Laravel Architecture – Best Practices for Frontend and Backend

ArchitecturelaravelPHP

I am building a website application using Laravel that will allow me to run gaming tournaments. The site will consist of two types of user, one being the 'admins' that can add/edit results, and the other will be 'users' who can basically view tournament results.

I could build this two ways..

A) Have one Laravel app with the site primarily being the frontend and have a route called '/admin' or '/cms' that is the CMS Administration that can only be accessed by admins. Admins will have their own DB table named 'admins' as will the 'users' table (for users logging into the 'frontend'). I can use guards in Laravel to prevent a 'normal' logged in user accessing the admin etc… This would mean all models/templates are in one place etc..

B) Have TWO Laravels individual apps e.g www.gamingsite.com & admin.gamingsite.com (possibly even two totally different domains) using the same database having an admins table and users table as already shown above, this would mean all the models/templates are totally seperated from the 'front' and 'backend' respectively.

Both have pros and cons…. what do other developers usually do within this situation? I can appreciate both would work but would like to know what other developers would consider to do.

P.S Note I am using Laravel 5.4

Best Answer

It's far more common to have one app and one users table. Look at any CMS out there (Wordpress, Joomla, forum software) - admins are always just regular users with additional privileges.

In Laravel projects I've written I also follow this. I use one users table and add a level field which stores 1 for a regular user and 100 for an admin. The reason for using integers is so that I can add more levels in the future, e.g. 50 for "moderator", and it's easy to check multiple levels such as "moderator or higher". I usually add functions to the Eloquent User class for this, so I can write if ($user->isAdmin()) and so on.

Then I add /admin routes which map to controller(s) that handle just admin pages. Laravel has several Authorization methods built-in that you can use. Personally, I create a "role" middleware then in my AdminController::__construct() call $this->middleware('auth.role:admin'); but there are many ways to do it.

Related Topic