The latest articles on Forem by Francesco Caglioti (@francescocaglioti). https://forem.com/francescocaglioti https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1177527%2F28cb0816-03c7-4da6-9c03-8c42bd430437.jpg https://forem.com/francescocaglioti en Francesco Caglioti Tue, 12 May 2026 14:51:33 +0000 https://forem.com/francescocaglioti/multi-tenant-saas-with-laravel-automatic-data-isolation-using-global-scopes-no-external-packages-216m https://forem.com/francescocaglioti/multi-tenant-saas-with-laravel-automatic-data-isolation-using-global-scopes-no-external-packages-216m <p>Building a B2B SaaS platform for transport companies, I faced a critical architectural decision: separate database per tenant or shared database with logical isolation?</p> <p>I chose shared database. Here's why and how I implemented bulletproof data isolation with pure Laravel.</p> <h2> Why Shared Database </h2> <p>For a B2B SaaS, database evolution is critical:</p> <p><strong>Pros:</strong></p> <ul> <li>Atomic migrations (add a column once, not 500 times)</li> <li>Simplified backup/restore</li> <li>Lower infrastructure costs</li> </ul> <p><strong>Cons:</strong></p> <ul> <li>Logical isolation (not physical)</li> <li>Noisy neighbor risk</li> </ul> <p>If I ever reach 500 tenants, managing 500 separate migrations per feature would be a full-time job. Shared DB wins.</p> <h3> The Architecture </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>USER REQUEST │ ▼ MIDDLEWARE (EnsureTenantAccess) │ 1. Verify authentication │ 2. Extract tenant ID │ 3. Store in TenantContext (singleton) ▼ ELOQUENT MODELS (with BelongsToTenant trait) │ 4. Apply GlobalScope automatically ▼ DATABASE QUERY SELECT * FROM table WHERE tenant_id = [X] </code></pre> </div> <h3> TenantContext: The Source of Truth </h3> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="kd">class</span> <span class="nc">TenantContext</span> <span class="p">{</span> <span class="k">private</span> <span class="kt">?string</span> <span class="nv">$tenantId</span> <span class="o">=</span> <span class="kc">null</span><span class="p">;</span> <span class="k">public</span> <span class="k">function</span> <span class="n">set</span><span class="p">(</span><span class="kt">string</span> <span class="nv">$id</span><span class="p">):</span> <span class="kt">void</span> <span class="p">{</span> <span class="nv">$this</span><span class="o">-&gt;</span><span class="n">tenantId</span> <span class="o">=</span> <span class="nv">$id</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="k">function</span> <span class="n">id</span><span class="p">():</span> <span class="kt">string</span> <span class="p">{</span> <span class="k">return</span> <span class="nv">$this</span><span class="o">-&gt;</span><span class="n">tenantId</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="k">function</span> <span class="n">isSet</span><span class="p">():</span> <span class="kt">bool</span> <span class="p">{</span> <span class="k">return</span> <span class="nv">$this</span><span class="o">-&gt;</span><span class="n">tenantId</span> <span class="o">!==</span> <span class="kc">null</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Singleton. One instance per request. Zero ambiguity.</p> <h3> BelongsToTenant Trait </h3> <p>This is where the magic happens:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="kd">trait</span> <span class="nc">BelongsToTenant</span> <span class="p">{</span> <span class="k">public</span> <span class="k">static</span> <span class="k">function</span> <span class="n">bootBelongsToTenant</span><span class="p">():</span> <span class="kt">void</span> <span class="p">{</span> <span class="c1">// READ: Auto-filter all queries</span> <span class="k">static</span><span class="o">::</span><span class="nf">addGlobalScope</span><span class="p">(</span><span class="s1">'tenant'</span><span class="p">,</span> <span class="k">function</span> <span class="p">(</span><span class="kt">Builder</span> <span class="nv">$query</span><span class="p">)</span> <span