All credits go to : https://stackoverflow.com/questions/36250746/how-to-protect-register-with-auth-midleware-in-laravel-5-2
Solution #1 (any authenticated user)
On file /app/Http/Controllers/Auth/RegisterController.php
simply change from
public function __construct()
{
$this->middleware('guest');
}
to
public function __construct()
{
$this->middleware('auth');
}
Solution #2 (only authenticated admin user) a) run
php artisan make:middleware IsAdmin
b) Add to the routeMiddleware array in your kernel file by opening app/Http/Kernel.php:
'admin' => \App\Http\Middleware\IsAdmin::class,
c) edit isAdmin file
public function handle($request, Closure $next)
{
if (Auth::user() && Auth::user()->is_admin == 1) {
return $next($request);
}
return redirect('/');
}
d) On file /app/Http/Controllers/Auth/RegisterController.php, change the constructor from
public function __construct()
{
$this->middleware('guest');
}
to
public function __construct()
{
$this->middleware('admin');
}
e) Update user migration to include a boolean field
Schema::create('users', function (Blueprint $table) {
$table->mediumIncrements('id');
$table->string('name');
$table->string('email')->unique();
$table->string('password');
$table->boolean('is_admin')->default(false);
$table->rememberToken();
$table->timestamps();
});
f) Update User model to allow ‘is_admin’ field
protected $fillable = [
'name', 'email', 'password', 'is_admin'
];