Before you can start using authentication, ensure that you have a Laravel application set up. Then, you can either use Laravel’s built-in authentication scaffolding or manually configure it.
Using Laravel Breeze (Simple Authentication Scaffolding): Laravel Breeze provides a minimal and simple starting point for authentication.
Install Laravel Breeze:
composer require laravel/breeze --dev
php artisan breeze:install
npm install && npm run dev
php artisan migrate
Laravel automatically provides routes for common authentication tasks such as login, registration, and password reset. These routes are included when you install Breeze or other Laravel authentication packages.
Default routes included:
/login: Show the login form./register: Show the registration form./logout: Log the user out./password/reset: Password reset functionality.use App\Models\User;
public function register(Request $request)
{
$request->validate([
'name' => 'required|string|max:255',
'email' => 'required|string|email|max:255|unique:users',
'password' => 'required|string|min:8|confirmed',
]);
$user = User::create([
'name' => $request->name,
'email' => $request->email,
'password' => bcrypt($request->password),
]);
Auth::login($user); // Automatically log in the user after registration
return redirect()->route('home');
}
To log users in, you can use the built-in Auth facade. Laravel automatically provides a login controller with methods to authenticate users.
Example (Logging in a User):
use Illuminate\Support\Facades\Auth;
public function login(Request $request)
{
$credentials = $request->only('email', 'password');
if (Auth::attempt($credentials)) {
return redirect()->intended('dashboard'); // Redirect to intended page
}
return back()->withErrors([
'email' => 'The provided credentials do not match our records.',
]);
}
To log the user out of the application, you can use the logout() method provided by the Auth facade.
Example (Logging out a User):
use Illuminate\Support\Facades\Auth;
public function logout()
{
Auth::logout();
return redirect()->route('login'); // Redirect to login page after logout
}
Laravel provides a simple mechanism for password resets using the built-in ForgotPassword feature.
Steps to Implement Password Reset:
Generate the reset link: Laravel provides a ForgotPassword class to handle sending the reset link.
use Illuminate\Support\Facades\Password;
public function sendResetLinkEmail(Request $request)
{
$request->validate(['email' => 'required|email']);
$status = Password::sendResetLink($request->only('email'));
return $status === Password::RESET_LINK_SENT
? back()->with('status', __($status))
: back()->withErrors(['email' => __($status)]);
}
To protect routes and ensure only authenticated users can access them, use the auth middleware.
Example (Protecting Routes):
Route::middleware('auth')->get('/dashboard', function () {
return view('dashboard');
});
Laravel’s authentication views (login, registration, etc.) are available when you use Breeze or Laravel’s other authentication packages (Jetstream, Fortify). These views are stored in the resources/views/auth directory.
You can customize these views to match your application’s design.
Laravel makes implementing authentication straightforward with tools like Breeze and its built-in Auth facade. With just a few commands and methods, you can easily manage user registration, login, password resets, and protecting routes in your application. Whether you’re building a simple application or a more complex one, Laravel’s authentication system saves you time and effort by providing these powerful features out of the box.