In this tutorial you will learn about the How to Ban, Suspend or Block User Account in Laravel and its application with practical example.
How to Ban, Suspend or Block User Account in Laravel
In this laravel ban / suspend user account tutorial, I’ll show you how to ban, block or suspend a user account using laravel middleware.
Sometimes in laravel application we may identify user account with some suspicious activity, policy violation, spamming or any other misuse of the application. In such situation we may want to ban, block or suspend a user account for some time, after that ban is revoked. when a blocked user account’s ban is revoked it can use the application same as before the account is suspended or banned
In this tutorial, you will learn to ban, block or suspend a user account using laravel middleware. In this example, we will create a laravel middleware to check if the user is banned. In this example we will add a database field named blocked_until in users table then we will check user is suspend/banned or not using the blocked_until field. If an user is found banned or blocked we log them out and redirect back to login page with an error message.
Before starting with tutorial, we are assuming that you already have a fresh installation of a Laravel 5.8. If you have not installed it follow Laravel Installation Step.
Install Laravel 5.8
First of all we need to create a fresh laravel project, download and install Laravel 5.8 using the below command
|
1 |
composer create-project --prefer-dist laravel/laravel larablog |
Configure Database In .env file
Now, lets create a MySQL database and connect it with laravel application. After creating database we need to set database credential in application’s .env file.
|
1 2 3 4 5 6 |
DB_CONNECTION=mysql DB_HOST=127.0.0.1 DB_PORT=3306 DB_DATABASE=lara58blog DB_USERNAME=root DB_PASSWORD= |
Now, use the below command to create default laravel tables automatically.
|
1 |
php artisan migrate |
Authentication Scaffolding
Now, use the below command to generate laravel default authentication scaffolding –
|
1 |
php artisan make:auth |
This command will generate required Controller files, views and add routes in our web.php routes file that are required for the authentication.
Add New column Using Migration
Now, lets a add a timestamp field named blocked_until that allows you check if user is banned or not. If its null then user is not banned, otherwise we know the date, until when user is banned. Use the following artisan command to generate laravel migration that adds blocked_until field to users table.
|
1 |
php artisan make:migration add_blocked_until_to_users_table |
Once this command is executed you will find a migration file created under “database/migrations”. lets open migration file and modify up method with following code –
|
1 2 3 4 5 6 7 8 9 |
class AddBlockedUntilToUsersTable extends Migration { public function up() { Schema::table('users', function (Blueprint $table) { $table->timestamp('blocked_until')->nullable(); }); } } |
We also need to add that field to $fillable array in app/User.php model. We will put it into $dates array to.
app/User.php
|
1 2 3 4 5 6 7 8 9 10 |
class User extends Authenticatable { protected $fillable = [ 'name', 'email', 'password', 'blocked_until' ]; protected $dates = [ 'blocked_until' ]; } |
Create Laravel Middleware CheckBlocked
Lets create a laravel middleware to check if the user is banned/suspended/blocked. If a blocked user will try to login we log them out and redirect back to login form with an error message. Create a laravel middleware using below command.
|
1 |
php artisan make:middleware CheckBlocked |
Once this command is executed you will find a middleware file created under “app/Http/Middleware/”. Open middleware file and implement logic of to check banned/blocked/suspended users. In that time, we will log them out and redirect to login screen with message.
app/http/middleware/CheckBlocked.php
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
class CheckBLocked { public function handle($request, Closure $next) { if (auth()->check() && auth()->user()->blocked_until && now()->lessThan(auth()->user()->blocked_until)) { $blocked_days = now()->diffInDays(auth()->user()->blocked_date); $message = 'Your account has been suspended for '.$blocked_days.' '.str_plural('day', $blocked_days).'. Please contact administrator.'; auth()->logout(); return redirect()->route('login')->withMessage($message); } return $next($request); } } |
Register Laravel Middleware
Open app/Http/Kernel.php file and register CheckBlocked middleware here, like below –
|
1 2 3 4 5 6 7 8 |
protected $middlewareGroups = [ 'web' => [ \App\Http\Middleware\EncryptCookies::class, // ... other middleware classes \App\Http\Middleware\CheckBlocked::class, ], |
Add Error Message
Finally, we need to add a error message in login.blade.php. let’s open app/resources/views/auth/login.blade.php file and add error message on above of login form body, like below –
|
1 2 3 4 5 6 7 8 9 |
... <div class="card-body"> @if (session('message')) <div class="alert alert-danger">{{ session('message') }}</div> @endif <form method="POST" action="{{ route('login') }}"> ... |
Now we are ready to run our example so lets start the development server using following artisan command –
|
1 |
php artisan serve |
Now, open the following URL in browser and try to login with blocked or suspended user account to see the output –
http://localhost:8000/login
Output:-
