __('click here to request another') }}</button>.
</form>
</div>
</div>
</div>
</div>
</div>
@endsection
resources/views/admin/home.blade.php
@extends('layouts.app')
@section('content')
<div class="container">
<div class="row justify-content-center">
<div class="col-md-8">
<div class="card">
<div class="card-header">{{ __('Dashboard') }}</div>
<div class="card-body">
@if (session('status'))
<div class="alert alert-success" role="alert">
{{ session('status') }}
</div>
@endif
{{ __('You are logged in!') }}
</div>
</div>
</div>
</div>
</div>
@endsection
8 管理者用のルーティング設定
1 管理者用のルーティング設定としてadmin.phpを作成します。
routes/admin.php
<?php
use Illuminate\Support\Facades\Route;
/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| contains the "web" middleware group. Now create something great!
|
*/
//管理者用のルーティング
Route::prefix('admin')->namespace('admin')->name('admin.')->group(function () {
Auth::routes();
Route::get('/home', 'HomeController@index')->name('admin_home');
});
2 app/Providers/RouteServiceProvider.php を編集
admin.phpで設定したルーティングの内容を反映できるように設定します。
Laravelのルートは、routesディレクトリにあるルートファイルで定義しますが、App\Providers\RouteServiceProviderにより、自動的に読み込まれます。
app/Providers/RouteServiceProvider.php
<?php
namespace App\Providers;
use Illuminate\Cache\RateLimiting\Limit;
use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\RateLimiter;
use Illuminate\Support\Facades\Route;
class RouteServiceProvider extends ServiceProvider
{
/**
* The path to the "home" route for your application.
*
* This is used by Laravel authentication to redirect users after login.
*
* @var string
*/
public const HOME = '/';
/**
* The controller namespace for the application.
*
* When present, controller route declarations will automatically be prefixed with this namespace.
*
* @var string|null
*/
protected $namespace = 'App\Http\Controllers'; //コメントアウトを外して修正
/**
* Define your route model bindings, pattern filters, etc.
*
* @return void
*/
public function boot()
{
$this->configureRateLimiting();
$this->routes(
function () {
Route::prefix('api')
->middleware('api')
->namespace($this->namespace)
->group(base_path('routes/api.php'));
Route::middleware('web')
->namespace($this->namespace)
->group(base_path('routes/web.php'));
Route::middleware('web') // routes/admin.phpを追加
->namespace($this->namespace)
->group(base_path('routes/admin.php'));
}
);
}
/**
* Configure the rate limiters for the application.
*
* @return void
*/
protected function configureRateLimiting()
{
RateLimiter::for(
'api',
function (Request $request) {
return Limit::perMinute(60)->by(optional($request->user())->id ?: $request->ip());
}
);
}
}
9 リダイレクト先の変更
app/Providers/RouteServiceProvider.phpの管理者のリダイレクト先を変更します。
app/Providers/RouteServiceProvider.php
<?php
namespace App\Providers;
use Illuminate\Cache\RateLimiting\Limit;
use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\RateLimiter;
use Illuminate\Support\Facades\Route;
class RouteServiceProvider extends ServiceProvider
{
/**
* The path to the "home" route for your application.
*
* This is used by Laravel authentication to redirect users after login.
*
* @var string
*/
public const HOME = '/';
public const ADMIN_HOME = '/admin/home'; // 管理者用のリダイレクト先を追加
/**
* The controller namespace for the application.
*
* When present, controller route declarations will automatically be prefixed with this namespace.
*
* @var string|null
*/
protected $namespace = 'App\Http\Controllers';
/**
* Define your route model bindings, pattern filters, etc.
*
* @return void
*/
public function boot()
{
$this->configureRateLimiting();
$this->routes(
function () {
Route::prefix('api')
->middleware('api')
->namespace($this->namespace)
->group(base_path('routes/api.php'));
Route::middleware('web')
->namespace($this->namespace)
->group(base_path('routes/web.php'));
Route::middleware('web')
->namespace($this->namespace)
->group(base_path('routes/admin.php'));
}
);
}
/**
* Configure the rate limiters for the application.
