Laravel 5 Admin Middleware (is_admin user check)

Would you like to have middleware that makes sure that only users with an is_admin = 1 status will be able to see the admin section? Then you can use the following code:

app/Http/Middleware/AdminMiddleware.php

<?php

namespace App\Http\Middleware;

use Closure;

class AdminMiddleware
{

    /**
     * Handle an incoming request. User must be logged in to do admin check
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if (\Auth::user()->is_admin == 1)
        {
            return $next($request);
        }

        return redirect()->guest('/');
    }
}

Make sure you’ll register the middleware as a route in app/Http/Kernel.php

protected $routeMiddleware = [
        'auth' => \App\Http\Middleware\Authenticate::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'admin' => \App\Http\Middleware\AdminMiddleware::class
];

Finally assign this middleware in the routes.php next to the auth middleware, since the admin middleware is an extension to the auth middleware.

App/Http/routes.php

Route::group(['prefix' => 'administration', 'middleware' => ['auth', 'admin']], function()
{
	Route::get('/', 'Admin\HomeController@index');
}

If you’ve suggestions to make this coding more efficient, you’re always welcome to drop a comment below.

11 thoughts on “Laravel 5 Admin Middleware (is_admin user check)”

  1. Very useful. I would like to add one more important step.

    @if(\Auth::user()->admin==1)
    Logged in as Admin
    @else
    You are logged in!
    @endif

    Add this in your home.blade.php to check whether user is admin or guest user.

  2. I am using laravel 5.3.
    I’ve added adminMiddleware in app/Http/Kernel.php.

    protected $routeMiddleware = [
    ‘auth’ => \Illuminate\Auth\Middleware\Authenticate::class,
    ‘auth.basic’ => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
    ‘bindings’ => \Illuminate\Routing\Middleware\SubstituteBindings::class,
    ‘can’ => \Illuminate\Auth\Middleware\Authorize::class,
    ‘guest’ => \App\Http\Middleware\RedirectIfAuthenticated::class,
    ‘throttle’ => \Illuminate\Routing\Middleware\ThrottleRequests::class,
    ‘admin’ => \App\Http\Middleware\AdminMiddleware::class,
    ];
    But it doesn’t work.
    Error message is
    Class ‘App\Http\Middleware\Auth’ not found
    What is this?

  3. protected $middlewareGroups = [
    ‘web’ => [
    \Project1\Http\Middleware\EncryptCookies::class,
    \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
    \Illuminate\Session\Middleware\StartSession::class,
    // \Illuminate\Session\Middleware\AuthenticateSession::class,
    \Illuminate\View\Middleware\ShareErrorsFromSession::class,
    \Project1\Http\Middleware\VerifyCsrfToken::class,
    \Illuminate\Routing\Middleware\SubstituteBindings::class,

    \Project1\Http\Middleware\AdminMiddleware::class, // HERE YOU NEED TO ADD
    ],

    ‘api’ => [
    ‘throttle:60,1’,
    ‘bindings’,
    ],
    ];

  4. Very useful. I would like make different login view for admin and user with help of Admin Middleware. when admin login in backend then he also automatically login in frontend but when frontend user try to access backend then its not able to access admin. can any one help me on this issue?

Leave a Reply

Your email address will not be published. Required fields are marked *