Chapter 9. User Authentication and Authorization

Setting up a basic user authentication system—including registration, login, sessions, password resets, and access permissions—can often be one of the more time-consuming pieces of creating the foundation of an application. It’s a prime candidate for extracting functionality out to a library, and there are quite a few such libraries.

But because of how much authentication needs vary across projects, most authentication systems grow bulky and unusable quickly. Thankfully, Laravel has found a way to make an authentication system that’s easy to use and understand, but flexible enough to fit in a variety of settings.

Every new install of Laravel has a create_users_table migration and a User model built in out of the box. If you bring in the laravel/ui package, Laravel offers an Artisan ui:auth command that seeds a collection of authentication-related views and routes. And every install comes with a group of Auth namespaced controllers for registration, login, and password resets. The APIs are clean and clear, and the conventions all work together to provide a simple—and seamless—authentication and authorization system.

Differences in Auth Structure in Laravel Before 6.0

Prior to Laravel 6, the auth scaffolding lived in the framework instead of a separate package.

Differences in Auth Structure in Laravel Before 5.3

Note that in Laravel 5.1 and 5.2, most of this functionality lived in the AuthController; in 5.3 and higher, this functionality ...

Get Laravel: Up & Running, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.