Why laravel 6 auth returns false after redirecting by using custom guard?

Question

I am trying to make auth through laravel package using admins table. In the project directory I added admin guard into config/auth.php

'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model' => App\User::class,
        ],

        'admins' => [
            'driver' => 'eloquent',
            'model' => App\Admin::class,
        ],

        // 'users' => [
        //     'driver' => 'database',
        //     'table' => 'users',
        // ],
    ],

And in the guard array

'guards' => [
    'web' => [
        'driver' => 'session',
        'provider' => 'users',
    ],

    'api' => [
        'driver' => 'token',
        'provider' => 'users',
        'hash' => false,
    ],

    'admin' => [
        'driver' => 'session',
        'provider' => 'admins',
    ],
    ],

Following is my login controller inside pacakge

class LoginController extends Controller
{

   use AuthenticatesUsers;
   protected $redirectTo = '/admin/dashboard';
   protected function redirectTo()
   {
         return '/admin/dashboard';
   }

   public function __construct()
   {
       $this->middleware('guest')->except('logout');
   }
   public function login(Request $request)
   {   
       if(Auth::guard('admin')->attempt($request->only('email','password'), true)){
           return redirect()
               ->intended(route('dashboard'))
               ->with('status','You are Logged in as Admin!');
       }
   }

}

and following is my dashboard controller

class DashboardController extends Controller
{
    public function __construct()
    {
        /* dd(Auth::check()); */ //return false : just want to show you

          $this->middleware('auth:admin');
    }

    public function index()
    {
        return view('xyz::dashboard');
    }

}

And in my Admin.php Model following script is there

namespace App;

class Admin extends \ABC\xyz\App\Models\Admin
{

}

Which is extending package model

namespace ABC\xyz\App\Models;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Foundation\Auth\User as Authenticatable;
class Admin extends Authenticatable
{

    protected $table = 'admins';
}

And below are the routes from my package

    $namespace = 'ABC\Xyz\App\Http\Controllers';
    Route::group([    
    'namespace' => $namespace,
    'middleware' => ['web'], 
    'prefix' => 'admin'
], function () {
    Route::get('login', function(){
        return view('xyz::auth.login');
    })->name('login');

    Route::post('/login', 'Auth\LoginController@login')->name('customLogin');
});

Route::group(['namespace' => $namespace,'prefix' => 'admin',  'middleware' => ['auth']  ], function () {
    Route::get('dashboard', 'DashboardController@index')->name('dashboard');
});

When I try to login, after submitting valid details it does not redirecting me to dashboard, nothing happening. Also when I try for open forcefully /dashboard it take me to login page.

Also right after login attempt when I try Auth::check() it's returns true but same thing returning false in dashboardController.php construct function. In the same way Auth::guard('admin')->user() returns user's info while on dashboardController.php it's returns null.

Strange Result of php artisan route:list

As you can see in DashboardController.php construct I added $this->middleware('auth:admin');

So when I try to add dd(Auth::guard('admin')->user()) and then check in terminal php artisan route:list it returns null and sometime false, any idea why it is happening?

I don't know what and where I am missing something.

I would like to request you kindly guide me about it. I would appreciate.

Thank you

Answer 1

The problem is in your routes file:

Route::group(['namespace' => $namespace,'prefix' => 'admin',  'middleware' => ['auth']  ], function () {
    Route::get('dashboard', 'DashboardController@index')->name('dashboard');
});

You are using the default guard with auth middleware. After you are logged in with admin guard you may not be logged in by your default web guard. That is why it fails and tries to redirect you to login page:

When I try to login, after submitting valid details it does not redirecting me to dashboard, nothing happening. Also when I try for open forcefully /dashboard it take me to login page.

Instead, you should specify in your group that you are using the admin guard:

Route::group(['namespace' => $namespace,'prefix' => 'admin',  'middleware' => ['auth:admin']], function () {
    Route::get('dashboard', 'DashboardController@index')->name('dashboard');
});

However, you already specified in your DashboardController to use $this->middleware('auth:admin');, so there is no need to specifiy it in the route group again. The following is enough and reduces the likelihood to create an error:

Route::group(['namespace' => $namespace,'prefix' => 'admin'], function () {
    Route::get('dashboard', 'DashboardController@index')->name('dashboard');
});