Almost everything is already configured in Laravel regarding authentication. Many applications don't even need to modify it.
Laravel comes with several pre-built authentication controllers which are located in the App\Http\Controllers\Auth namespace. The RegisterController handles new user registration, the LoginController handles authentication, the ForgotPasswordController handles e-mailing links for resetting passwords and the ResetPasswordController contains the logic to reset passwords. For many applications, you will not need to modify these controllers at all.
Laravel provides a quick way to scaffold all of the routes and views you need for authentication using single artisan command.
php artisan make:auth
This command will install the views for layout, registration and login as well as routes for all authentication requests. A HomeController will also be generated to handle post-login requests to the application's dashboard.
An authenticated user will be redirected to the /home URI by default. You can customize that location by defining a redirectTo property on the LoginController, RegisterController and ResetPasswordController.
protected $redirectTo = '/';
If you want to add custom logic for redirection process, you can define a redirectTo method instead of a property.
protected function redirectTo()
{
}
Laravel uses the email field for authentication. You can modify it on your LoginController.
public function userName()
{
return 'username';
}
You can modify the RegisterController class to modify the registration form fields where the validator() method holds the validation rules for new users and the create() method creates new records in your database.
You can access the authenticated user via the Auth facade.
use Illuminate\Support\Facades\Auth; // Get the currently authenticated user... $user = Auth::user(); // Get the currently authenticated user's ID... $id = Auth::id();
The check method on the Auth facade will check if the user is already logged in and return boolean.
if (Auth::check()) {
}
Middleware can be used to allow only the authenticated users to access a given route. Laravel comes with an auth middleware that you need to attach to a route definition.
Route::get('profile', function () {
})->middleware('auth');
You can call the middleware method from the controller's constructor too instead of attaching it in the route definition directly.
public function __construct()
{
$this->middleware('auth');
}
To log users out of the application, you can use the logout method. This will clear the authentication information from the user's session.
Auth::logout();
Laravel comes with complete set up for sending password reminders and performing password resets.You only need to verify that the User model implements the Illuminate\Contracts\Auth\CanResetPassword contract that uses the Illuminate\Auth\Passwords\CanResetPassword trait to include required methods.
A table must be created to store the password reset tokens. The migration for this table is included with Laravel and resides in the database/migrations directory. All you need to do is run artisan migration command.
Laravel includes ForgotPasswordController ResetPasswordController classes that contains the logics necessary to e-mail password reset links and reset user passwords. Artisan command make:auth command generates all the routes and views needed to perform password resets.
php artisan make:auth
The user will automatically be logged into the application after the password is reset. You can customize the post password reset redirect location by defining a redirectTo property on the ResetPasswordController.
protected $redirectTo = '/dashboard';
The Laravel Hash facade provides secured Bcrypt hashing for storing user passwords. You can hash a password by calling the make method on the Hash facade.
$password => Hash::make($request->newPassword);
The LoginController included with Laravel will automatically perfroms the pasword verification method. The check method can be used to verify the same manually.
if (Hash::check('plain-text', $hashedPassword)) {
}
Leave a comment