Create admin users

app/Http/Kernel.php

@@ -55,6 +55,7 @@ class Kernel extends HttpKernel
      */
     protected $routeMiddleware = [
         'auth' => \App\Http\Middleware\Authenticate::class,
+        'auth.admin' => \App\Http\Middleware\AdminAuth::class,
         'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
         'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
         'can' => \Illuminate\Auth\Middleware\Authorize::class,

app/Http/Middleware/AdminAuth.php

@@ -0,0 +1,27 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
+
+class AdminAuth
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle(Request $request, Closure $next)
+    {
+        $user = Auth::user();
+        if($user && $user->isAdmin()) {
+            return $next($request);
+        }
+        throw new AccessDeniedHttpException("You must be an admin to access this path");
+    }
+}

app/Models/User.php

@@ -45,6 +45,10 @@ class User extends Authenticatable
         'email_verified_at' => 'datetime',
     ];
 
+    public function isAdmin() {
+          return $this->admin;
+    }
+
     public function cart() {
           return $this->belongsToMany(Product::class, "cart_items", "userID", "productID");
     }

config/admin.php

@@ -0,0 +1,7 @@
+<?php
+
+return [
+    'email' => env("ADMIN_EMAIL"), 
+    'username' => env("ADMIN_USERNAME"), 
+    'password' => env("ADMIN_PASSWORD"), 
+];

database/migrations/2021_11_19_075332_admin_field_user.php

@@ -0,0 +1,32 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+class AdminFieldUser extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table("users", function (Blueprint $blueprint) {
+            $blueprint->boolean("admin")->default(false);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table("users", function (Blueprint $blueprint) {
+            $blueprint->dropColumn("admin");
+        });
+    }
+}

database/seeders/DatabaseSeeder.php

@@ -3,7 +3,9 @@
 namespace Database\Seeders;
 
 use App\Models\Image;
+use App\Models\User;
 use Illuminate\Database\Seeder;
+use Illuminate\Support\Facades\Hash;
 
 class DatabaseSeeder extends Seeder
 {
@@ -14,7 +16,17 @@ class DatabaseSeeder extends Seeder
      */
     public function run()
     {
-        \App\Models\User::factory(10)->create();
+        User::factory(10)->create();
+        $creds = [
+            'email' => config('admin.email'),
+            'name' => config('admin.username'),
+            'password' => config('admin.password'), 
+        ];
+        $creds["password"] = Hash::make($creds["password"]);
+        $user = User::create($creds);
+        $user->admin = true;
+        $user->save();
+
         \App\Models\Product::factory(10)->has(Image::factory()->count(3))->create();
     }
 }

routes/web.php

@@ -38,4 +38,4 @@ Route::post("/product/{product}/removeFromCart", [CartController::class, "remove
 
 Route::resource("product", ProductController::class);
 Route::resource("order", OrderController::class);
-Route::resource("image", ImageController::class)->only(["store", "delete", "create"]);
+Route::resource("image", ImageController::class)->only(["store", "delete", "create"])->middleware("auth.admin");