all(), [ 'email' => ['required', 'email'], 'password' => ['required'], ], [ 'email.required' => 'Please enter your email address.', 'email.email' => 'Please enter a valid email address.', 'password.required' => 'Please enter your password.', ]); if ($validator->fails()) { return back()->withErrors($validator)->withInput($request->only('email')); } $credentials = $validator->validated(); // Database-backed authentication check $user = \App\Models\User::where('email', $credentials['email'])->first(); if (!$user) { return back()->withErrors([ 'email' => 'This email is not registered.', ])->withInput($request->only('email')); } if ($user->role !== 'admin') { return back()->withErrors([ 'email' => 'This email is not registered as an admin.', ])->withInput($request->only('email')); } if (!\Illuminate\Support\Facades\Hash::check($credentials['password'], $user->password)) { return back()->withErrors([ 'password' => 'The password you entered is incorrect.', ])->withInput($request->only('email')); } $request->session()->regenerate(); auth()->login($user); session(['user' => (object)[ 'id' => $user->id, 'name' => $user->name, 'email' => $user->email, 'role' => $user->role, ]]); return redirect()->intended('/admin/dashboard'); } /** * Log the admin out of the application. */ public function logout(Request $request) { session()->forget('user'); $request->session()->invalidate(); $request->session()->regenerateToken(); return redirect()->route('admin.login'); } }