sentinel
sentinel copied to clipboard
cartalyst
[4.0] Double authentication.
Hello. Is it possible somehow to make double authentication? I have two sections on my site: clients and administrators. Clients have access anywhere except site.com/admin*. When I login in public section I can't login into admin section so that I could have two different logged in users. I can login either public section or admin section.
As i mentioned you on the other issue you created a month or so ago this is not possible out of the box nor we provide support for it.
You can try this https://gist.github.com/leabdalla/5999421 (KEEP IN MIND THIS IS FOR SENTRY, IT'S OUTDATED, AND WE DID NOT WRITE IT) and hack your way through it.
We'll consider to add this as a feature though as it was requested a couple of times.
+1 for this feature: I also have two users' tables with different fields and scope ("administrators", who log into /admin section and have a basic set of fields, and "customers" who login in the main/public area of the site and have a wide set of fields: billing address, billing city, ... , shipping address, shipping city, ... , VAT number, newsletter subscription, etc.: you see, it's just a different world :-)
@hiddenl00p You can now "react" to the original post with a +1; no need to comment (in which case everybody receives an email message).
I like what you're saying here, everyone, but I'm not sure that adding the ability to "login with two separate users at the same time" is really the best solution to the quandary as I understand it. Whether in Sentinel, or any other such system.
@ivanhalen I've built exactly what you're describing using Sentinel. And I did it by using a custom user model, extending a few base classes, and stitching together two database tables (Sentinel's users table, in which a record will exist for every user, and my own user_details table, in which records exist only for the non-admin users).
And with the careful application of Roles and Permissions, I'm able to determine who has access to my custom administration tools (they're built on the "public" side, but aren't "publicly accessible"); I don't need a second "user type" with a whole separate Sentinel instance in the app container to service it.
Maybe I'm missing some fundamental aspect of the problem that we're discussing, but I just don't see any limitation of the existing implementation that would prevent achieving what's described here.
The main limitation is that you'll need to "hack" this together for every application you might build and while it seems "easy" not everyone has the same knowledge or even time to do so.
I personally find this feature quite useful, as sometimes we might not want to mix staff members from customers, i already had this need before.
Since it is still a proposal, nothing is decided if we're going to have this on the core or not.
Okay, thanks for clarifying, Bruno!
I'm on-board. Everything you say makes sense. +1'd.
And you're right, it was a difficult customization to make (in fact, I had to ask for help from the devs ), and if it were simple to implement, a lot of people would use it.
The main limitation is that you'll need to "hack" this together for every application you might build and while it seems "easy" not everyone has the same knowledge or even time to do so.
Isn't this why we are programmers, to create applications that goes out of the box, with tough decisions, tough code and many more?
+1 for this especially because it is supported by laravel with use of guards, and it should therefore be easy to adapt with sentinel.
Until it is finalized this might be useful:
https://laracasts.com/discuss/channels/laravel/inject-2-instances-of-same-class-in-constructor
