Introduction
In this tutorial, you'll learn how to implement a Role-Based Access Control (RBAC) system in Laravel 12, step by step. We’ll use two powerful tools to achieve this:
-
Laravel Breeze – A lightweight and minimal authentication starter kit that sets up login, registration, and password reset functionality with a clean setup.
-
Spatie Laravel Permission – A widely-used package that simplifies the management of roles and permissions in Laravel applications.
By the end of this tutorial, you'll have a fully functional authentication system with role and permission-based access control integrated into your Laravel 12 project.
Prerequisites
Before you begin, ensure that you have the following:
-
A Laravel 12-compatible development environment, including:
-
PHP 8.1 or higher
-
Composer
-
Node.js and npm
-
-
A basic understanding of Laravel and the Model-View-Controller (MVC) architectural pattern.
Step 1: Create a New Laravel 12 Project
Run the following command in your terminal:
This installs a fresh Laravel 12 project.
Step 2: Install Laravel Breeze Authentication Starter Kit
Laravel Breeze provides simple auth scaffolding, including login, registration, and password reset.
Install Breeze with:
When run php artisan breeze:install
In Laravel 12:
Then install node dependencies and compile assets:
Update .env
to connect with your database:
Run migrations for Breeze auth tables:
means Laravel detected your database laravel_db
does not exist yet, and it’s asking if you want to create it automatically.
Start the server:
Visit http://localhost:8000 to see the auth system in action.
Step 3: Install Spatie Laravel Permission Package
Spatie's package manages roles and permissions cleanly.
Install it via composer:
Step 4: Publish Spatie Config and Migration Files
Publish the config file and migrations:
This publishes:
-
config/permission.php
-
migrations for
roles
,permissions
, and pivot tables.
Step 5: Run Migrations for Roles & Permissions
Apply the migrations to create the required tables:
Step 6: Add HasRoles
Trait to User Model
Open app/Models/User.php
and add:
This enables role and permission methods on the User model.
Step 7: Create Seeder for Roles and Permissions
Create a seeder:
Edit database/seeders/RolePermissionSeeder.php
:
Step 8: Seed the Database
Run the seeder:
Step 9: Assign Roles to Users
You can assign roles in a controller, seeder, or manually using Tinker.
Example using Tinker:
Inside Tinker:
Roles are stored in the roles
table by default
This table contains columns like
id
,name
,guard_name
,created_at
, andupdated_at
.Example data:
id | name | guard_name | created_at | updated_at |
---|---|---|---|---|
1 | admin | web | 2025-06-20 12:00:00 | 2025-06-20 12:00:00 |
2 | editor | web | 2025-06-20 12:10:00 | 2025-06-20 12:10:00 |
3 | viewer | web | 2025-06-20 12:15:00 | 2025-06-20 12:15:00 |
Step 10: Use Blade Directives for Role/Permission Checks
File: resources/views/dashboard.blade.php
Step 11: (Optional) Clear Permission Cache After Changes
If you add or update permissions or roles, clear the cache:
Summary
You now have a Laravel 12 app with:
-
Authentication by Breeze
-
Roles and permissions by Spatie
-
Route protection and UI conditional rendering
This is a solid foundation for RBAC in Laravel.