Tangible Bytes

A Web Developer’s Blog

Multiple Authentication in Laravel

You may not need this, if you can manage multiple types of user via roles and permissions it will be much the simpler route to follow.

In my case I wanted user with different: properties, relationships, routes, password rules, timeouts, and more.

It was worth the pain of setting up two authenticatable models.

Laravel is very flexible and well documented, but the further you stray from what most people do - the less obvious it is and a few of these steps took me a while to figure out.

Read more ...

Laravel Database Privileges

Laravel has some really good features for setting database connections - but oddly this isn’t spelled out in the documentation.

Databases (especially in Docker containers) often come by default with a single, powerful, user account.

As a result all too often people run Laravel without considering the principle of least privilege.

By following a few simple steps we can enhance security.

Read more ...