{"metadata":{"image":[],"title":"","description":""},"api":{"url":"","auth":"required","results":{"codes":[]},"settings":"","params":[]},"next":{"description":"","pages":[]},"title":"Multi-tenancy","type":"basic","slug":"multi-tenancy","excerpt":"","body":"Several real life applications require different types or roles of users. Say a `mentor` and a `mentee`.\n\nYou can achieve different protected route groups:\n* one that only allows mentors (Authenticated users of type `mentor`)\n* one that only allows mentees (Authenticated users of type `mentee`)\nby creating a middleware for each of these 2 (or 1 middleware with an argument):\n\n\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?php\\n\\nclass MentorAuthMiddleware\\n{\\n    public function handle($request, Closure $next)\\n    {\\n        $user = \\\\Auth::user();\\n\\n        if (!$user || $user->type !== 'mentor') {\\n            return response()->error('Not Authorized', 401);\\n        }\\n\\n        return $next($request);\\n    }\\n}\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\n\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?php\\n\\nclass MenteeAuthMiddleware\\n{\\n    /**\\n     * Handle an incoming request.\\n     *\\n     * :::at:::param  \\\\Illuminate\\\\Http\\\\Request  $request\\n     * @param  \\\\Closure  $next\\n     * @return mixed\\n     */\\n    public function handle($request, Closure $next)\\n    {\\n        $user = \\\\Auth::user();\\n\\n        if (!$user || $user->type !== 'mentee') {\\n            return response()->error('Not Authorized', 401);\\n        }\\n\\n        return $next($request);\\n    }\\n}\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\n\n[block:callout]\n{\n  \"type\": \"success\",\n  \"body\": \"Don't forget to add these middlewares to your Http Kernel.\"\n}\n[/block]\nAnd then you can use them in your **routes.php**:\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?php\\n\\n//Public endpoints\\n$api->group([], function ($api) {\\n  \\n});\\n\\n//Protected endpoints (Mentor or Mentee)\\n$api->group(['middleware' => 'api.auth'], function ($api) {\\n  \\n});\\n\\n//Protected: Mentor only\\n$api->group(['middleware' => ['api.auth', 'auth.mentor']], function ($api) {\\n  \\n});\\n\\n//Protected: Mentee only\\n$api->group(['middleware' => ['api.auth', 'auth.mentee']], function ($api) {\\n  \\n});\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]","updates":["586e4c832aa18039001c54a4"],"order":2,"isReference":false,"hidden":false,"sync_unique":"","link_url":"","link_external":false,"_id":"57ffd85f755a2e1700c2bb10","githubsync":"","category":{"sync":{"isSync":false,"url":""},"pages":[],"title":"JWT Auth","slug":"jwt-auth","order":5,"from_sync":false,"reference":false,"_id":"57ffd85f755a2e1700c2bb0b","__v":0,"version":"57ffd85f755a2e1700c2bb05","project":"567083021dabd80d00b122ae","createdAt":"2015-12-18T23:14:19.433Z"},"parentDoc":null,"__v":1,"createdAt":"2015-12-18T23:21:53.456Z","user":"567082433a32d20d00c45cab","project":"567083021dabd80d00b122ae","version":{"version":"3.4","version_clean":"3.4.0","codename":"","is_stable":true,"is_beta":false,"is_hidden":false,"is_deprecated":false,"categories":["57ffd85f755a2e1700c2bb06","57ffd85f755a2e1700c2bb07","57ffd85f755a2e1700c2bb08","57ffd85f755a2e1700c2bb09","57ffd85f755a2e1700c2bb0a","57ffd85f755a2e1700c2bb0b","57ffd85f755a2e1700c2bb0c","57ffd85f755a2e1700c2bb0d"],"_id":"57ffd85f755a2e1700c2bb05","project":"567083021dabd80d00b122ae","releaseDate":"2016-10-13T18:54:23.018Z","__v":1,"createdAt":"2016-10-13T18:54:23.018Z"}}
Several real life applications require different types or roles of users. Say a `mentor` and a `mentee`. You can achieve different protected route groups: * one that only allows mentors (Authenticated users of type `mentor`) * one that only allows mentees (Authenticated users of type `mentee`) by creating a middleware for each of these 2 (or 1 middleware with an argument): [block:code] { "codes": [ { "code": "<?php\n\nclass MentorAuthMiddleware\n{\n public function handle($request, Closure $next)\n {\n $user = \\Auth::user();\n\n if (!$user || $user->type !== 'mentor') {\n return response()->error('Not Authorized', 401);\n }\n\n return $next($request);\n }\n}", "language": "php" } ] } [/block] [block:code] { "codes": [ { "code": "<?php\n\nclass MenteeAuthMiddleware\n{\n /**\n * Handle an incoming request.\n *\n * @param \\Illuminate\\Http\\Request $request\n * @param \\Closure $next\n * @return mixed\n */\n public function handle($request, Closure $next)\n {\n $user = \\Auth::user();\n\n if (!$user || $user->type !== 'mentee') {\n return response()->error('Not Authorized', 401);\n }\n\n return $next($request);\n }\n}", "language": "php" } ] } [/block] [block:callout] { "type": "success", "body": "Don't forget to add these middlewares to your Http Kernel." } [/block] And then you can use them in your **routes.php**: [block:code] { "codes": [ { "code": "<?php\n\n//Public endpoints\n$api->group([], function ($api) {\n \n});\n\n//Protected endpoints (Mentor or Mentee)\n$api->group(['middleware' => 'api.auth'], function ($api) {\n \n});\n\n//Protected: Mentor only\n$api->group(['middleware' => ['api.auth', 'auth.mentor']], function ($api) {\n \n});\n\n//Protected: Mentee only\n$api->group(['middleware' => ['api.auth', 'auth.mentee']], function ($api) {\n \n});", "language": "php" } ] } [/block]