Custome login and middlwear in laravel 9
Sure, here’s a blog post that explains how to implement custom login and middleware in Laravel:
Secure and customizable authentication is an essential part of any web application. Laravel, being one of the most popular PHP frameworks, provides a simple and powerful way to implement authentication using built-in authentication features. In addition to the built-in authentication, Laravel also allows you to create custom login and middleware to suit your specific authentication needs. In this tutorial, we’ll show you how to implement custom login and middleware in Laravel.
1. Custom Login
To create a custom login, you need to create a new controller that handles the login process. Here’s an example:
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
class CustomAuthController extends Controller
{
public function showLoginForm()
{
return view('auth.login');
}
public function login(Request $request)
{
$credentials = $request->only('email', 'password');
if (Auth::attempt($credentials)) {
// Authentication was successful
return redirect()->intended('/dashboard');
} else {
// Authentication failed
return redirect()->back()->with('error', 'Invalid email or password');
}
}
public function logout()
{
Auth::logout();
return redirect('/login');
}
}
In this example, the showLoginForm() method returns a view that displays the login form. The login() method handles the login process by using the Auth::attempt() method to authenticate the user. If the authentication is successful, the user is redirected to the dashboard page. If the authentication fails, the user is redirected back to the login page with an error message. Finally, the logout() method logs out the user and redirects them to the login page.
To use this custom login, you need to update your routes file (routes/web.php) to point to the new controller:
Route::get('/login', [CustomAuthController::class, 'showLoginForm'])->name('login');
Route::post('/login', [CustomAuthController::class, 'login']);
Route::post('/logout', [CustomAuthController::class, 'logout'])->name('logout');
2. Middleware:
To create a custom middleware, you need to create a new middleware class that handles the middleware logic. Here’s an example:
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
class CustomMiddleware
{
public function handle(Request $request, Closure $next)
{
if (Auth::check() && Auth::user()->isAdmin()) {
// The user is authenticated and is an admin
return $next($request);
} else {
// The user is not authenticated or is not an admin
return redirect('/login')->with('error', 'You are not authorized to access this page');
}
}
}
In this example, the middleware checks if the user is authenticated and is an admin (using the isAdmin() method on the User model). If the user is authorized, the middleware passes the request to the next middleware or controller. If the user is not authorized, the middleware redirects them to the login page with an error message.
To use this custom middleware, you need to register it in your App\Http\Kernel class:
protected $routeMiddleware = [
// ...
'custom' => \App\Http\Middleware\CustomMiddleware::class,
];
Then, you can use the middleware in your routes:
Route::middleware(['custom'])->group(function () {
Route::get('/admin/dashboard', [AdminController::class, 'dashboard']);
});
In this example, the custom middleware is applied to the /admin/dashboard route, which means that only authenticated admins can access that route.
