Authentication is extremely important, and as a result, authentication is extremely difficult to get right. But Laravel's built-in authentication system makes it easier to protect the portions of your web application that need protecting.
In this course, Envato Tuts+ instructor Jeremy McPeak will show you how to use Laravel's basic authentication system, and how to customize this system to fit your own application's needs. You'll see how to create users, user providers and guards to customize every aspect of Laravel authentication.
If you haven't used Laravel before, why not check out our full course and learn Laravel 5: Get Started With Laravel 5. If you've mastered the fundamentals of Laravel, build on your experience with these courses:
1.Introduction2 lessons, 09:21
2.Custom Laravel Authentication3 lessons, 24:42
3.Real-World Authentication3 lessons, 28:43
4.Conclusion1 lesson, 00:59
User authentication is one of the most important pieces of an application. And because of that it's also one of the most difficult components to implement, to the point that most popular application frameworks provide built-in authentication solutions. And a Laravel provides one of the best. Hi, my name is Jeremy McPeak and in this course I will teach you about Laravel's built in authentication system. We'll start by executing a few commands that adds a complete authentication solution to a project. And for most applications, that's all you'll need even if you're writing a web API. But you're not stuck with Laravel's default auth configuration. You can customize your application's authentication authentication to fit your needs. Laravel's auth is made up of three main components, the first as a user class that can be used for authentication. It's called Authenticatable and I will teach you how to write one. Next, is the user provider, the component that provides users to the application. I will teach you how to write your own provider class and register it within your application. And the final piece Is called a guard. And you guessed it, you'll learn how to write and register your own. At the end of this course, we will apply everything you've learned and implement a real world solution that protects the back-end of a web application. Now we have a lot of ground to cover. So when you're ready, queue up the first video and we will get started.
1.2 First Steps
In this lesson we're going to create a new project and add some stuff that makes it easy to get started authenticating users. But before we do that, let's briefly go over what you will need for this course. Now I assume that if you're watching this course you already know where to get Laravel, but if not I will briefly point you in the right direction. You will want to go to laravel.com, go to the documentation and installation is the first thing that you're going to see. However, if it's not, just click on installation on the left hand side. Now you're going to see a reference to this Laravel Homestead. And I recommend that you use that because that's going to have everything that you need. In fact, it lists everything here that comes with Laravel Homestead and there's other instructions that you will need to go through. But this is the best way to get started writing Laravel applications and the great thing is it's a virtual machine. Because that keeps everything separated from your physical machine, you don't have to worry about messing it up. Everything's in the virtual machine so if you completely and totally screwed up, you can just delete it, start over, completely with a new virtual machine. So let's go ahead and create our project first and then while that is being generated we are going to talk about some other things. So, let's do laravel new and I'm going to call this firstauth. So while that is going, Laravel Homestead is really what you should be using. But I'm not going to be using it in this course, and the reason is very simple. What you see here on screen is a virtual machine. And if inception taught us anything it's that running a virtual machine inside of another virtual machine can be done, but it's not very fast. So for the sake of performance, I'm taking an alternate route. I have an installation of MySQL, and I'm managing that MySQL through phpMyAdmin. And if you're curious as to where I got MySQL, I did not go to MySQL and then download it. I used a tool called MAMP which is kind of like homestead except that this installs everything on your machine. So this will put MySQL, PHP and everything else you need for PHP development on your machine and you can start and stop the servers which is kind of nice. And you don't have to worry about configuring all of that stuff because it's already done for you. So, let's go ahead and create a database and I'm going to call that firstauth, as well. Now, the name doesn't matter, I just want the name of my database to be the same name as my project. So, if we hop on over and the project is done, so let's go ahead and and set up this project to have the database information. So I want to cd into firstauth and pull up whatever code editor that you want to use. I'm going to use Visual Studio code, and I want to go to the .env file. And here we see DB_ and then certain settings, CONNECTION=mysql, HOST, local hosts. The default port is being used, the database name is firstauth, in my case the username is root and the password is root. Of course, your username and password are going to be different based upon how yours are configured. But this is all that we need to do to setup this database connection. So let's go ahead and close that. Now we could get started right now with user authentication but we would have to write everything. That means we would have to write the controllers. We would also have to write the views and we will be doing some stuff manually later on. But for right now, I would prefer to just have all the stuff generated. Now there are some controllers here but there aren't any views, so we're going to generate those and we will do so with php artisan make: auth. And then this is going to add a HomeController, this is a controller that is protected. So if we try to go to slash home, then it's going to prompt us to log in but it also added several views. So if you go to resources > views, it added this auth folder and the views inside of it. It also added home.blade.php, as well as the layouts folder. So let's go ahead and look at those in the browser. I'm going to use the built-in php server, and I'm going to say localhost : 8000, and then the public folder is our home folders. So, let's go to localhost8000, we can now see that we have this login view. We also have a register view but our database is not set up. We have the database itself but we don't have the tables for storing the user information. Which is basically going to have the name, the email address, the password, the few other things. Now there are migrations already provided for us, so if we look at the database folder and then migrations, we can see two. One is for creating the users folder, and then one is for the password_resets. Now, if we wanted to we could modify our users table, in our case, name is going to be sufficient. But if we wanted to break that up into a first name and last name, we could do that here or we could create another migration to modify the users table. But we're just going to leave everything as it is and we are going to first of all install migration, so php artisan migrate:install. That's going to setup our migrations table and then we will just migrate our database which will then run our existing migrations, and we will call the same command except without install. So, we now have an application that we can register users, we can authenticate users. And we would be storing all of that information in the database, so let's go ahead and create a new user. This information doesn't matter, so you can put in whatever you want to, my password is going to be password. We're going to register and we are now logged in. So if we log out and if we try to go to a protected URL which would be /home, it's going to prompt us to log in. So, let's log in with our email address and our password. If you want to Remember Me, that should be fine but I'm going to uncheck that and we see our application is working. So in just a few minutes using just a few commands, we've built an application that uses Laravel's built-in user authentication. And I will say that for the vast majority of your applications, that is going to be sufficient because really that's all that we need. Now, you might want to modify the users table in which you would also want to modify the user class, that is the user model, it's inside of app and user. But other than that, what Laravel has given us is going to work in the majority of cases. However, there are some other cases where we want to provide our own type of authentication. Now, don't get me wrong we still want to tie in to Laravel's authentication system. But we might have a different user store and we might want to authenticate users differently than what is provided by Laravel. And we will start looking at that in the next lesson.