Tutorial for Laravel 4 - Authentication

tinyhook picture tinyhook · Jun 19, 2013 · Viewed 9.2k times · Source

I looked around and found some tutorials about Laravel 4 authentication using Sentry or Confide and Entrust. Which are good but a little vague for me, I am Laravel beginner and this is my first framework.

Does anyone know of any tutorial or suggestions implementing user authentication with user roles.

Here is what I am trying to make. - Its an internal website for work. Where writers can sign in and submit articles. - Admins Can go over those articles. - These articles are not public so no one can view them. - Writers cannot see each others articles, but admins have access to everything.

I am just looking for tutorial that goes over user roles and how to implement them.

Edit

This is what I ended up doing.

After Installing Sentry in the way specified by @Antonio Carlos Ribeiro.

I had Users,Groups and few other tables (I just had to use user and groups).

Here is my seeder that I initially used for creating users and groups. It can be made more efficient, but for anyone who wants to just get started this would work.

class SentrySeeder extends Seeder {

public function run()
{
    DB::table('users')->delete();
    DB::table('groups')->delete();
    DB::table('users_groups')->delete();

    Sentry::getUserProvider()->create(array(
        'email'       => '[email protected]',
        'password'    => "admin",
        'first_name'  => 'John',
        'last_name'   => 'McClane',
        'activated'   => 1,
    ));

    Sentry::getUserProvider()->create(array(
        'email'       => '[email protected]',
        'password'    => "user",
        'first_name'  => 'Saad',
        'last_name'   => 'Kabir',
        'activated'   => 1,
    ));

    Sentry::getUserProvider()->create(array(
        'email'       => '[email protected]',
        'password'    => "user",
        'first_name'  => 'Jack',
        'last_name'   => 'Doe',
        'activated'   => 1,
    ));

    Sentry::getUserProvider()->create(array(
        'email'       => '[email protected]',
        'password'    => "user",
        'first_name'  => 'Jon',
        'last_name'   => 'Doe',
        'activated'   => 1,
    ));

    Sentry::getGroupProvider()->create(array(
        'name'        => 'Admin',
        'permissions' => array('admin' => 1),
    ));

    Sentry::getGroupProvider()->create(array(
        'name'        => 'Writer',
        'permissions' => array('writer' => 1),
    ));



    // Assign user permissions
    $adminUser  = Sentry::getUserProvider()->findByLogin('[email protected]');
    $adminGroup = Sentry::getGroupProvider()->findByName('Admin');
    $adminUser->addGroup($adminGroup);


    $userUser  = Sentry::getUserProvider()->findByLogin('[email protected]');
    $userGroup = Sentry::getGroupProvider()->findByName('Writer');
    $userUser->addGroup($userGroup);

    $userUser  = Sentry::getUserProvider()->findByLogin('[email protected]');
    $userGroup = Sentry::getGroupProvider()->findByName('Writer');
    $userUser->addGroup($userGroup);

    $userUser  = Sentry::getUserProvider()->findByLogin('[email protected]');
    $userGroup = Sentry::getGroupProvider()->findByName('Writer');
    $userUser->addGroup($userGroup);
}

}

After adding the initial users I was using a form to add new users, So in my controller I had something like this. Again this is just for learning/testing the framework, original implementation is very different. But for testing purposes this should work.

Assuming you have a form that submits to a controller@function, you can have something like this,

$user = Sentry::getUserProvider()->create(array(
            'email'       => Input::get('email'),
            'password'    => Input::get('password'),
            'first_name'  => Input::get('first_name'),
            'last_name'   => Input::get('last_name'),
            'activated'   => 1,
        ));

        $writerGroup = Sentry::getGroupProvider()->findByName('writer');

        $user->addGroup($writerGroup);

Rest you can find in Sentry documentation: Sentry Docs

Feel free to edit this question to make it more informative or add new examples.

Answer

Antonio Carlos Ribeiro picture Antonio Carlos Ribeiro · Jun 19, 2013

Well, this is not exactly an article about it, but it covers most of what we use on auth and roles in Sentry2. So, basically you have to

Install composer by executing

curl -sS https://getcomposer.org/installer | php

Put it on a executable folder, renaming it

sudo mv composer.phar /bin/composer

Set the executable bit

sudo chmod +x /bin/composer

Install laravel by executing

composer create-project laravel/laravel

Install Sentry 2

composer require cartalyst/sentry:2.0.*

Then you just have to use Sentry:

Create your user groups and permissions for each group:

Sentry::getGroupProvider()->create(array(
    'name'        => 'Super Administrators',
    'permissions' => array(
            'system' => 1,
    ),
));

Sentry::getGroupProvider()->create(array(
    'name'        => 'Managers',
    'permissions' => array(
        'system.articles' => 1,
    ),
));

Sentry::getGroupProvider()->create(array(
    'name'        => 'Publishers',
    'permissions' => array(
        'system.articles.add' => 1,
        'system.articles.edit' => 1,
        'system.articles.delete' => 1,
        'system.articles.publish' => 1,
    ),
));

Sentry::getGroupProvider()->create(array(
    'name'        => 'Authors',
    'permissions' => array(
        'system.articles.add' => 1,
        'system.articles.edit' => 1,
        'system.articles.delete' => 1,
    ),
));

Set a group to a particular user, in this case it is setting Managers to the current logged user

Sentry::getUser()->addGroup( Sentry::getGroupProvider()->findByName('Author') );

Check if a user can publish and an added article

if ( Sentry::getUser()->hasAnyAccess(['system','system.articles','system.articles.publish']) )
{
    // will be able to publish something
}

Check if a user is Super Administrator (only this group has the 'system' access)

if ( Sentry::getUser()->hasAnyAccess(['system']) )
{
    // will be able to do a thing
}

Get all groups from a particular user

try
{
    // Find the user using the user id
    $user = Sentry::getUserProvider()->findById(1);

    // Get the user groups
    $groups = $user->getGroups();
}
catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
{
    echo 'User was not found.';
}