DEV Community

Jeroen van Rensen
Jeroen van Rensen

Posted on • Originally published at jeroenvanrensen.nl

Manual auth in Laravel: signing in and out

#laravel #authentication

This post was published first at my website. Please check it for updates.

With the arrival of Laravel 8, new ways for authentication have been added to the Laravel ecosystem. Fortify, Jetstream and Breeze. Although these tools can save you a lot of time, often when you want something more complex they cost you more time.

Fortunately, Laravel allows you to add manual auth without the use of any package, just Laravel's core. In this series, we're going to learn how to add manual auth in Laravel.

These topics will be covered:

  • Registering
  • Signing in and signing out
  • Password confirmation
  • Email verification
  • Password reset

Note: For the examples in this series, I've chosen to use controllers and blade views. But you can also use other technologies, like Livewire or Inertia.js.

Signing in

For this tutorial, we'll create an Auth\LoginController for the login functionality.

// app/Http/Controllers/Auth/LoginController.php

use App\Http\Controllers\Controller;

class LoginController extends Controller
{
    public function show()
    {
        return view('auth.login');
    }

    public function handle()
    {
        // Signing in...
    }
}
Enter fullscreen mode Exit fullscreen mode

Now we'll use the Auth facade to try to sign in the user:

// app/Http/Controllers/Auth/LoginController.php

$success = auth()->attempt([
    'email' => request('email'),
    'password' => request('password')
], request()->has('remember'));
Enter fullscreen mode Exit fullscreen mode

Note: after calling auth()->attempt() the user is automatically signed in.

In this case, I assume you have a "remember me" checkbox. If that is checked, it will be in the request, and if not it won't. You can also hardcode true or false if you don't have such a checkbox.

Next, you probably want to redirect the users after a successful login and show errors if it failed.

// app/Http/Controllers/Auth/LoginController.php

use App\Providers\RouteServiceProvider;

if($success) {
    return redirect()->to(RouteServiceProvider::HOME);
}

return back()->withErrors([
    'email' => 'The provided credentials do not match our records.',
]);
Enter fullscreen mode Exit fullscreen mode

Views

Next, create an auth.login view and add a form, for example:

<!-- resources/views/auth/login.blade.php -->

<h1>Login</h1>

<form  action="{{ route('login') }}"  method="post">
    @csrf

    <!-- Email-->
    <label for="email">Email</label>
    <input type="email" name="email" id="email"  />

    <!-- Password -->
    <label for="password">Password</label>
    <input type="password" name="password" id="password"  />

    <!-- Submit button -->
    <button type="submit">Login</button>
</form>
Enter fullscreen mode Exit fullscreen mode

Routing

The last step is to add login routes:

// routes/web.php

use App\Http\Controllers\Auth\LoginController;
use Illuminate\Support\Facades\Route;

Route::get('/login', [LoginController::class, 'show'])
    ->name('login');

Route::post('/login', [LoginController::class, 'handle'])
    ->name('login');
Enter fullscreen mode Exit fullscreen mode

And now you're done! Users can now login!

Finished controller

If something went too quickly, here is the full finished LoginController:

<?php

// app/Http/Controllers/Auth/LoginController.php

namespace App\Http\Controllers\Auth\LoginController;

use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;

class LoginController extends Controller
{
    public function show()
    {
        return view('auth.login');
    }

    public function handle()
    {
        $success = auth()->attempt([
            'email' => request('email'),
            'password' => request('password')
        ], request()->has('remember'));

        if($success) {
            return redirect()->to(RouteServiceProvider::HOME);
        }

        return back()->withErrors([
            'email' => 'The provided credentials do not match our records.',
        ]);
    }
}
Enter fullscreen mode Exit fullscreen mode

Signing out

Signing out is really simple:

auth()->logout();
Enter fullscreen mode Exit fullscreen mode

If you want it in a controller, you can use one similar to this one:

<?php

// app/Http/Controllers/Auth/LogoutController.php

namespace App\Http\Controllers\Auth\LogoutController;

use App\Http\Controllers\Controller;

class LogoutController extends Controller
{
    public function handle()
    {
        auth()->logout();

        return redirect()->route('login');
    }
}
Enter fullscreen mode Exit fullscreen mode

Routing

Next, add the route:

// routes/web.php

use App\Http\Controllers\Auth\LogoutController;
use Illuminate\Support\Facades\Route;

Route::post('/logout', [LogoutController::class, 'handle'])
    ->name('logout');
Enter fullscreen mode Exit fullscreen mode

Views

And finally, add this in your view:

<!-- resources/views/layouts/app.blade.php -->

<form action="{{ route('logout') }}" method="post">
    @csrf

    <button type="submit">Logout</button>
</form>
Enter fullscreen mode Exit fullscreen mode

Conclusion

Signing in and out in Laravel is really simple. The next time we are going to take a look at password confirmation. Please subscribe to my newsletter to get updated when a new post is published.

Top comments (1)

Collapse
 
ugintl profile image
ugintl

I have installed this laravel app github.com/monicahq/monica When I log out and log in again again, I see this error "these credentials do not match our records". What could be the possible reason?

Read next

zeeve profile image

Multisig Provider Den Joins Zeeve as an integration partner for its RaaS offering

Zeeve -

jackmacwindows profile image

libcert: Implementing S/MIME PKI in Lua (1)

JackMacWindows -

repiki profile image

Ruby array methods that will blow your mind.

Repiki -

zeeve profile image

Why Would a Layer2 Decentralize its Sequencer?

Zeeve -