class="p">{</span> <span class="nv">$context</span> <span class="o">=</span> <span class="nf">app</span><span class="p">(</span><span class="nc">TenantContext</span><span class="o">::</span><span class="n">class</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="nv">$context</span><span class="o">-&gt;</span><span class="k">isSet</span><span class="p">())</span> <span class="p">{</span> <span class="nv">$query</span><span class="o">-&gt;</span><span class="nf">where</span><span class="p">(</span><span class="s1">'tenant_id'</span><span class="p">,</span> <span class="nv">$context</span><span class="o">-&gt;</span><span class="nf">id</span><span class="p">());</span> <span class="p">}</span> <span class="p">});</span> <span class="c1">// WRITE: Auto-assign tenant_id on create</span> <span class="k">static</span><span class="o">::</span><span class="nf">creating</span><span class="p">(</span><span class="k">function</span> <span class="p">(</span><span class="kt">Model</span> <span class="nv">$model</span><span class="p">)</span> <span class="p">{</span> <span class="nv">$context</span> <span class="o">=</span> <span class="nf">app</span><span class="p">(</span><span class="nc">TenantContext</span><span class="o">::</span><span class="n">class</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="nv">$context</span><span class="o">-&gt;</span><span class="k">isSet</span><span class="p">()</span> <span class="o">&amp;&amp;</span> <span class="o">!</span><span class="nv">$model</span><span class="o">-&gt;</span><span class="n">tenant_id</span><span class="p">)</span> <span class="p">{</span> <span class="nv">$model</span><span class="o">-&gt;</span><span class="n">tenant_id</span> <span class="o">=</span> <span class="nv">$context</span><span class="o">-&gt;</span><span class="nf">id</span><span class="p">();</span> <span class="p">}</span> <span class="p">});</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Every tenant-specific model (Customers, Vehicles, Transports) uses this trait. No manual tenant_id assignment. No forgetfulness bugs.</p> <h3> Testing Cross-Tenant Isolation </h3> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="k">public</span> <span class="k">function</span> <span class="n">test_cross_tenant_isolation</span><span class="p">():</span> <span class="kt">void</span> <span class="p">{</span> <span class="nv">$tenantA</span> <span class="o">=</span> <span class="nc">Tenant</span><span class="o">::</span><span class="nf">factory</span><span class="p">()</span><span class="o">-&gt;</span><span class="nf">create</span><span class="p">();</span> <span class="nv">$tenantB</span> <span class="o">=</span> <span class="nc">Tenant</span><span class="o">::</span><span class="nf">factory</span><span class="p">()</span><span class="o">-&gt;</span><span class="nf">create</span><span class="p">();</span> <span class="nc">Product</span><span class="o">::</span><span class="nf">factory</span><span class="p">()</span><span class="o">-&gt;</span><span class="k">for</span><span class="p">(</span><span class="nv">$tenantA</span><span class="p">)</span><span class="o">-&gt;</span><span class="nf">create</span><span class="p">([</span><span class="s1">'name'</span> <span class="o">=&gt;</span> <span class="s1">'Item A'</span><span class="p">]);</span> <span class="nc">Product</span><span class="o">::</span><span class="nf">factory</span><span class="p">()</span><span class="o">-&gt;</span><span class="k">for</span><span class="p">(</span><span class="nv">$tenantB</span><span class="p">)</span><span class="o">-&gt;</span><span class="nf">create</span><span class="p">([</span><span class="s1">'name'</span> <span class="o">=&gt;</span> <span class="s1">'Item B'</span><span class="p">]);</span> <span class="nv">$response</span> <span class="o">=</span> <span class="nv">$this</span><span class="o">-&gt;</span><span class="nf">actingAs</span><span class="p">(</span><span class="nv">$this</span><span class="o">-&gt;</span><span class="nf">userInTenant</span><span class="p">(</span><span