Authenticate users from more than two tables in laravel 5
Stefan Bogdanescu
Founder & Senior Architect · 2026-06-29
Title: Tackling Multiple User Authentication Sources in Laravel 5: A Comprehensive Guide
Body:
Create another
In many web applications, the need for multiple tables containing user information may arise. This can include managers from a 'managers' table and administrators from an 'admins' table. While Laravel provides a built-in Auth system to authenticate users from the standard 'users' table, we are often tasked with customizing existing functionality or creating our own AuthServiceProvider for handling multiple user authentication sources. In this blog post, we'll break down the process of implementing multi-table user authentication in a Laravel 5 application.
Prerequisites
- Familiarity with Laravel 5 framework and its concepts such as Eloquent ORM, Blade templates, etc.
- Basic understanding of Laravel's authentication system and
AuthServiceProvider - Knowledge of working with multiple database tables or models in Laravel
Creating the Models for Multiple Tables
Let’s first create database models for each table. You can do this usingphp artisan make:model ModelName -migration, where ModelName is replaced with your model name. For example, you may have:
php artisan make:model Manager -migrationphp artisan make:model Admin -migration
php artisan migrate:install. Then define their respective migration files in your database. You can also add relationships between these related models if necessary.
Defining Custom Login Controllers and Routes
Since we are creating multiple AuthServiceProviders, we need to create custom login controllers for each table: 1. Create a new folderApp/Http/Controllers/Auth.
2. Inside this folder, add the ManagerLoginController file with the following content:
namespace App\Http\Controllers\Auth;
use Illuminate\Foundation\Application;
use Laravel\Passport\Clients\AbstractClient as OauthClient;
use Auth;
class ManagerLoginController extends \Illuminate\Foundation\Unauthenticated\{
public function authenticate($request) {
$credentials = $request->only('email', 'password');
if (Auth::attempt(['email' => $credentials['email'], 'password' => $credentials['password']], true)) return redirect()->intended('/manager-dashboard');
return back()->withInput()->withErrors([
'message' => 'Invalid credentials',
]);
}
}
3. Create another LoginController for Administrators:
namespace App\Http\Controllers\Auth;
use Illuminate\Foundation\Application;
use Laravel\Passport\Clients\AbstractClient as OauthClient;
use Auth;
class AdminLoginController extends \Illuminate\Foundation\Unauthenticated\{
public function authenticate($request) {
$credentials = $request->only('email', 'password');
if (Auth::attempt(['email' => $credentials['email'], 'password' => $credentials['password']], true)) return redirect()->intended('/admin-dashboard');
return back()->withInput()->withErrors([
'message' => 'Invalid credentials',
]);
}
}
4. Add the following routes in your route file:
Route::group(['prefix' => 'auth'], function() {
// Manager Login Route
Route::post('/managerLogin',['as' => 'managerLogin', 'uses' => 'App\Http\Controllers\Auth\ManagerLoginController@authenticate']);
// Admin Login Route
Route::post('/adminLogin', ['as' => 'adminLogin', 'uses' => 'App\Http\Controllers\Auth\AdminLoginController@authenticate']);
});
Creating Custom AuthServiceProvider
With the controllers, models and routes set up, we need to create customAuthServiceProviders for each table. We can use the base class Illuminate\Auth\AuthManager.
- Create a new folder named
App/Providers. - Inside this folder, create another subfolder called
Authenticators. - Within the
Authenticatorsfolder, create a file for each table authentication. Let's sayManagerAuthenticator.phpandAdminAuthenticator.php. Each file will contain these contents:
namespace App\Providers\Authenticators;
use Illuminate\Auth\Events\Login as LoginEvent;
use Illuminate\Foundation\Application;
class ManagerAuthenticator extends Illuminate\Auth\DatabaseManagerAuthenticator implements \Illuminate\Contracts\Auth\AuthenticatableProvider {
public function validateCredentials(Request $request, Application $app) {
return [
'email' => $request->get('email'),
'password' => $request->get('password')
];
}
public function registerLoginAttemptEvent(Application $app) {
$app['events']->listen(LoginEvent::class, function($event){
if ($event->user instanceof \App\Manager) {
$this->fireSuccessfulLogin($event);
}
});
}
public function handleLoginRequest(Application $app, Request $request) {
$credentials = $this->validateCredentials($request, $app);
if ($credentials) {
return Auth::guard('manager')->attempt($credentials);
} else {
throw new \Illuminate\Validation\ValidationException(
response()->json(['message' => 'Invalid credentials'], 422)
);
}
}
}
AdminAuthenticator.php file with nearly the same content as above, but changing 'Manager' to 'Admin' and adjusting routes accordingly.Register Custom Providers in Laravel Configuration File
To use these custom authentication providers, add them to your Laravel configuration file (usually found at/config/auth.php) within the 'guards' section, like so:
'guards' => [
// ... existing entries
'manager' => [
'driver' => 'app.authenticator.manager',
'provider' => 'managers',
],
'admin' => [
'driver' => 'app.authenticator.admin',
'provider' => 'admins',
]
// ... other entries
],
Conclusion
By leveraging Laravel's flexibility, you can create customAuthServiceProvider classes for multiple authentication sources. This approach provides a reliable solution when working with large or complex web applications that involve different user roles and permissions. Always remember to ensure your code is secure, maintainable, and well-documented for future maintenance and expansion.