Authentication For Admin App Login
- User = Personbydomain
- The LaSalleGuard Custom Guard
- Laravel UI Package Contains Core Auth Classes
- Banning Users
- Emergency Banning All Users
This page refers to authenticating the administration app's login only.
API authentication is described in the "system" section of these docs.
Not everyone I have in my database will have login privileges. So I need a database table for non-login-able people ("persons" table), and a separate database table for people who can login ("personbydomains" table). Everyone who can login, who is in the "personbydomains" table, exists in the "persons" table.
Similarly, email address should reside in a dedicated database table ("emails" table). An email in the "personbydomains" table exists in the "emails" table.
The name of my users database table reflects that users belong to a front-end domain: "personbydomains". Each personbydomain belongs to an "installed_domain".
This is the "personbydomains" database table's field structure:
The heart of Laravel's authentication is the guard.
Laravel comes with guard classes called TokenGuard, RequestGuard, and "SessionGuard":
Laravel sets the "SessionGuard" as the default guard:
My custom guard is already set up in my admin app's config:
Authentication classes resident within the Laravel Framework version 6 (branch 6.x) repository version 6 (branch 6.x) repository are not there in the 7.x branch!
These files are still needed for Laravel 7.x's authentication!
These files have been moved to the Laravel UI package.
Ah, but with a twist: these classes physically reside in a different package. However, their namespace is still the same! This is why I have this package pre-installed, but still including it in composer.json.
Take a look!
Admin app needs Laravel's UI package. In the composer require section:
You can ban a user from logging in by checking the "Banned" checkbox their "personbydomain" record:
If the user is already logged in, they will be logged out at their next request cycle.
If the user is not yet logged in, they will not be able to log into the admin app.
You cannot ban yourself. Only owners can ban owners.
Please note that I have not implemented the ban in the LaSalleGuard's "once" and "onceUsingId" methods. These methods are generally used for testing, or are executed programmatically (not used in the usual course of someone logging in and out of the admin app).
I want a facility where I can:
Here is the environment variable: