Laravel 5.8 Multiple middlewares using guards and specific options for each guard

Question

I have a laravel application that allows both admins and customers to gain access to it and for each one of them will have specific permissions using 2 separated tables for each type of user to auth and 2 different guards. what I need now is to give customers access specific methods inside the controller and the admin have access to all methods.

class OrdersController extends Controller
{
    public function __construct()
    {
        $this->middleware(['auth:client'])->only(['index', 'create', 'store', 'edit', 'printOrder']);
        $this->middleware('auth:admin');
    }

but it works fine for the client and it's not working for the admin

Answer 1

You have two options

1. define the desired middleware on the corresponding routes

Route::get('/some-route', [
    'uses' => 'OrdersController@create',
    'as' => 'create-order',
])->middleware('auth:client');

2. check inside the method, if the correct auth took place auth('auth:client')->check()

Answer 2

I suggest separating the controllers when the access is based on roles (not permissions), otherwise (if the access is based on permissions) then the middleware should also be based on permissions for example

$this->middleware('can:update order')->only(['update','edit']);
$this->middleware('can:store order')->only(['store','create']);