class="nv">$tenantA</span><span class="p">))</span> <span class="o">-&gt;</span><span class="nf">getJson</span><span class="p">(</span><span class="s1">'/api/v1/products'</span><span class="p">);</span> <span class="nv">$response</span><span class="o">-&gt;</span><span class="nf">assertOk</span><span class="p">();</span> <span class="nv">$response</span><span class="o">-&gt;</span><span class="nf">assertJsonCount</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="s1">'data'</span><span class="p">);</span> <span class="nv">$response</span><span class="o">-&gt;</span><span class="nf">assertJsonPath</span><span class="p">(</span><span class="s1">'data.0.name'</span><span class="p">,</span> <span class="s1">'Item A'</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <p>Without this test, I'm just hoping the GlobalScope works. Hope is not a strategy.</p> <h3> Super Admin Impersonation </h3> <p>Support needs to see what customers see. Solution:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="nv">$tenantId</span> <span class="o">=</span> <span class="nv">$user</span><span class="o">-&gt;</span><span class="nf">isSuperAdmin</span><span class="p">()</span> <span class="o">?</span> <span class="nf">session</span><span class="p">(</span><span class="s1">'impersonate_tenant_id'</span><span class="p">)</span> <span class="o">:</span> <span class="nv">$user</span><span class="o">-&gt;</span><span class="n">tenant_id</span><span class="p">;</span> </code></pre> </div> <p>Super Admin has no fixed tenant_id. Via dashboard, they select a tenant to impersonate. Session stores the ID. Middleware populates TenantContext. Same exact views as the customer.</p> <h3> Read-Only Mode </h3> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="k">if</span> <span class="p">(</span><span class="nv">$tenant</span><span class="o">-&gt;</span><span class="n">is_read_only</span> <span class="o">&amp;&amp;</span> <span class="nv">$request</span><span class="o">-&gt;</span><span class="nf">isMethodSafe</span><span class="p">()</span> <span class="o">===</span> <span class="kc">false</span><span class="p">)</span> <span class="p">{</span> <span class="nf">abort</span><span class="p">(</span><span class="mi">403</span><span class="p">,</span> <span class="s1">'Account in read-only mode'</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <p>Use cases:</p> <ul> <li>Payment suspension</li> <li>Maintenance windows</li> <li>Investigation locks</li> </ul> <p>All centralized in middleware. Zero controller pollution.</p> <h3> Anti-Patterns Learned </h3> <ol> <li> <strong>Manual tenant_id assignment</strong>: You WILL forget. Use the trait.</li> <li> <strong>Unique indexes without tenant_id</strong>: Always composite (tenant_id + unique_field)</li> <li> <strong>Incremental IDs for tenants</strong>: Use UUIDs. Prevents ID guessing attacks.</li> </ol> <h3> Would I Use a Package? </h3> <p>Spatie has <code>spatie/laravel-multitenancy</code>. It's solid.</p> <p>But building my own gave me:</p> <ul> <li>Full control over edge cases</li> <li>Super admin impersonation (not trivial with packages)</li> <li>Deep understanding of the isolation boundaries</li> </ul> <p>If you're learning or need custom flows, build it yourself. If you need speed and standard patterns, use a package.</p> <h3> Conclusion </h3> <p>Multi-tenancy with Laravel is about trust: trust in your automation, distrust in human memory.</p> <p>Global Scopes + TenantContext + comprehensive tests = sleep well at night.</p> laravel php architecture webdev Francesco Caglioti Sat, 27 Sep 2025 11:08:51 +0000 https://forem.com/francescocaglioti/my-new-personal-site-28go https://forem.com/francescocaglioti/my-new-personal-site-28go <p>I've recently created my personal site, a old school static site, created with HUGO and the Blowfish theme.</p> <p>Feel free to <a href="https://fcaglioti.cc" rel="noopener noreferrer">check it out</a>!</p> <p>I am more than willing to hear your ideas on how to improve it/what sections to add.</p> personalsite hugo