Custom multi-auth guard logging & routing

Question

I'm developing a Laravel 6 app with 4 different users(with a different table for each). For this, I am using multi auth guard and created my first guard following this tutorial online ( https://pusher.com/tutorials/multiple-authentication-guards-laravel ).

Here is my custom guard "student"

    'guards' => [
    'web' => [
        'driver' => 'session',
        'provider' => 'users',
    ],
    'api' => [
        'driver' => 'token',
        'provider' => 'users',
        'hash' => false,
    ],
    'student' => [
        'driver' => 'session',
        'provider' => 'students',
    ],
],

And Providers

    'providers' => [
    'users' => [
        'driver' => 'eloquent',
        'model' => App\User::class,
    ],
    'students' => [
        'driver' => 'eloquent',
        'model' => App\Models\Student::class,
    ],
],

I have a custom login controller using a custom auth guard named 'student'

namespace App\Http\Controllers;

use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
use Auth;
use Student;

class LoginController extends Controller
{
    protected $redirectTo = '/dashboard';

    public function __construct()
    {
        $this->middleware('guest')->except('destroy');
        $this->middleware('student')->except('destroy');
    }
    public function studentLogin(Request $request)
    {
        $this->validate($request, [
            'email'   => 'required|email',
            'password' => 'required|min:5'
        ]);

        if (Auth::guard('student')->attempt(['email' => $request->email, 'password' => $request->password], $request->get('remember'))) {

            return redirect()->intended('admin/home')->with('smessage', 'Logged in successfully...!');
        }
        return back()->withInput($request->only('email', 'remember'));
    }...
    }

Now, Whenever I try to log in, It seems like I am logged in and redirected to the URL defined in the middleware/RedirectIfAuthenticated.php but this error pops up "Trying to get property of non-object" which is from the common header template where no data of logged user are available on auth()->user() .

If I use 'middleware'=>'auth:student' , I can access the route as student and have the logged user data via auth()->user() . same for admin using 'middleware'=>'auth' but passing both auth and auth:student as an array I can't get the logged user data via auth()->user() for both user.

Here are my routes:

Route::get('/', function () {
    return view('welcome');
});
Route::get('/login', 'LoginController@create')->name('login');
Route::post('login', 'LoginController@store');
Route::get('/login/student', 'LoginController@create')->name('studentlogin');
Route::post('/login/student', 'LoginController@studentLogin');

Route::get('/logout', 'LoginController@destroy')->name('logout'); 

Route::group(['prefix'=>'admin', 'namespace' => 'Dashboard', 'middleware'=> 'auth' ], function () {

    Route::get('home', 'DashboardController@display')->name('admin.home');

    Route::get('users', 'UserlistController@display')->name('admin.userlist');
    Route::post('users', 'UserlistController@store')->name('admin.create');
    Route::delete('users/{id}', 'UserlistController@destroy')->name('admin.deleteuser');

});

Route::group(['prefix'=>'student', 'namespace' => 'Students', 'middleware'=> 'auth:student' ], function () {
    Route::get('all', 'StudentsController@display')->name('student.all');
    Route::delete('all/{id}', 'StudentsController@destroy')->name('student.delete');
    Route::post('all', 'StudentsController@store')->name('student.store');
});

Couldn't find any solutions from other related topics on StackOverflow. Please do correct me if I have any mistakes somewhere or let me know if you want to inspect any other files for the code.

Thanks in advance.

Answer 1

You don't have any data on auth()->user() because you're querying the default guard which is web .

If you want to retrieve the logged user through student guard, you have to do auth()->guard('student')->user();

Also remember to pass everytime your guard to auth and middlewares that uses auth .

Ie: if you need to make some routes restricted only to authenticated users you will need to do:

Route::group(['middleware' => 'auth:student'], function() {
    // Your restricted routes
})

Omitting :student will use the default web guard as always

Note that if you need to restrict your routes to a group of users belonging to different guards you can pass those guards to auth :

Route::group(['middleware' => 'auth:web,student'], function() {
    // Your restricted routes
}];

In this way Laravel will check for both web and student guards and will automatically set the one that belongs to the authenticated user. You will also be able to retrieve your user only by doing auth()->user() forgetting to pass the right guard