Laravel 5 Admin Middleware (is_admin user check)

Would you like to have middleware that makes sure that only users with an is_admin = 1 status will be able to see the admin section? Then you can use the following code:

app/Http/Middleware/AdminMiddleware.php

<?php

namespace App\Http\Middleware;

use Closure;

class AdminMiddleware
{

    /**
     * Handle an incoming request. User must be logged in to do admin check
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if (\Auth::user()->is_admin == 1)
        {
            return $next($request);
        }

        return redirect()->guest('/');
    }
}

Make sure you’ll register the middleware as a route in app/Http/Kernel.php

protected $routeMiddleware = [
        'auth' => \App\Http\Middleware\Authenticate::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'admin' => \App\Http\Middleware\AdminMiddleware::class
];

Finally assign this middleware in the routes.php next to the auth middleware, since the admin middleware is an extension to the auth middleware.

App/Http/routes.php

Route::group(['prefix' => 'administration', 'middleware' => ['auth', 'admin']], function()
{
	Route::get('/', 'Admin\HomeController@index');
}

If you’ve suggestions to make this coding more efficient, you’re always welcome to drop a comment below.

10 thoughts on “Laravel 5 Admin Middleware (is_admin user check)”

  1. Very useful. I would like to add one more important step.

    @if(\Auth::user()->admin==1)
    Logged in as Admin
    @else
    You are logged in!
    @endif

    Add this in your home.blade.php to check whether user is admin or guest user.

  2. I am using laravel 5.3.
    I’ve added adminMiddleware in app/Http/Kernel.php.

    protected $routeMiddleware = [
    ‘auth’ => \Illuminate\Auth\Middleware\Authenticate::class,
    ‘auth.basic’ => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
    ‘bindings’ => \Illuminate\Routing\Middleware\SubstituteBindings::class,
    ‘can’ => \Illuminate\Auth\Middleware\Authorize::class,
    ‘guest’ => \App\Http\Middleware\RedirectIfAuthenticated::class,
    ‘throttle’ => \Illuminate\Routing\Middleware\ThrottleRequests::class,
    ‘admin’ => \App\Http\Middleware\AdminMiddleware::class,
    ];
    But it doesn’t work.
    Error message is
    Class ‘App\Http\Middleware\Auth’ not found
    What is this?

  3. protected $middlewareGroups = [
    ‘web’ => [
    \Project1\Http\Middleware\EncryptCookies::class,
    \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
    \Illuminate\Session\Middleware\StartSession::class,
    // \Illuminate\Session\Middleware\AuthenticateSession::class,
    \Illuminate\View\Middleware\ShareErrorsFromSession::class,
    \Project1\Http\Middleware\VerifyCsrfToken::class,
    \Illuminate\Routing\Middleware\SubstituteBindings::class,

    \Project1\Http\Middleware\AdminMiddleware::class, // HERE YOU NEED TO ADD
    ],

    ‘api’ => [
    ‘throttle:60,1’,
    ‘bindings’,
    ],
    ];

Leave a Reply

Your email address will not be published. Required fields are marked *