*
* @return void
*/
protected function configureRateLimiting()
{
RateLimiter::for(
'api',
function (Request $request) {
return Limit::perMinute(60)->by(optional($request->user())->id ?: $request->ip());
}
);
}
}
管理者向けの認証用のコントローラーも変更します。
app/Http/Controllers/Admin/Auth/VerificationController.php
protected $redirectTo = RouteServiceProvider::ADMIN_HOME; // HOMEからADMIN_HOMEに変更
app/Http/Controllers/Admin/Auth/ResetPasswordController.php
protected $redirectTo = RouteServiceProvider::ADMIN_HOME; // HOMEからADMIN_HOMEに変更
app/Http/Controllers/Admin/Auth/RegisterController.php
protected $redirectTo = RouteServiceProvider::ADMIN_HOME; // HOMEからADMIN_HOMEに変更
app/Http/Controllers/Admin/Auth/LoginController.php
protected $redirectTo = RouteServiceProvider::ADMIN_HOME; // HOMEからADMIN_HOMEに変更
app/Http/Controllers/Admin/Auth/ConfirmPasswordController.php
protected $redirectTo = RouteServiceProvider::ADMIN_HOME; // HOMEからADMIN_HOMEに変更
10 管理者の認証画面が閲覧できるようにする
現状だと、管理者画面にアクセスしても一般ユーザー(Users)の管理画面が表示されてしまうので、showRegistrationFormメソッドを追加します。
app/Http/Controllers/Admin/Auth/RegisterController.php
<?php
namespace App\Http\Controllers\Admin\Auth;
use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use App\Models\AdminUser;
use Illuminate\Foundation\Auth\RegistersUsers;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator;
class RegisterController extends Controller
{
/*
|--------------------------------------------------------------------------
| Register Controller
|--------------------------------------------------------------------------
|
| This controller handles the registration of new users as well as their
| validation and creation. By default this controller uses a trait to
| provide this functionality without requiring any additional code.
|
*/
use RegistersUsers;
/**
* Where to redirect users after registration.
*
* @var string
*/
protected $redirectTo = RouteServiceProvider::HOME;
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest');
}
/**
* Get a validator for an incoming registration request.
*
* @param array $data
* @return \Illuminate\Contracts\Validation\Validator
*/
protected function validator(array $data)
{
return Validator::make(
$data,
[
'name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
'password' => ['required', 'string', 'min:3', 'confirmed']
]
);
}
/**
* Create a new user instance after a valid registration.
*
* @param array $data
* @return \App\Models\AdminUser
*/
protected function create(array $data)
{
return AdminUser::create( //UserからAdminUserに変更
[
'name' => $data['name'],
'email' => $data['email'],
'password' => Hash::make($data['password'])
]
);
}
//管理者の会員登録画面にアクセスできるように設定追加
public function showRegistrationForm()
{
return view('admin.auth.register');
}
}
11 会員登録用のコントローラーにガードの設定を追記する
app/Http/Controllers/Admin/Auth/RegisterController.php
<?php
namespace App\Http\Controllers\Admin\Auth;
use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use App\Models\AdminUser;
use Illuminate\Foundation\Auth\RegistersUsers;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator;
class RegisterController extends Controller
{
/*
|--------------------------------------------------------------------------
| Register Controller
|--------------------------------------------------------------------------
|
| This controller handles the registration of new users as well as their
| validation and creation. By default this controller uses a trait to
| provide this functionality without requiring any additional code.
|
*/
use RegistersUsers;
/**
* Where to redirect users after registration.
*
* @var string
*/
protected $redirectTo = RouteServiceProvider::HOME;
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest');
}
/**
* Get a validator for an incoming registration request.
*
* @param array $data
* @return \Illuminate\Contracts\Validation\Validator
*/
protected function validator(array $data)
{
return Validator::make(
$data,
[
'name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
'password' => ['required', 'string', 'min:3', 'confirmed']
]
);
}
/**
* Create a new user instance after a valid registration.
*
* @param array $data
* @return \App\Models\AdminUser
*/
protected function create(array $data)
{
return AdminUser::create( //UserからAdminUserに変更
[
'name' => $data['name'],
'email' => $data['email'],
'password' => Hash::make($data['password'])
]
);
}
public function showRegistrationForm()
{
return view('admin.auth.register');
}
protected function guard()
{
return Auth::guard('admin_users');
}
}
終わりに
マルチ認証機能の実装によって、認証機能の理解がより深まりました。
次は、laravel-adminというライブラリの理解を深めてアウトプットしていきます。