1. Code
  2. PHP

Using Laravel 5's Authentication Facade


Authentication is a part of almost all the web applications you work with. It's really boring to keep repeating all the boilerplate code in every project. Well, the good news is Laravel 5 rids you of this boredom by providing a ready-to-use authentication facade. 

All you need to do is configure and customize the authentication service provider to your project's needs. In this quick tip, I am going to show you exactly how to do that.

Looking for a Shortcut?

If you want a ready-made, tried and tested solution, try Vanguard - Advanced PHP Login and User Management on Envato Market. It's a PHP application, written in Laravel 5.2, that allows website owners to quickly add and enable authentication, authorisation and user management on their website. 

Vanguard - Advanced PHP Login and User Management on Envato Market
Vanguard - Advanced PHP Login and User Management on Envato Market

Setting Up the Environment

I am going to assume you are starting off with a fresh Laravel 5 installation, but you can skip any of these steps if you have already done them. First off, you are going to set some environment variables in the .env file at the root of your project. Basically, these have to do with the database configuration.

Notice the APP_ENV,  DB_HOST,  DB_DATABASE,  DB_USERNAME, and  DB_PASSWORD variables. The APP_ENV variable tells Laravel which environment we wish to run our web application in. The rest of the database variable names are pretty obvious. 

This is all you need to do to configure the database connection. But how does Laravel make use of these variables? Let's examine the config/database.php file. You will notice the use of the env() function. For example, env('DB_HOST', 'localhost'). Laravel 5 uses this function to capture variables from the $_ENV and $_SERVER global arrays, which are automatically populated with the variables you define in the .env file.

Setting Up the Migrations

Execute php artisan migrate:install --env=local in your terminal at the root of your project to install the migrations locally. Also notice that there are two migrations already defined in the database/migrations folder. Using these migrations, Laravel 5 creates a users and a password_resets table, allowing the default authentication boilerplate to work. I am going to create a third migration to modify the users table just to show you how to customize the default authentication setup.

Execute php artisan make:migration alter_users_table_remove_name_add_first_name_last_name in the terminal to create a third migration.

As you can see, you have removed the name field and added two more fields for first_name and last_name with a maximum length of 50 characters. You have also added the code that rolls back these changes in the database.

Execute php artisan migrate in the terminal. If the migrations ran successfully, you should be able to see both the tables in your database with the fields you defined.

Configuring the Registrar Service

You are going to configure the Registrar service to add your newly defined users table fields. 

Edit the file app/Services/Registrar.php.

The validator function validates the data passed in from the user registration form. You have removed the default name field and added the first_name and last_name fields with a minimum length of three characters and a maximum length of 50 characters for both. The create function adds the registered user to the users table in the database, so you only need to include the first_name and last_name fields to it.

Updating the User Model

You will also need to update the User model to include the first_name and last_name fields. 

Edit the file app/User.php.

The $fillable array specifies which fields of the model are open to modification. You would generally not include fields that are auto-generated into this array or fields that do not require a user's input like the hash for a remember me token. All you have done is update the $fillable array to allow the first_name and last_name to be mass assignable.

Updating the View

Finally, you just need to update the front-end views to include the first_name and last_name fields. First, you will update the registration form. 

Edit the file resources/views/auth/register.blade.php.

You have added the first_name and last_name fields to the registration form. You also need to edit the default app layout at resources/views/app.blade.php to show the logged-in user's name in the navigation menu.

Securing Your Routes

To secure your routes and allow only logged-in users to be able to access them, you need to make use of the auth middleware which is provided by Laravel. The auth middleware can be found at app\Http\Middleware\Authenticate.php

Here are a few examples of how to use it to protect your routes.

Modifying the Default Authentication Routes

You can execute php artisan route:list in the terminal to check the default routes the authentication facade uses. You can access these routes to test your authentication code. Here are a few examples of how to modify these routes.

Edit the file app/Http/routes.php.

Also, remember to call the URIs dynamically in your views and email templates using the Laravel helpers. You can see how to do that in the GitHub repository of this quick tip.

Final Thoughts

The password reset feature sends the password reset link to the user's email, so make sure you have the mail configuration set up in your Laravel project. The view template for the password reset email is at resources/views/emails/password.blade.php. You can also configure a few other basic options in the config/auth.php file.

I hope you found this quick tip easy to follow. Until my next Tuts+ piece, happy coding!

Looking for something to help kick start your next project?
Envato Market has a range of items for sale to help get you started.