A powerful and flexible package for managing roles and permissions in Laravel applications
spatie/laravel-permission is one of the most popular Laravel packages for handling roles and permissions in a clean, flexible, and powerful way.
It allows you to easily assign roles and permissions to users, models, or guards, while keeping your authorization logic organized and scalable.
This package is widely used in production applications and integrates seamlessly with Laravel's authorization system.
Define roles and permissions dynamically and assign them to users or models with ease.
$user->assignRole('admin');
$user->givePermissionTo('edit articles');Supports multiple authentication guards (web, api, admin, etc.) out of the box.
'guards' => ['web', 'api']Use expressive Blade directives to control UI access.
@role('admin')
<p>Admin content</p>
@endroleProtect routes easily using built-in middleware.
Route::middleware(['role:admin'])->group(function () {
//
});composer require spatie/laravel-permissionphp artisan vendor:publish --provider="Spatie\Permission\PermissionServiceProvider"php artisan migrateuse Spatie\Permission\Traits\HasRoles;
class User extends Authenticatable
{
use HasRoles;
}if ($user->can('edit articles')) {
//
}$user->assignRole('user');Always validate user permissions on both frontend and backend.
Avoid assigning high-privilege roles dynamically without proper checks.
Cache permissions for better performance in production.
Supports Laravel 10, 11, 12
Improved cache handling
Enhanced multi-guard compatibility
Laravel Gates & Policies (Native)
Silber Bouncer
Laratrust
Developer