Chapter 9. User Authentication and Authorization
Setting up a basic user authentication system—including registration, login, sessions, password resets, and access permissions—can often be one of the more time-consuming pieces of creating the foundation of an application. It’s a prime candidate for extracting functionality out to a library, and there are quite a few such libraries.
But because of how much authentication needs vary across projects, most authentication systems grow bulky and unusable quickly. Thankfully, Laravel has found a way to make an authentication system that’s easy to use and understand, but flexible enough to fit in a variety of settings.
Every new install of Laravel has a create_users_table
migration and a User
model built in out of the box. Laravel offers an Artisan make:auth
command that seeds a collection of authentication-related views and routes. And every install comes with a RegisterController
, a LoginController
, a ForgotPasswordController
, and a ResetPasswordController
. The APIs are clean and clear, and the conventions all work together to provide a simple—and seamless—authentication and authorization system.
Differences in auth structure in Laravel 5.3
Note that in Laravel 5.1 and 5.2, most of this functionality lived in the AuthController
; in 5.3, this functionality has been split out into multiple controllers. Many of the specifics we’ll cover here about how to customize redirect routes, auth guards, and such are different in 5.1 and 5.2 (though ...
Get Laravel: Up and Running now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.