DEV Community

Cover image for How to Ban/Suspend Users in Laravel 8
shani singh
shani singh

Posted on • Updated on

How to Ban/Suspend Users in Laravel 8

Laravel 8 does not include the auth system by default now, You can install it By using laravel/ui package.
The common feature of ban any user from authentication is major missing in Laravel.

Here is What the login form Will looks like after banning any user from the application.

Login Ban

Steps To Achieve the outcome

Step 1 - Add New Column 'status' in the users table

Create a migration by running the command below

  php artisan make:migration add_status_to_users_table
Enter fullscreen mode Exit fullscreen mode

After Migration File created update the following code in the up() function.

      Schema::table('users', function (Blueprint $table) {
         $table->integer('status')->default(1);
      });
Enter fullscreen mode Exit fullscreen mode

Add 'status' in Fillable in app\Models\User.php

      protected $fillable = [
        'name',
        'email',
        'password',
        'status'
    ];
Enter fullscreen mode Exit fullscreen mode

Step 2 - Create a Middleware - CheckBanned

Create a middleware by running the command below.

      php artisan make:middleware CheckBanned
Enter fullscreen mode Exit fullscreen mode

Replace the handle method in app/Http/CheckBanned.php

    public function handle(Request $request, Closure $next)
    {
        if(auth()->check() && (auth()->user()->status == 0)){
            Auth::logout();

            $request->session()->invalidate();

            $request->session()->regenerateToken();

            return redirect()->route('login')->with('error', 'Your Account is suspended, please contact Admin.');

        }

        return $next($request);
    }
Enter fullscreen mode Exit fullscreen mode

Step 3 - Register the Middleware - app/Http/Kernel.php

IN 'web' Middleware group register the CheckBanned Middleware by putting the code below.

    \App\Http\Middleware\CheckBanned::class,
Enter fullscreen mode Exit fullscreen mode

Step 4 - Display The Error on the log in page.

Open login blade 'resources/views/auth/login.blade.php'

Add The following code to display the error message.

  @if (session('error'))
     <div class="alert alert-danger">
         {{ session('error') }}
     </div>
  @endif
Enter fullscreen mode Exit fullscreen mode

The Output result will look like

Alt Text

You Can Watch the video for detail explanation

Thanks for reading.
Reach out to me
Twitter
Instagram

Discussion (4)

Collapse
kevinwaxi profile image
kevin waxi

i think i would prefer saving banned users with time

Collapse
cyrillkalita profile image
Cyrill Kalita • Edited on

Second that; there is a common pattern, where a binary state (active/inactive, deleted/ not deleted, archived/not-archived) could be achieved with a timestamp - which in our case not only tells the admin since when the user is banned, but also allows for un-banning after, say a month.

And then the name of the field becomes banned_at and the rest of inspiration should come from SoftDeletes trait

I understand this is a Middleware example, so 1/0 is a good starting point; it just can be extended.

Collapse
shanisingh03 profile image
shani singh Author

Well That's correct Thanks for detailed comment. @cyrillkalita

Collapse
shanisingh03 profile image
shani singh Author

I think this is Just for starting point, you can always extend it according to your use case.