How to Disable Users from Login in Laravel

Laravel 8 does not include the auth system by default now, You can Read Laravel 8 Authentication.

The common feature of ban or suspend any user from authentication is major missing in Laravel.

Here is What the login form Will looks like after banning any user from the application.

Steps To Achieve the outcome

Step 1 - Add New Column 'status' in the users table

Create a migration by running the command below

php artisan make:migration add_status_to_users_table

After Migration File created update the following code in the up() function.

Schema::table('users', function (Blueprint $table) {
    $table->integer('status')->default(1);
});

Add 'status' in Fillable in app\Models\User.php

protected $fillable = [
        'name',
        'email',
        'password',
        'status'
];

Step 2 - Create a Middleware - CheckBanned

Create a middleware by running the command below.

php artisan make:middleware CheckBanned

Replace the handle method in app/Http/CheckBanned.php

public function handle(Request $request, Closure $next)
{
    if(auth()->check() && (auth()->user()->status == 0)){
            Auth::logout();

            $request->session()->invalidate();

            $request->session()->regenerateToken();

            return redirect()->route('login')->with('error', 'Your Account is suspended, please contact Admin.');

    }

    return $next($request);
}

Step 3 - Register the Middleware - app/Http/Kernel.php

IN 'web' Middleware group register the CheckBanned Middleware by putting the code below.

\App\Http\Middleware\CheckBanned::class,

Step 4 - Display The Error on the log in page.

Open login blade 'resources/views/auth/login.blade.php'

Add The following code to display the error message.

@if (session('error'))
   <div class="alert alert-danger">
        {{ session('error') }}
   </div>
@endif

You can watch the video for complete Explanation and implementation.

Thank You for Reading

Reach Out To me.
Twitter
Instagram
TechToolIndia

Comments

[Benjamin Delespierre]

Thank for the article. I find the status property very vague and indescriptive. Wouldn't it be better to have a is_banned flag?

[TechTool India]

Thanks for suggestion. Yes you can use any flag which we can validate in middleware.

[steven]

how can i use this with jetstream?

[TechTool India]

Very soon i will write a blog in the same.

[steven]

is it already up?

[RasmiyaRahmathRV]

Thank you for the article. Simple, Clean and up to the point. great work

[Mike-Carolan]

Excellent article! Straightforward and to the point! Worked like a champ! Thank you!