Manual auth in Laravel: signing in and out
This post was published first at my website. Please check it for updates.
With the arrival of Laravel 8, new ways for authentication have been added to the Laravel ecosystem. Fortify, Jetstream and Breeze. Although these tools can save you a lot of time, often when you want something more complex they cost you more time.
Fortunately, Laravel allows you to add manual auth without the use of any package, just Laravel’s core. In this series, we’re going to learn how to add manual auth in Laravel.
These topics will be covered:
- Registering
- Signing in and signing out
- Password confirmation
- Email verification
- Password reset
Note: For the examples in this series, I’ve chosen to use controllers and blade views. But you can also use other technologies, like Livewire or Inertia.js.
Signing in
For this tutorial, we’ll create an Auth\LoginController for the login functionality.
// app/Http/Controllers/Auth/LoginController.phpuse App\Http\Controllers\Controller;class LoginController extends Controller
{
public function show()
{
return view('auth.login');
} public function handle()
{
// Signing in...
}
}
Now we’ll use the Auth facade to try to sign in the user:
// app/Http/Controllers/Auth/LoginController.php$success = auth()->attempt([
'email' => request('email'),
'password' => request('password')
], request()->has('remember'));
Note: after calling auth()->attempt() the user is automatically signed in.
In this case, I assume you have a “remember me” checkbox. If that is checked, it will be in the request, and if not it won’t. You can also hardcode true or false if you don't have such a checkbox.
Next, you probably want to redirect the users after a successful login and show errors if it failed.
// app/Http/Controllers/Auth/LoginController.phpuse App\Providers\RouteServiceProvider;if($success) {
return redirect()->to(RouteServiceProvider::HOME);
}return back()->withErrors([
'email' => 'The provided credentials do not match our records.',
]);
Views
Next, create an auth.login view and add a form, for example:
<!-- resources/views/auth/login.blade.php --><h1>Login</h1><form action="{{ route('login') }}" method="post">
@csrf <!-- Email-->
<label for="email">Email</label>
<input type="email" name="email" id="email" /> <!-- Password -->
<label for="password">Password</label>
<input type="password" name="password" id="password" /> <!-- Submit button -->
<button type="submit">Login</button>
</form>
Routing
The last step is to add login routes:
// routes/web.phpuse App\Http\Controllers\Auth\LoginController;
use Illuminate\Support\Facades\Route;Route::get('/login', [LoginController::class, 'show'])
->name('login');Route::post('/login', [LoginController::class, 'handle'])
->name('login');
And now you’re done! Users can now login!
Finished controller
If something went too quickly, here is the full finished LoginController:
<?php// app/Http/Controllers/Auth/LoginController.phpnamespace App\Http\Controllers\Auth\LoginController;use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;class LoginController extends Controller
{
public function show()
{
return view('auth.login');
} public function handle()
{
$success = auth()->attempt([
'email' => request('email'),
'password' => request('password')
], request()->has('remember'));
if($success) {
return redirect()->to(RouteServiceProvider::HOME);
} return back()->withErrors([
'email' => 'The provided credentials do not match our records.',
]);
}
}
Signing out
Signing out is really simple:
auth()->logout();If you want it in a controller, you can use one similar to this one:
<?php// app/Http/Controllers/Auth/LogoutController.phpnamespace App\Http\Controllers\Auth\LogoutController;use App\Http\Controllers\Controller;class LogoutController extends Controller
{
public function handle()
{
auth()->logout(); return redirect()->route('login');
}
}
Routing
Next, add the route:
// routes/web.phpuse App\Http\Controllers\Auth\LogoutController;
use Illuminate\Support\Facades\Route;Route::post('/logout', [LogoutController::class, 'handle'])
->name('logout');
Views
And finally, add this in your view:
<!-- resources/views/layouts/app.blade.php --><form action="{{ route('logout') }}" method="post">
@csrf <button type="submit">Logout</button>
</form>
Conclusion
Signing in and out in Laravel is really simple. The next time we are going to take a look at password confirmation. Please subscribe to my newsletter to get updated when a new post is published.