Real Estate: Separated Front Site and Admin

  • real estate 1

    Home page hero slide show
  • real estate 2

    Search form in every page
  • real estate 3

    Property list
  • real estate 4

    Property detail
  • real estate 5

    Agent list
  • real estate 6

    Agent dashboard: only listing actions are allowed
  • real estate 7

    Agent admin panel: edit listing
  • real estate 8

    Admin panel: more permissions on others but less permissions on listings

Source code:

This is a demo project for real estate properties. The project contains four main sections: properties, agents, property search, and admin panel.


All properties are stored in Listings table. Each property has a “one to one” relationship with user (agent), “one to many” relationship with property type, and “one to many” relationship with city.


Totally separated frontend website and admin panel

  • Routes: two groups: front and admin.
  • Controllers: two folders: front and admin.
  • Views: two layouts: front and admin. Two folders for blade files: front and admin.

User admin panel

  • Shared admin panel layout for all types of users.
  • Different menu and different functionalities for admin users and normal users. For example: agents can create, edit and delete their own listings, but admin user can only view all listings.
  • Data table management.

Global view: app/Providers/appServiceProvider.php

public function boot()

        View::composer('*', function ($view) {
            $view->with('globalCities', City::all());
            $view->with('globalPtypes', Propertytype::all());

Triple layers of admin authentication and authorization:

  • User authentication: besides of Laravel default user login authentication, the project also added a route middleware isAdmin to check if a logged-in user is admin or not, if yes, redirect to admin panel, if not admin redirect to normal user panel.
  • Gate: defined different permissions what admin user and normal user (agent) can do
  • Middleware group: added middleware AuthGates to group api and web. Each function of admin controllers checks if user has the right permission to do the action like CRUD, if not redirect to 403 forbidden page.