Building a basic admin panel using Laravel (1) – Authentication

Many web apps and online platforms need some kind of administration panel to manage their public parts. Only a limited number of users with a specific role or privileges have access to this admin panel. Examples include a webshop, hour registration tool, cooking website or a blog.

To build such an admin panel you have several options, e.g. use an existing CMS, build from scratch or use a php or javascript framework. We have build a lot of administration panels and the PHP framework Laravel came out as our favorite. Note that there are admin packages available for Laravel via packagist and that Laravel has an official package called Spark that also gives you a lot of features out of the box. However, we experienced that Laravel itself already has so much features to quickly build a basic admin panel yourself that a package isn’t always needed. In this blog series, we like to share our approach.

We had a look at the admin panels we have created ourselves and made a selection of features that existed in most of the panels:

  1. Authentication
  2. CRUD operations, for example to manage the customers of the platform
  3. User roles and privileges: some actions may only be performed by specific users

Of course, an admin panel can be extended as you like with all the great features of Laravel, but this is beyond the scope of this blog.

Technical assumptions

At the time of writing, the current Laravel version is 5.6. We assume that you have some basic experience with Laravel and know how to initialize and run a new laravel project. If not, you can check the documentation. Additionally, install the Laravel Collective Html package to easily manage your forms.

A quick note on the styling of the admin panel

For an admin panel styling is likely not the most important part, but working with the panel is more enjoyable when it looks good. By default, Laravel uses the Bootstrap css framework, so you get a lot of styling out-of-the-box.

Some points of attention:

  • The font-size (and font-family in some bootstrap versions) are not very readable in form fields. Consider increasing the default font-size and change the font-family to something readable, like PT sans or even arial.
  • Change the name of the app in the .env file. The app name is automatically used in several parts of the system, for example in the menu bar and the password reset email.

Does the admin panel control the content of a related public website? Then copy some of the styling to the admin panel. For example, adjust the color and size of the h1, h2 and h3 according to the public website and do the same for the styling of the buttons. Those are only minor changes, but it connects the admin panel and the public website and usually makes the (admin)users happy.

Authentication

Authentication for your basic admin panel

The Authentication scaffolding included by default in Laravel is suitable for an admin panel, but it requires some adjustments. Typically, registration isn’t open for everyone, but should be performed by an existing user.

Start with initializing the default authentication via the command line:

php artisan make:auth

This command generates the necessary files, adds the following code to the routes/web file:

Auth::routes();

Next, go back to the command line and use this command:

php artisan route:list

This generates a list of all registered routes. You can see that all authentication routes (except logout) are available for everyone.

Now, go back to the routes/web file and remove the Auth::routes() line. Instead, add the following routes (we often leave out the routes related to reset password, but if your admin panel needs it, just add them outside the route group with middleware ‘auth’):

Route::get('login','Auth\LoginController@showLoginForm')->name('login');
Route::post('login', 'Auth\LoginController@login');

Route::group(['middleware' => 'auth'], function () {
   Route::get(‘register’,'Auth\RegisterController@showRegistrationForm')->name(‘register’);
   Route::post(‘register’,’Auth\RegisterController@register’);
   Route::post('logout','Auth\LoginController@logout')->name('logout');
});

With these changes, the authentication partfor your admin panel is finished. Note that new users can only be created by existing users, so you need to create the first one manually. Laravel Tinker is a good option for this.

In the next blog post of this series we will extend our basic admin panel and include CRUD operations.


Mijn Twitter profiel Mijn Facebook profiel
Leonie Derendorp Webdeveloper and co-owner of PLint-sites in Sittard, The Netherlands. I love to create complex webapplications using Laravel! All posts
View all posts by Leonie Derendorp

2 thoughts on “Building a basic admin panel using Laravel (1) – Authentication

  1. George

    Thanks for this. All working as expected so far, apart from the Auth package squealing about some missing routes (as you mentioned it might).

    Anyone else needing the password reset related routes, they are in ../vendor/laravel/framework/src/Illuminate/Routing/Router.php

    Make sure you replace the:
    “$this->”
    to
    “Route::”
    for each of the routes.

    Reply
    1. Leonie Derendorp Post author

      Thanks George!

      When you need the password reset routes, you can indeed use these routes:

      Route::post(‘password/email’, ‘Auth\ForgotPasswordController@sendResetLinkEmail’)->name(‘password.email’);
      Route::post(‘password/reset’, ‘Auth\ResetPasswordController@reset’);

      Route::get(‘password/reset’, ‘Auth\ForgotPasswordController@showLinkRequestForm’)->name(‘password.request’);
      Route::get(‘password/reset/{token}’, ‘Auth\ResetPasswordController@showResetForm’)->name(‘password.reset’);

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *