CINXE.COM
Authentication - Laravel 12.x - The PHP Framework For Web Artisans
<!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1"> <title>Authentication - Laravel 12.x - The PHP Framework For Web Artisans</title> <link rel="canonical" href="https://laravel.com/docs/12.x/authentication"> <!-- Primary Meta Tags --> <meta name="title" content="Authentication - Laravel 12.x - The PHP Framework For Web Artisans"> <meta name="description" content="Laravel is a PHP web application framework with expressive, elegant syntax. We’ve already laid the foundation — freeing you to create without sweating the small things."> <!-- Open Graph / Facebook --> <meta property="og:type" content="website"> <meta property="og:url" content="https://laravel.com/"> <meta property="og:title" content="Authentication - Laravel 12.x - The PHP Framework For Web Artisans"> <meta property="og:description" content="Laravel is a PHP web application framework with expressive, elegant syntax. We’ve already laid the foundation — freeing you to create without sweating the small things."> <meta property="og:image" content="https://laravel.com/images/og/laravel-docs-12.png"> <!-- Twitter --> <meta property="twitter:card" content="summary_large_image"> <meta property="twitter:url" content="https://laravel.com/"> <meta property="twitter:title" content="Authentication - Laravel 12.x - The PHP Framework For Web Artisans"> <meta property="twitter:description" content="Laravel is a PHP web application framework with expressive, elegant syntax. We’ve already laid the foundation — freeing you to create without sweating the small things."> <meta property="twitter:image" content="https://laravel.com/images/og/laravel-docs-12.png"> <!-- Favicon --> <link rel="apple-touch-icon" sizes="180x180" href="/img/favicon/apple-touch-icon.png"> <link rel="icon" type="image/png" sizes="32x32" href="/img/favicon/favicon-32x32.png"> <link rel="icon" type="image/png" sizes="16x16" href="/img/favicon/favicon-16x16.png"> <link rel="manifest" href="/img/favicon/site.webmanifest"> <link rel="mask-icon" href="/img/favicon/safari-pinned-tab.svg" color="#ff2d20"> <link rel="shortcut icon" href="/img/favicon/favicon.ico"> <meta name="msapplication-TileColor" content="#ff2d20"> <meta name="msapplication-config" content="/img/favicon/browserconfig.xml"> <meta name="theme-color" content="#ffffff"> <meta name="color-scheme" content="light"> <link rel="preload" href="/fonts/InstrumentSans.woff2" as="font" type="font/woff2" crossorigin="anonymous" /> <link rel="preconnect" href="https://E3MIRNPJH5-dsn.algolia.net" crossorigin /> <link rel="preload" as="style" href="https://laravel.com/build/assets/app-DTuzKHzc.css" /><link rel="modulepreload" href="https://laravel.com/build/assets/app-DsFpo0m6.js" /><link rel="modulepreload" href="https://laravel.com/build/assets/mediaQuery-Bm25Hv93.js" /><link rel="modulepreload" href="https://laravel.com/build/assets/module.esm-BKQTc33J.js" /><link rel="modulepreload" href="https://laravel.com/build/assets/docs-Ch76ti3c.js" /><link rel="modulepreload" href="https://laravel.com/build/assets/theme-switcher-CvREX8Sp.js" /><link rel="stylesheet" href="https://laravel.com/build/assets/app-DTuzKHzc.css" /><script type="module" src="https://laravel.com/build/assets/app-DsFpo0m6.js"></script><script type="module" src="https://laravel.com/build/assets/docs-Ch76ti3c.js"></script> <!-- Fathom - beautiful, simple website analytics --> <script src="https://cdn.usefathom.com/script.js" data-site="DVMEKBYF" defer></script> <!-- / Fathom --> <!-- Clearbit --> <script async src="https://tag.clearbitscripts.com/v1/pk_97d2bf69f817feb07be42fcda1460119/tags.js" referrerpolicy="strict-origin-when-cross-origin"></script> <script> const alwaysLightMode = false; const algolia_app_id = 'E3MIRNPJH5'; const algolia_search_key = '1fa3a8fec06eb1858d6ca137211225c0'; const version = '12.x'; if (!alwaysLightMode) { if (localStorage.theme === 'dark' || (localStorage.theme === 'system' && window.matchMedia("(prefers-color-scheme: dark)").matches)) { document.documentElement.classList.add("dark"); document.documentElement.setAttribute("data-theme", "dark"); document.documentElement.setAttribute("color-theme", "dark"); } } </script> <script> document.addEventListener('DOMContentLoaded', function () { // Set a CSS variable for the viewport width for the divider component document.documentElement.style.setProperty('--viewport-width', (document.body.clientWidth || 0)+'px'); }); window.addEventListener('resize', function () { document.documentElement.style.setProperty('--viewport-width', (document.body.clientWidth || 0)+'px'); }, { passive: true }); </script> </head> <body class="font-sans antialiased text-sand-light-12 bg-sand-light-1 dark:bg-sand-dark-1"> <div class="xl:px-0 mx-auto xl:max-w-[1400px] w-full max-w-full"> <div class="relative xl:border-l xl:mx-auto bg-sand-light-1 dark:bg-sand-dark-1 xl:border-sand-light-7 xl:dark:border-sand-dark-6"> <div id="nav-trigger" class="absolute left-0 top-32"></div> <nav class="sticky top-0 z-99 px-4 xl:px-16 py-8 h-(--popover-top-offset) dark:bg-sand-dark-1 transition-transform duration-300 bg-sand-light-1 border-b border-transparent sticky-nav docs-nav"> <div class="grid grid-cols-12 gap-4 lg:gap-6 xl:gap-x-10 relative items-center h-full overflow-hidden"> <ul class="flex items-start col-span-3 space-x-8 font-medium "> <li class="w-20 transition-transform duration-300 ease-in-out mr-18 text-laravel-red" id="nav-left"> <a href="https://laravel.com" class="flex items-center w-20 aspect-[80/23]"> <svg class="w-full h-full" width="1280" height="308" viewBox="0 0 1280 308" fill="none" xmlns="http://www.w3.org/2000/svg" > <path d="M50.2753 0H0V308.689H144.713V263.27H50.2753V0Z" fill="currentColor" /> <path d="M322.209 130.973C315.796 120.684 306.688 112.602 294.883 106.718C283.081 100.84 271.201 97.8969 259.253 97.8969C243.798 97.8969 229.665 100.764 216.843 106.496C204.014 112.228 193.015 120.099 183.834 130.091C174.654 140.088 167.51 151.628 162.412 164.706C157.308 177.792 154.761 191.54 154.761 205.94C154.761 220.645 157.308 234.457 162.412 247.39C167.508 260.332 174.652 271.796 183.834 281.788C193.015 291.785 204.017 299.647 216.843 305.379C229.665 311.111 243.798 313.978 259.253 313.978C271.201 313.978 283.081 311.038 294.883 305.159C306.688 299.282 315.796 291.197 322.209 280.904V308.685H369.865V103.186H322.209V130.973ZM317.837 231.076C314.922 239.016 310.841 245.925 305.598 251.804C300.35 257.687 294.009 262.389 286.579 265.917C279.146 269.445 270.905 271.208 261.875 271.208C252.837 271.208 244.676 269.445 237.391 265.917C230.104 262.389 223.839 257.687 218.593 251.804C213.345 245.925 209.335 239.016 206.57 231.076C203.794 223.138 202.417 214.759 202.417 205.942C202.417 197.12 203.794 188.742 206.57 180.804C209.335 172.866 213.345 165.961 218.593 160.078C223.839 154.201 230.102 149.493 237.391 145.965C244.676 142.437 252.837 140.674 261.875 140.674C270.908 140.674 279.146 142.437 286.579 145.965C294.009 149.493 300.35 154.199 305.598 160.078C310.844 165.961 314.922 172.866 317.837 180.804C320.748 188.742 322.209 197.12 322.209 205.942C322.209 214.759 320.748 223.138 317.837 231.076Z" fill="currentColor" /> <path d="M709.568 130.973C703.155 120.684 694.047 112.602 682.242 106.718C670.44 100.84 658.56 97.8969 646.612 97.8969C631.157 97.8969 617.024 100.764 604.202 106.496C591.373 112.228 580.374 120.099 571.193 130.091C562.013 140.088 554.869 151.628 549.771 164.706C544.666 177.792 542.12 191.54 542.12 205.94C542.12 220.645 544.666 234.457 549.771 247.39C554.867 260.332 562.01 271.796 571.193 281.788C580.374 291.785 591.375 299.647 604.202 305.379C617.024 311.111 631.157 313.978 646.612 313.978C658.56 313.978 670.44 311.038 682.242 305.159C694.047 299.282 703.155 291.197 709.568 280.904V308.685H757.224V103.186H709.568V130.973ZM705.198 231.076C702.283 239.016 698.202 245.925 692.959 251.804C687.711 257.687 681.37 262.389 673.94 265.917C666.507 269.445 658.266 271.208 649.236 271.208C640.198 271.208 632.037 269.445 624.752 265.917C617.465 262.389 611.2 257.687 605.954 251.804C600.706 245.925 596.696 239.016 593.931 231.076C591.155 223.138 589.778 214.759 589.778 205.942C589.778 197.12 591.155 188.742 593.931 180.804C596.696 172.866 600.706 165.961 605.954 160.078C611.2 154.201 617.463 149.493 624.752 145.965C632.037 142.437 640.198 140.674 649.236 140.674C658.269 140.674 666.507 142.437 673.94 145.965C681.37 149.493 687.711 154.199 692.959 160.078C698.205 165.961 702.283 172.866 705.198 180.804C708.109 188.742 709.57 197.12 709.57 205.942C709.568 214.759 708.107 223.138 705.198 231.076Z" fill="currentColor" /> <path d="M1280 1.12315e-05H1232.35V308.689H1280V1.12315e-05Z" fill="currentColor" /> <path d="M407.466 308.689H455.117V150.486H536.876V103.192H407.466V308.689Z" fill="currentColor" /> <path d="M948.281 103.192L888.386 260.557L828.489 103.192H780.224L858.441 308.689H918.331L996.546 103.192H948.281Z" fill="currentColor" /> <path d="M1100.48 97.908C1042.13 97.908 995.937 146.279 995.937 205.944C995.937 271.9 1040.64 313.98 1106.59 313.98C1143.5 313.98 1167.06 299.745 1195.85 268.746L1163.66 243.621C1163.64 243.646 1139.36 275.802 1103.1 275.802C1060.96 275.802 1043.22 241.533 1043.22 223.803H1201.32C1209.62 155.913 1165.37 97.908 1100.48 97.908ZM1043.35 188.085C1043.71 184.13 1049.2 136.086 1100.1 136.086C1151.01 136.086 1157.19 184.123 1157.55 188.085H1043.35Z" fill="currentColor" /> </svg> <span class="sr-only">Home</span> </a> </li> </ul> <div class="absolute top-0 flex items-center p-2 cursor-pointer right-9 lg:right-auto lg:top-auto lg:relative lg:col-span-6 lg:w-full lg:hover:bg-sand-light-4 lg:dark:hover:bg-sand-dark-4 rounded-xs lg:dark:bg-sand-dark-5 lg:bg-sand-light-3 text-sand-light-9-alpha-45 dark:text-sand-dark-11"> <svg class="w-6 h-6 lg:w-5 lg:h-5 lg:mr-2 shrink-0" width="20" height="20" viewBox="0 0 20 20" fill="none" xmlns="http://www.w3.org/2000/svg" > <g> <path d="M15.8333 15.8333L13.0523 13.0524M13.0523 13.0524C13.9943 12.1104 14.5769 10.8092 14.5769 9.3718C14.5769 6.49708 12.2465 4.16667 9.37176 4.16667C6.49704 4.16667 4.16663 6.49708 4.16663 9.3718C4.16663 12.2465 6.49704 14.5769 9.37176 14.5769C10.8091 14.5769 12.1104 13.9943 13.0523 13.0524Z" stroke="currentColor" stroke-width="1.5" stroke-linecap="round" stroke-linejoin="round" /> </g> </svg> <div class="grow"> <div id="docsearch" class="absolute inset-0 lg:*:px-9 lg:*:py-1.5 *:absolute *:inset-0 text-base bg-transparent text-sand-light-9-alpha-45/70 dark:text-sand-dark-10"></div> </div> <span class="ml-2 hidden lg:block mr-1.5 text-sm font-medium shrink-0 text-sand-light-9 dark:text-sand-dark-10">⌘K</span> </div> <div class="flex items-center justify-end col-span-9 gap-4 lg:col-span-3 dark:text-sand-dark-12"> <select x-data aria-label="Laravel version" @change="window.location = $event.target.value" class="hidden text-sm py-1.5 px-3 bg-sand-light-1 dark:bg-sand-dark-1 border-0 whitespace-nowrap lg:block" > <option value="https://laravel.com/docs/master/authentication"> Version Master </option> <option selected value="https://laravel.com/docs/12.x/authentication"> Version 12.x </option> <option value="https://laravel.com/docs/11.x/authentication"> Version 11.x </option> <option value="https://laravel.com/docs/10.x/authentication"> Version 10.x </option> <option value="https://laravel.com/docs/9.x/authentication"> Version 9.x </option> <option value="https://laravel.com/docs/8.x/authentication"> Version 8.x </option> <option value="https://laravel.com/docs/7.x/authentication"> Version 7.x </option> <option value="https://laravel.com/docs/6.x/authentication"> Version 6.x </option> <option value="https://laravel.com/docs/5.8/authentication"> Version 5.8 </option> <option value="https://laravel.com/docs/5.7/authentication"> Version 5.7 </option> <option value="https://laravel.com/docs/5.6/authentication"> Version 5.6 </option> <option value="https://laravel.com/docs/5.5/authentication"> Version 5.5 </option> <option value="https://laravel.com/docs/5.4/authentication"> Version 5.4 </option> <option value="https://laravel.com/docs/5.3/authentication"> Version 5.3 </option> <option value="https://laravel.com/docs/5.2/authentication"> Version 5.2 </option> <option value="https://laravel.com/docs/5.1/authentication"> Version 5.1 </option> <option value="https://laravel.com/docs/5.0/authentication"> Version 5.0 </option> <option value="https://laravel.com/docs/4.2/authentication"> Version 4.2 </option> </select> <select x-data aria-label="Laravel version" @change="window.location = $event.target.value" class="text-sm py-1.5 px-3 bg-sand-light-1 dark:bg-sand-dark-1 border-0 whitespace-nowrap lg:hidden" > <option value="https://laravel.com/docs/master/authentication"> vMaster </option> <option selected value="https://laravel.com/docs/12.x/authentication"> v12.x </option> <option value="https://laravel.com/docs/11.x/authentication"> v11.x </option> <option value="https://laravel.com/docs/10.x/authentication"> v10.x </option> <option value="https://laravel.com/docs/9.x/authentication"> v9.x </option> <option value="https://laravel.com/docs/8.x/authentication"> v8.x </option> <option value="https://laravel.com/docs/7.x/authentication"> v7.x </option> <option value="https://laravel.com/docs/6.x/authentication"> v6.x </option> <option value="https://laravel.com/docs/5.8/authentication"> v5.8 </option> <option value="https://laravel.com/docs/5.7/authentication"> v5.7 </option> <option value="https://laravel.com/docs/5.6/authentication"> v5.6 </option> <option value="https://laravel.com/docs/5.5/authentication"> v5.5 </option> <option value="https://laravel.com/docs/5.4/authentication"> v5.4 </option> <option value="https://laravel.com/docs/5.3/authentication"> v5.3 </option> <option value="https://laravel.com/docs/5.2/authentication"> v5.2 </option> <option value="https://laravel.com/docs/5.1/authentication"> v5.1 </option> <option value="https://laravel.com/docs/5.0/authentication"> v5.0 </option> <option value="https://laravel.com/docs/4.2/authentication"> v4.2 </option> </select> <div class="hidden lg:block"> <div class="flex items-center size-8 group" x-data="themeSwitcher" x-on:switch-theme.window="saveAndUpdate($event.detail)"> <button id="header__sun" @click="toSystemMode" title="Switch to system theme" class="size-8 cursor-default flex items-center justify-center text-sand-light-12 group-hover:text-sand-light-10 dark:text-sand-dark-12 dark:group-hover:text-sand-dark-10 transition duration-100 focus:outline-none focus:shadow-outline"> <svg class="size-6" width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"> <path d="M12.0002 3.29071V1.76746M5.8418 18.1585L4.7647 19.2356M12.0002 22.2326V20.7093M19.2357 4.76456L18.1586 5.84166M20.7095 12H22.2327M18.1586 18.1584L19.2357 19.2355M1.76758 12H3.29083M4.76462 4.7645L5.84173 5.8416M15.7123 8.2877C17.7626 10.338 17.7626 13.6621 15.7123 15.7123C13.6621 17.7626 10.338 17.7626 8.2877 15.7123C6.23745 13.6621 6.23745 10.338 8.2877 8.2877C10.338 6.23745 13.6621 6.23745 15.7123 8.2877Z" stroke="currentColor" stroke-width="1.5" stroke-linecap="square" stroke-linejoin="round"/> </svg> </button> <button id="header__moon" @click="toLightMode" title="Switch to light mode" class="size-8 cursor-default flex items-center justify-center text-sand-light-12 group-hover:text-sand-light-10 dark:text-sand-dark-12 dark:group-hover:text-sand-dark-10 transition duration-100 focus:outline-none focus:shadow-outline"> <svg class="size-6" width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"> <path fill-rule="evenodd" clip-rule="evenodd" d="M20.2496 14.1987C19.5326 14.3951 18.7782 14.5 18 14.5C13.3056 14.5 9.5 10.6944 9.5 5.99999C9.5 5.22185 9.60487 4.4674 9.80124 3.75043C6.15452 4.72095 3.46777 8.04578 3.46777 11.9981C3.46777 16.7114 7.28864 20.5323 12.0019 20.5323C15.9543 20.5323 19.2791 17.8455 20.2496 14.1987ZM20.5196 12.5328C19.7378 12.8346 18.8882 13 18 13C14.134 13 11 9.86598 11 5.99999C11 5.11181 11.1654 4.26226 11.4671 3.48047C11.6142 3.09951 11.7935 2.73464 12.0019 2.38923C12.0888 2.24526 12.1807 2.10466 12.2774 1.9677C12.1858 1.96523 12.094 1.96399 12.0019 1.96399C11.4758 1.96399 10.9592 2.00448 10.455 2.0825C5.64774 2.8264 1.96777 6.98251 1.96777 11.9981C1.96777 17.5398 6.46021 22.0323 12.0019 22.0323C17.0176 22.0323 21.1737 18.3523 21.9176 13.545C21.9956 13.0408 22.0361 12.5242 22.0361 11.9981C22.0361 11.906 22.0348 11.8141 22.0323 11.7226C21.8953 11.8193 21.7547 11.9112 21.6107 11.9981C21.2653 12.2065 20.9005 12.3858 20.5196 12.5328Z" fill="currentColor"/> <path d="M16.3333 5.33333L17.5 3L18.6667 5.33333L21 6.5L18.6667 7.66667L17.5 10L16.3333 7.66667L14 6.5L16.3333 5.33333Z" fill="currentColor"/> </svg> </button> <button id="header__indeterminate" @click="toDarkMode" title="Switch to dark mode" class="size-8 cursor-default flex items-center justify-center text-sand-light-12 group-hover:text-sand-light-10 dark:text-sand-dark-12 dark:group-hover:text-sand-dark-10 transition duration-100 focus:outline-none focus:shadow-outline"> <svg class="size-6 dark:hidden" width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"> <path fill-rule="evenodd" clip-rule="evenodd" d="M20.5 12C20.5 16.6944 16.6944 20.5 12 20.5V3.5C16.6944 3.5 20.5 7.30558 20.5 12ZM12 22C17.5228 22 22 17.5228 22 12C22 6.47715 17.5228 2 12 2C6.47715 2 2 6.47715 2 12C2 17.5228 6.47715 22 12 22Z" fill="currentColor" /> </svg> <svg class="size-6 hidden dark:block" width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"> <path fill-rule="evenodd" clip-rule="evenodd" d="M20.5 12C20.5 16.6944 16.6944 20.5 12 20.5V3.5C16.6944 3.5 20.5 7.30558 20.5 12ZM12 22C17.5228 22 22 17.5228 22 12C22 6.47715 17.5228 2 12 2C6.47715 2 2 6.47715 2 12C2 17.5228 6.47715 22 12 22Z" fill="currentColor"/> </svg> </button> </div> </div> <button popovertarget="docs-nav-mobile" class="cursor-pointer ml-13 lg:hidden"> <svg class="w-6 h-6 text-sand-light-9 hamburger-menu" width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" > <path d="M2.75 7.25H21.25M2.75 16.75H21.25" stroke="currentColor" stroke-width="1.5" stroke-linecap="square" /> </svg> <svg class="w-6 h-6 text-sand-light-9 close-menu" width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" > <path d="M4.75 4.75L19.25 19.25M19.25 4.75L4.75 19.25" stroke="currentColor" stroke-width="1.5" stroke-linecap="square" /> </svg> </button> </div> </div> </nav> <div popover id="docs-nav-mobile" class="fixed w-full bg-transparent main-nav-popover top-(--popover-top-offset)"> <div class="px-5 py-8 h-[calc(100dvh-5.5rem)] relative overflow-auto border-b docs_sidebar bg-sand-light-1 dark:bg-sand-dark-1"> <div class="absolute top-5 right-8"> <div class="flex items-center size-8 group" x-data="themeSwitcher" x-on:switch-theme.window="saveAndUpdate($event.detail)"> <button id="header__sun" @click="toSystemMode" title="Switch to system theme" class="size-8 cursor-default flex items-center justify-center text-sand-light-12 group-hover:text-sand-light-10 dark:text-sand-dark-12 dark:group-hover:text-sand-dark-10 transition duration-100 focus:outline-none focus:shadow-outline"> <svg class="size-6" width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"> <path d="M12.0002 3.29071V1.76746M5.8418 18.1585L4.7647 19.2356M12.0002 22.2326V20.7093M19.2357 4.76456L18.1586 5.84166M20.7095 12H22.2327M18.1586 18.1584L19.2357 19.2355M1.76758 12H3.29083M4.76462 4.7645L5.84173 5.8416M15.7123 8.2877C17.7626 10.338 17.7626 13.6621 15.7123 15.7123C13.6621 17.7626 10.338 17.7626 8.2877 15.7123C6.23745 13.6621 6.23745 10.338 8.2877 8.2877C10.338 6.23745 13.6621 6.23745 15.7123 8.2877Z" stroke="currentColor" stroke-width="1.5" stroke-linecap="square" stroke-linejoin="round"/> </svg> </button> <button id="header__moon" @click="toLightMode" title="Switch to light mode" class="size-8 cursor-default flex items-center justify-center text-sand-light-12 group-hover:text-sand-light-10 dark:text-sand-dark-12 dark:group-hover:text-sand-dark-10 transition duration-100 focus:outline-none focus:shadow-outline"> <svg class="size-6" width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"> <path fill-rule="evenodd" clip-rule="evenodd" d="M20.2496 14.1987C19.5326 14.3951 18.7782 14.5 18 14.5C13.3056 14.5 9.5 10.6944 9.5 5.99999C9.5 5.22185 9.60487 4.4674 9.80124 3.75043C6.15452 4.72095 3.46777 8.04578 3.46777 11.9981C3.46777 16.7114 7.28864 20.5323 12.0019 20.5323C15.9543 20.5323 19.2791 17.8455 20.2496 14.1987ZM20.5196 12.5328C19.7378 12.8346 18.8882 13 18 13C14.134 13 11 9.86598 11 5.99999C11 5.11181 11.1654 4.26226 11.4671 3.48047C11.6142 3.09951 11.7935 2.73464 12.0019 2.38923C12.0888 2.24526 12.1807 2.10466 12.2774 1.9677C12.1858 1.96523 12.094 1.96399 12.0019 1.96399C11.4758 1.96399 10.9592 2.00448 10.455 2.0825C5.64774 2.8264 1.96777 6.98251 1.96777 11.9981C1.96777 17.5398 6.46021 22.0323 12.0019 22.0323C17.0176 22.0323 21.1737 18.3523 21.9176 13.545C21.9956 13.0408 22.0361 12.5242 22.0361 11.9981C22.0361 11.906 22.0348 11.8141 22.0323 11.7226C21.8953 11.8193 21.7547 11.9112 21.6107 11.9981C21.2653 12.2065 20.9005 12.3858 20.5196 12.5328Z" fill="currentColor"/> <path d="M16.3333 5.33333L17.5 3L18.6667 5.33333L21 6.5L18.6667 7.66667L17.5 10L16.3333 7.66667L14 6.5L16.3333 5.33333Z" fill="currentColor"/> </svg> </button> <button id="header__indeterminate" @click="toDarkMode" title="Switch to dark mode" class="size-8 cursor-default flex items-center justify-center text-sand-light-12 group-hover:text-sand-light-10 dark:text-sand-dark-12 dark:group-hover:text-sand-dark-10 transition duration-100 focus:outline-none focus:shadow-outline"> <svg class="size-6 dark:hidden" width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"> <path fill-rule="evenodd" clip-rule="evenodd" d="M20.5 12C20.5 16.6944 16.6944 20.5 12 20.5V3.5C16.6944 3.5 20.5 7.30558 20.5 12ZM12 22C17.5228 22 22 17.5228 22 12C22 6.47715 17.5228 2 12 2C6.47715 2 2 6.47715 2 12C2 17.5228 6.47715 22 12 22Z" fill="currentColor" /> </svg> <svg class="size-6 hidden dark:block" width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"> <path fill-rule="evenodd" clip-rule="evenodd" d="M20.5 12C20.5 16.6944 16.6944 20.5 12 20.5V3.5C16.6944 3.5 20.5 7.30558 20.5 12ZM12 22C17.5228 22 22 17.5228 22 12C22 6.47715 17.5228 2 12 2C6.47715 2 2 6.47715 2 12C2 17.5228 6.47715 22 12 22Z" fill="currentColor"/> </svg> </button> </div> </div> <ul> <li> <h2>Prologue</h2> <ul> <li><a href="/docs/12.x/releases">Release Notes</a></li> <li><a href="/docs/12.x/upgrade">Upgrade Guide</a></li> <li><a href="/docs/12.x/contributions">Contribution Guide</a></li> </ul> </li> <li> <h2>Getting Started</h2> <ul> <li><a href="/docs/12.x/installation">Installation</a></li> <li><a href="/docs/12.x/configuration">Configuration</a></li> <li><a href="/docs/12.x/structure">Directory Structure</a></li> <li><a href="/docs/12.x/frontend">Frontend</a></li> <li><a href="/docs/12.x/starter-kits">Starter Kits</a></li> <li><a href="/docs/12.x/deployment">Deployment</a></li> </ul> </li> <li> <h2>Architecture Concepts</h2> <ul> <li><a href="/docs/12.x/lifecycle">Request Lifecycle</a></li> <li><a href="/docs/12.x/container">Service Container</a></li> <li><a href="/docs/12.x/providers">Service Providers</a></li> <li><a href="/docs/12.x/facades">Facades</a></li> </ul> </li> <li> <h2>The Basics</h2> <ul> <li><a href="/docs/12.x/routing">Routing</a></li> <li><a href="/docs/12.x/middleware">Middleware</a></li> <li><a href="/docs/12.x/csrf">CSRF Protection</a></li> <li><a href="/docs/12.x/controllers">Controllers</a></li> <li><a href="/docs/12.x/requests">Requests</a></li> <li><a href="/docs/12.x/responses">Responses</a></li> <li><a href="/docs/12.x/views">Views</a></li> <li><a href="/docs/12.x/blade">Blade Templates</a></li> <li><a href="/docs/12.x/vite">Asset Bundling</a></li> <li><a href="/docs/12.x/urls">URL Generation</a></li> <li><a href="/docs/12.x/session">Session</a></li> <li><a href="/docs/12.x/validation">Validation</a></li> <li><a href="/docs/12.x/errors">Error Handling</a></li> <li><a href="/docs/12.x/logging">Logging</a></li> </ul> </li> <li> <h2>Digging Deeper</h2> <ul> <li><a href="/docs/12.x/artisan">Artisan Console</a></li> <li><a href="/docs/12.x/broadcasting">Broadcasting</a></li> <li><a href="/docs/12.x/cache">Cache</a></li> <li><a href="/docs/12.x/collections">Collections</a></li> <li><a href="/docs/12.x/concurrency">Concurrency</a></li> <li><a href="/docs/12.x/context">Context</a></li> <li><a href="/docs/12.x/contracts">Contracts</a></li> <li><a href="/docs/12.x/events">Events</a></li> <li><a href="/docs/12.x/filesystem">File Storage</a></li> <li><a href="/docs/12.x/helpers">Helpers</a></li> <li><a href="/docs/12.x/http-client">HTTP Client</a></li> <li><a href="/docs/12.x/localization">Localization</a></li> <li><a href="/docs/12.x/mail">Mail</a></li> <li><a href="/docs/12.x/notifications">Notifications</a></li> <li><a href="/docs/12.x/packages">Package Development</a></li> <li><a href="/docs/12.x/processes">Processes</a></li> <li><a href="/docs/12.x/queues">Queues</a></li> <li><a href="/docs/12.x/rate-limiting">Rate Limiting</a></li> <li><a href="/docs/12.x/strings">Strings</a></li> <li><a href="/docs/12.x/scheduling">Task Scheduling</a></li> </ul> </li> <li class="sub--on"> <h2>Security</h2> <ul> <li class="active"><a href="/docs/12.x/authentication">Authentication</a></li> <li><a href="/docs/12.x/authorization">Authorization</a></li> <li><a href="/docs/12.x/verification">Email Verification</a></li> <li><a href="/docs/12.x/encryption">Encryption</a></li> <li><a href="/docs/12.x/hashing">Hashing</a></li> <li><a href="/docs/12.x/passwords">Password Reset</a></li> </ul> </li> <li> <h2>Database</h2> <ul> <li><a href="/docs/12.x/database">Getting Started</a></li> <li><a href="/docs/12.x/queries">Query Builder</a></li> <li><a href="/docs/12.x/pagination">Pagination</a></li> <li><a href="/docs/12.x/migrations">Migrations</a></li> <li><a href="/docs/12.x/seeding">Seeding</a></li> <li><a href="/docs/12.x/redis">Redis</a></li> <li><a href="/docs/12.x/mongodb">MongoDB</a></li> </ul> </li> <li> <h2>Eloquent ORM</h2> <ul> <li><a href="/docs/12.x/eloquent">Getting Started</a></li> <li><a href="/docs/12.x/eloquent-relationships">Relationships</a></li> <li><a href="/docs/12.x/eloquent-collections">Collections</a></li> <li><a href="/docs/12.x/eloquent-mutators">Mutators / Casts</a></li> <li><a href="/docs/12.x/eloquent-resources">API Resources</a></li> <li><a href="/docs/12.x/eloquent-serialization">Serialization</a></li> <li><a href="/docs/12.x/eloquent-factories">Factories</a></li> </ul> </li> <li> <h2>Testing</h2> <ul> <li><a href="/docs/12.x/testing">Getting Started</a></li> <li><a href="/docs/12.x/http-tests">HTTP Tests</a></li> <li><a href="/docs/12.x/console-tests">Console Tests</a></li> <li><a href="/docs/12.x/dusk">Browser Tests</a></li> <li><a href="/docs/12.x/database-testing">Database</a></li> <li><a href="/docs/12.x/mocking">Mocking</a></li> </ul> </li> <li> <h2>Packages</h2> <ul> <li><a href="/docs/12.x/billing">Cashier (Stripe)</a></li> <li><a href="/docs/12.x/cashier-paddle">Cashier (Paddle)</a></li> <li><a href="/docs/12.x/dusk">Dusk</a></li> <li><a href="/docs/12.x/envoy">Envoy</a></li> <li><a href="/docs/12.x/fortify">Fortify</a></li> <li><a href="/docs/12.x/folio">Folio</a></li> <li><a href="/docs/12.x/homestead">Homestead</a></li> <li><a href="/docs/12.x/horizon">Horizon</a></li> <li><a href="/docs/12.x/mix">Mix</a></li> <li><a href="/docs/12.x/octane">Octane</a></li> <li><a href="/docs/12.x/passport">Passport</a></li> <li><a href="/docs/12.x/pennant">Pennant</a></li> <li><a href="/docs/12.x/pint">Pint</a></li> <li><a href="/docs/12.x/precognition">Precognition</a></li> <li><a href="/docs/12.x/prompts">Prompts</a></li> <li><a href="/docs/12.x/pulse">Pulse</a></li> <li><a href="/docs/12.x/reverb">Reverb</a></li> <li><a href="/docs/12.x/sail">Sail</a></li> <li><a href="/docs/12.x/sanctum">Sanctum</a></li> <li><a href="/docs/12.x/scout">Scout</a></li> <li><a href="/docs/12.x/socialite">Socialite</a></li> <li><a href="/docs/12.x/telescope">Telescope</a></li> <li><a href="/docs/12.x/valet">Valet</a></li> </ul> </li> <li><a href="https://api.laravel.com/docs/12.x">API Documentation</a></li> </ul> </div> </div> <div class="px-4 xl:px-16"> <a id="skip-to-content-link" href="#main-content" class="absolute bg-gray-100 px-4 py-2 top-3 left-3 text-gray-700 shadow-xl" > Skip to content </a> <div class="grid grid-cols-12 gap-4 lg:gap-6 xl:gap-x-10 px-6 mt-10 lg:px-0" id="docsScreen"> <aside class="relative col-span-3 lg:pb-6"> <div class="sticky bottom-0 left-0 z-20 hidden top-22 lg:block"> <div class="relative flex flex-col flex-1 max-h-screen pl-16 -ml-16 overflow-auto sticky-side-nav"> <nav id="indexed-nav" class="hidden lg:block"> <div class="docs_sidebar"> <ul> <li> <h2>Prologue</h2> <ul> <li><a href="/docs/12.x/releases">Release Notes</a></li> <li><a href="/docs/12.x/upgrade">Upgrade Guide</a></li> <li><a href="/docs/12.x/contributions">Contribution Guide</a></li> </ul> </li> <li> <h2>Getting Started</h2> <ul> <li><a href="/docs/12.x/installation">Installation</a></li> <li><a href="/docs/12.x/configuration">Configuration</a></li> <li><a href="/docs/12.x/structure">Directory Structure</a></li> <li><a href="/docs/12.x/frontend">Frontend</a></li> <li><a href="/docs/12.x/starter-kits">Starter Kits</a></li> <li><a href="/docs/12.x/deployment">Deployment</a></li> </ul> </li> <li> <h2>Architecture Concepts</h2> <ul> <li><a href="/docs/12.x/lifecycle">Request Lifecycle</a></li> <li><a href="/docs/12.x/container">Service Container</a></li> <li><a href="/docs/12.x/providers">Service Providers</a></li> <li><a href="/docs/12.x/facades">Facades</a></li> </ul> </li> <li> <h2>The Basics</h2> <ul> <li><a href="/docs/12.x/routing">Routing</a></li> <li><a href="/docs/12.x/middleware">Middleware</a></li> <li><a href="/docs/12.x/csrf">CSRF Protection</a></li> <li><a href="/docs/12.x/controllers">Controllers</a></li> <li><a href="/docs/12.x/requests">Requests</a></li> <li><a href="/docs/12.x/responses">Responses</a></li> <li><a href="/docs/12.x/views">Views</a></li> <li><a href="/docs/12.x/blade">Blade Templates</a></li> <li><a href="/docs/12.x/vite">Asset Bundling</a></li> <li><a href="/docs/12.x/urls">URL Generation</a></li> <li><a href="/docs/12.x/session">Session</a></li> <li><a href="/docs/12.x/validation">Validation</a></li> <li><a href="/docs/12.x/errors">Error Handling</a></li> <li><a href="/docs/12.x/logging">Logging</a></li> </ul> </li> <li> <h2>Digging Deeper</h2> <ul> <li><a href="/docs/12.x/artisan">Artisan Console</a></li> <li><a href="/docs/12.x/broadcasting">Broadcasting</a></li> <li><a href="/docs/12.x/cache">Cache</a></li> <li><a href="/docs/12.x/collections">Collections</a></li> <li><a href="/docs/12.x/concurrency">Concurrency</a></li> <li><a href="/docs/12.x/context">Context</a></li> <li><a href="/docs/12.x/contracts">Contracts</a></li> <li><a href="/docs/12.x/events">Events</a></li> <li><a href="/docs/12.x/filesystem">File Storage</a></li> <li><a href="/docs/12.x/helpers">Helpers</a></li> <li><a href="/docs/12.x/http-client">HTTP Client</a></li> <li><a href="/docs/12.x/localization">Localization</a></li> <li><a href="/docs/12.x/mail">Mail</a></li> <li><a href="/docs/12.x/notifications">Notifications</a></li> <li><a href="/docs/12.x/packages">Package Development</a></li> <li><a href="/docs/12.x/processes">Processes</a></li> <li><a href="/docs/12.x/queues">Queues</a></li> <li><a href="/docs/12.x/rate-limiting">Rate Limiting</a></li> <li><a href="/docs/12.x/strings">Strings</a></li> <li><a href="/docs/12.x/scheduling">Task Scheduling</a></li> </ul> </li> <li class="sub--on"> <h2>Security</h2> <ul> <li class="active"><a href="/docs/12.x/authentication">Authentication</a></li> <li><a href="/docs/12.x/authorization">Authorization</a></li> <li><a href="/docs/12.x/verification">Email Verification</a></li> <li><a href="/docs/12.x/encryption">Encryption</a></li> <li><a href="/docs/12.x/hashing">Hashing</a></li> <li><a href="/docs/12.x/passwords">Password Reset</a></li> </ul> </li> <li> <h2>Database</h2> <ul> <li><a href="/docs/12.x/database">Getting Started</a></li> <li><a href="/docs/12.x/queries">Query Builder</a></li> <li><a href="/docs/12.x/pagination">Pagination</a></li> <li><a href="/docs/12.x/migrations">Migrations</a></li> <li><a href="/docs/12.x/seeding">Seeding</a></li> <li><a href="/docs/12.x/redis">Redis</a></li> <li><a href="/docs/12.x/mongodb">MongoDB</a></li> </ul> </li> <li> <h2>Eloquent ORM</h2> <ul> <li><a href="/docs/12.x/eloquent">Getting Started</a></li> <li><a href="/docs/12.x/eloquent-relationships">Relationships</a></li> <li><a href="/docs/12.x/eloquent-collections">Collections</a></li> <li><a href="/docs/12.x/eloquent-mutators">Mutators / Casts</a></li> <li><a href="/docs/12.x/eloquent-resources">API Resources</a></li> <li><a href="/docs/12.x/eloquent-serialization">Serialization</a></li> <li><a href="/docs/12.x/eloquent-factories">Factories</a></li> </ul> </li> <li> <h2>Testing</h2> <ul> <li><a href="/docs/12.x/testing">Getting Started</a></li> <li><a href="/docs/12.x/http-tests">HTTP Tests</a></li> <li><a href="/docs/12.x/console-tests">Console Tests</a></li> <li><a href="/docs/12.x/dusk">Browser Tests</a></li> <li><a href="/docs/12.x/database-testing">Database</a></li> <li><a href="/docs/12.x/mocking">Mocking</a></li> </ul> </li> <li> <h2>Packages</h2> <ul> <li><a href="/docs/12.x/billing">Cashier (Stripe)</a></li> <li><a href="/docs/12.x/cashier-paddle">Cashier (Paddle)</a></li> <li><a href="/docs/12.x/dusk">Dusk</a></li> <li><a href="/docs/12.x/envoy">Envoy</a></li> <li><a href="/docs/12.x/fortify">Fortify</a></li> <li><a href="/docs/12.x/folio">Folio</a></li> <li><a href="/docs/12.x/homestead">Homestead</a></li> <li><a href="/docs/12.x/horizon">Horizon</a></li> <li><a href="/docs/12.x/mix">Mix</a></li> <li><a href="/docs/12.x/octane">Octane</a></li> <li><a href="/docs/12.x/passport">Passport</a></li> <li><a href="/docs/12.x/pennant">Pennant</a></li> <li><a href="/docs/12.x/pint">Pint</a></li> <li><a href="/docs/12.x/precognition">Precognition</a></li> <li><a href="/docs/12.x/prompts">Prompts</a></li> <li><a href="/docs/12.x/pulse">Pulse</a></li> <li><a href="/docs/12.x/reverb">Reverb</a></li> <li><a href="/docs/12.x/sail">Sail</a></li> <li><a href="/docs/12.x/sanctum">Sanctum</a></li> <li><a href="/docs/12.x/scout">Scout</a></li> <li><a href="/docs/12.x/socialite">Socialite</a></li> <li><a href="/docs/12.x/telescope">Telescope</a></li> <li><a href="/docs/12.x/valet">Valet</a></li> </ul> </li> <li><a href="https://api.laravel.com/docs/12.x">API Documentation</a></li> </ul> </div> </nav> </div> </div> </aside> <section class="col-span-12 lg:col-span-9 xl:col-span-6"> <div> <section> <section class="docs_main max-w-prose"> <div id="main-content"> <h1>Authentication</h1> <ul> <li><a href="#introduction">Introduction</a> <ul> <li><a href="#starter-kits">Starter Kits</a></li> <li><a href="#introduction-database-considerations">Database Considerations</a></li> <li><a href="#ecosystem-overview">Ecosystem Overview</a></li> </ul> </li> <li><a href="#authentication-quickstart">Authentication Quickstart</a> <ul> <li><a href="#install-a-starter-kit">Install a Starter Kit</a></li> <li><a href="#retrieving-the-authenticated-user">Retrieving the Authenticated User</a></li> <li><a href="#protecting-routes">Protecting Routes</a></li> <li><a href="#login-throttling">Login Throttling</a></li> </ul> </li> <li><a href="#authenticating-users">Manually Authenticating Users</a> <ul> <li><a href="#remembering-users">Remembering Users</a></li> <li><a href="#other-authentication-methods">Other Authentication Methods</a></li> </ul> </li> <li><a href="#http-basic-authentication">HTTP Basic Authentication</a> <ul> <li><a href="#stateless-http-basic-authentication">Stateless HTTP Basic Authentication</a></li> </ul> </li> <li><a href="#logging-out">Logging Out</a> <ul> <li><a href="#invalidating-sessions-on-other-devices">Invalidating Sessions on Other Devices</a></li> </ul> </li> <li><a href="#password-confirmation">Password Confirmation</a> <ul> <li><a href="#password-confirmation-configuration">Configuration</a></li> <li><a href="#password-confirmation-routing">Routing</a></li> <li><a href="#password-confirmation-protecting-routes">Protecting Routes</a></li> </ul> </li> <li><a href="#adding-custom-guards">Adding Custom Guards</a> <ul> <li><a href="#closure-request-guards">Closure Request Guards</a></li> </ul> </li> <li><a href="#adding-custom-user-providers">Adding Custom User Providers</a> <ul> <li><a href="#the-user-provider-contract">The User Provider Contract</a></li> <li><a href="#the-authenticatable-contract">The Authenticatable Contract</a></li> </ul> </li> <li><a href="#automatic-password-rehashing">Automatic Password Rehashing</a></li> <li><a href="/docs/12.x/socialite">Social Authentication</a></li> <li><a href="#events">Events</a></li> </ul> <h2 id="introduction"><a href="#introduction">Introduction</a></h2> <p>Many web applications provide a way for their users to authenticate with the application and "login". Implementing this feature in web applications can be a complex and potentially risky endeavor. For this reason, Laravel strives to give you the tools you need to implement authentication quickly, securely, and easily.</p> <p>At its core, Laravel's authentication facilities are made up of "guards" and "providers". Guards define how users are authenticated for each request. For example, Laravel ships with a <code>session</code> guard which maintains state using session storage and cookies.</p> <p>Providers define how users are retrieved from your persistent storage. Laravel ships with support for retrieving users using <a href="/docs/12.x/eloquent">Eloquent</a> and the database query builder. However, you are free to define additional providers as needed for your application.</p> <p>Your application's authentication configuration file is located at <code>config/auth.php</code>. This file contains several well-documented options for tweaking the behavior of Laravel's authentication services.</p> <div class="flex flex-col p-3 mb-10 space-y-4 text-base leading-normal border rounded-md lg:flex-row lg:space-y-0 lg:space-x-4 border-sand-light-5 callout dark:border-sand-dark-5 dark:text-sand-light-3 text-sand-dark-3"> <div class="w-8 h-8 p-2 rounded-xs flex items-center justify-center shrink-0 bg-[#8D54C5]"> <svg width="16" height="21" viewBox="0 0 16 21" fill="none" xmlns="http://www.w3.org/2000/svg"> <path d="M5 20H11M5.5 14H10.5M15 8C15 4.13401 11.866 1 8 1C4.13401 1 1 4.13401 1 8C1 10.7924 2.63505 13.2029 5 14.3264V17H11V14.3264C13.3649 13.2029 15 10.7924 15 8Z" stroke="#FDFDFC" stroke-width="1.5" stroke-linecap="square"/> </svg> </div> <p class="callout"> Guards and providers should not be confused with "roles" and "permissions". To learn more about authorizing user actions via permissions, please refer to the <a href="/docs/12.x/authorization">authorization</a> documentation.</p> </div> <h3 id="starter-kits"><a href="#starter-kits">Starter Kits</a></h3> <p>Want to get started fast? Install a <a href="/docs/12.x/starter-kits">Laravel application starter kit</a> in a fresh Laravel application. After migrating your database, navigate your browser to <code>/register</code> or any other URL that is assigned to your application. The starter kits will take care of scaffolding your entire authentication system!</p> <p><strong>Even if you choose not to use a starter kit in your final Laravel application, installing a <a href="/docs/12.x/starter-kits">starter kit</a> can be a wonderful opportunity to learn how to implement all of Laravel's authentication functionality in an actual Laravel project.</strong> Since the Laravel starter kits contain authentication controllers, routes, and views for you, you can examine the code within these files to learn how Laravel's authentication features may be implemented.</p> <h3 id="introduction-database-considerations"><a href="#introduction-database-considerations">Database Considerations</a></h3> <p>By default, Laravel includes an <code>App\Models\User</code> <a href="/docs/12.x/eloquent">Eloquent model</a> in your <code>app/Models</code> directory. This model may be used with the default Eloquent authentication driver.</p> <p>If your application is not using Eloquent, you may use the <code>database</code> authentication provider which uses the Laravel query builder. If your application is using MongoDB, check out MongoDB's official <a href="https://www.mongodb.com/docs/drivers/php/laravel-mongodb/current/user-authentication/">Laravel user authentication documentation</a> .</p> <p>When building the database schema for the <code>App\Models\User</code> model, make sure the password column is at least 60 characters in length. Of course, the <code>users</code> table migration that is included in new Laravel applications already creates a column that exceeds this length.</p> <p>Also, you should verify that your <code>users</code> (or equivalent) table contains a nullable, string <code>remember_token</code> column of 100 characters. This column will be used to store a token for users that select the "remember me" option when logging into your application. Again, the default <code>users</code> table migration that is included in new Laravel applications already contains this column.</p> <h3 id="ecosystem-overview"><a href="#ecosystem-overview">Ecosystem Overview</a></h3> <p>Laravel offers several packages related to authentication. Before continuing, we'll review the general authentication ecosystem in Laravel and discuss each package's intended purpose.</p> <p>First, consider how authentication works. When using a web browser, a user will provide their username and password via a login form. If these credentials are correct, the application will store information about the authenticated user in the user's <a href="/docs/12.x/session">session</a>. A cookie issued to the browser contains the session ID so that subsequent requests to the application can associate the user with the correct session. After the session cookie is received, the application will retrieve the session data based on the session ID, note that the authentication information has been stored in the session, and will consider the user as "authenticated".</p> <p>When a remote service needs to authenticate to access an API, cookies are not typically used for authentication because there is no web browser. Instead, the remote service sends an API token to the API on each request. The application may validate the incoming token against a table of valid API tokens and "authenticate" the request as being performed by the user associated with that API token.</p> <h4 id="laravels-built-in-browser-authentication-services"><a href="#laravels-built-in-browser-authentication-services">Laravel's Built-in Browser Authentication Services</a></h4> <p>Laravel includes built-in authentication and session services which are typically accessed via the <code>Auth</code> and <code>Session</code> facades. These features provide cookie-based authentication for requests that are initiated from web browsers. They provide methods that allow you to verify a user's credentials and authenticate the user. In addition, these services will automatically store the proper authentication data in the user's session and issue the user's session cookie. A discussion of how to use these services is contained within this documentation.</p> <p><strong>Application Starter Kits</strong></p> <p>As discussed in this documentation, you can interact with these authentication services manually to build your application's own authentication layer. However, to help you get started more quickly, we have released <a href="/docs/12.x/starter-kits">free starter kits</a> that provide robust, modern scaffolding of the entire authentication layer.</p> <h4 id="laravels-api-authentication-services"><a href="#laravels-api-authentication-services">Laravel's API Authentication Services</a></h4> <p>Laravel provides two optional packages to assist you in managing API tokens and authenticating requests made with API tokens: <a href="/docs/12.x/passport">Passport</a> and <a href="/docs/12.x/sanctum">Sanctum</a>. Please note that these libraries and Laravel's built-in cookie based authentication libraries are not mutually exclusive. These libraries primarily focus on API token authentication while the built-in authentication services focus on cookie based browser authentication. Many applications will use both Laravel's built-in cookie based authentication services and one of Laravel's API authentication packages.</p> <p><strong>Passport</strong></p> <p>Passport is an OAuth2 authentication provider, offering a variety of OAuth2 "grant types" which allow you to issue various types of tokens. In general, this is a robust and complex package for API authentication. However, most applications do not require the complex features offered by the OAuth2 spec, which can be confusing for both users and developers. In addition, developers have been historically confused about how to authenticate SPA applications or mobile applications using OAuth2 authentication providers like Passport.</p> <p><strong>Sanctum</strong></p> <p>In response to the complexity of OAuth2 and developer confusion, we set out to build a simpler, more streamlined authentication package that could handle both first-party web requests from a web browser and API requests via tokens. This goal was realized with the release of <a href="/docs/12.x/sanctum">Laravel Sanctum</a>, which should be considered the preferred and recommended authentication package for applications that will be offering a first-party web UI in addition to an API, or will be powered by a single-page application (SPA) that exists separately from the backend Laravel application, or applications that offer a mobile client.</p> <p>Laravel Sanctum is a hybrid web / API authentication package that can manage your application's entire authentication process. This is possible because when Sanctum based applications receive a request, Sanctum will first determine if the request includes a session cookie that references an authenticated session. Sanctum accomplishes this by calling Laravel's built-in authentication services which we discussed earlier. If the request is not being authenticated via a session cookie, Sanctum will inspect the request for an API token. If an API token is present, Sanctum will authenticate the request using that token. To learn more about this process, please consult Sanctum's <a href="/docs/12.x/sanctum#how-it-works">"how it works"</a> documentation.</p> <h4 id="summary-choosing-your-stack"><a href="#summary-choosing-your-stack">Summary and Choosing Your Stack</a></h4> <p>In summary, if your application will be accessed using a browser and you are building a monolithic Laravel application, your application will use Laravel's built-in authentication services.</p> <p>Next, if your application offers an API that will be consumed by third parties, you will choose between <a href="/docs/12.x/passport">Passport</a> or <a href="/docs/12.x/sanctum">Sanctum</a> to provide API token authentication for your application. In general, Sanctum should be preferred when possible since it is a simple, complete solution for API authentication, SPA authentication, and mobile authentication, including support for "scopes" or "abilities".</p> <p>If you are building a single-page application (SPA) that will be powered by a Laravel backend, you should use <a href="/docs/12.x/sanctum">Laravel Sanctum</a>. When using Sanctum, you will either need to <a href="#authenticating-users">manually implement your own backend authentication routes</a> or utilize <a href="/docs/12.x/fortify">Laravel Fortify</a> as a headless authentication backend service that provides routes and controllers for features such as registration, password reset, email verification, and more.</p> <p>Passport may be chosen when your application absolutely needs all of the features provided by the OAuth2 specification.</p> <p>And, if you would like to get started quickly, we are pleased to recommend <a href="/docs/12.x/starter-kits">our application starter kits</a> as a quick way to start a new Laravel application that already uses our preferred authentication stack of Laravel's built-in authentication services.</p> <h2 id="authentication-quickstart"><a href="#authentication-quickstart">Authentication Quickstart</a></h2> <div class="flex flex-col p-3 mb-10 space-y-4 text-base leading-normal border rounded-md lg:flex-row lg:space-y-0 lg:space-x-4 border-sand-light-5 callout dark:border-sand-dark-5 dark:text-sand-light-3 text-sand-dark-3"> <div class="w-8 h-8 p-2 rounded-xs flex items-center justify-center shrink-0 bg-[#F53003]"> <svg width="2" height="18" viewBox="0 0 2 18" fill="none" xmlns="http://www.w3.org/2000/svg"> <path d="M1 17V16.99M1 1V13" stroke="#FDFDFC" stroke-width="2" stroke-linecap="square"/> </svg> </div> <p class="callout"> This portion of the documentation discusses authenticating users via the <a href="/docs/12.x/starter-kits">Laravel application starter kits</a>, which includes UI scaffolding to help you get started quickly. If you would like to integrate with Laravel's authentication systems directly, check out the documentation on <a href="#authenticating-users">manually authenticating users</a>.</p> </div> <h3 id="install-a-starter-kit"><a href="#install-a-starter-kit">Install a Starter Kit</a></h3> <p>First, you should <a href="/docs/12.x/starter-kits">install a Laravel application starter kit</a>. Our starter kits offer beautifully designed starting points for incorporating authentication into your fresh Laravel application.</p> <h3 id="retrieving-the-authenticated-user"><a href="#retrieving-the-authenticated-user">Retrieving the Authenticated User</a></h3> <p>After creating an application from a starter kit and allowing users to register and authenticate with your application, you will often need to interact with the currently authenticated user. While handling an incoming request, you may access the authenticated user via the <code>Auth</code> facade's <code>user</code> method:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Support\Facades\</span><span style="color: #FFCB8B;">Auth</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #697098;">//</span><span style="color: #697098;"> Retrieve the currently authenticated user...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">4</span><span style="color: #BEC5D4;">$user</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">=</span><span style="color: #BFC7D5;"> </span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">user</span><span style="color: #BFC7D5;">();</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">5</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">6</span><span style="color: #697098;">//</span><span style="color: #697098;"> Retrieve the currently authenticated user's ID...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">7</span><span style="color: #BEC5D4;">$id</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">=</span><span style="color: #BFC7D5;"> </span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">id</span><span style="color: #BFC7D5;">();</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> use Illuminate\Support\Facades\Auth; // Retrieve the currently authenticated user... $user = Auth::user(); // Retrieve the currently authenticated user's ID... $id = Auth::id();</div></code></pre> </div> <p>Alternatively, once a user is authenticated, you may access the authenticated user via an <code>Illuminate\Http\Request</code> instance. Remember, type-hinted classes will automatically be injected into your controller methods. By type-hinting the <code>Illuminate\Http\Request</code> object, you may gain convenient access to the authenticated user from any controller method in your application via the request's <code>user</code> method:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 1</span><span style="color: #D3423E;"><?php</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 2</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 3</span><span style="color: #C792EA;">namespace</span><span style="color: #BFC7D5;"> App\Http\Controllers;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 4</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 5</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Http\</span><span style="color: #FFCB8B;">RedirectResponse</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 6</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Http\</span><span style="color: #FFCB8B;">Request</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 7</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 8</span><span style="color: #C792EA;">class</span><span style="color: #BFC7D5;"> </span><span style="color: #FFCB6B;">FlightController</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">extends</span><span style="color: #BFC7D5;"> </span><span style="color: #A9C77D;">Controller</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 9</span><span style="color: #BFC7D5;">{</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">10</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">/**</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">11</span><span style="color: #697098;"> * Update the flight information for an existing flight.</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">12</span><span style="color: #697098;"> </span><span style="color: #697098;">*/</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">13</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">public</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">update</span><span style="color: #D9F5DD;">(</span><span style="color: #FFCB8B;">Request</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$request</span><span style="color: #D9F5DD;">)</span><span style="color: #89DDFF;">:</span><span style="color: #BFC7D5;"> </span><span style="color: #FFCB8B;">RedirectResponse</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">14</span><span style="color: #BFC7D5;"> {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">15</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$user</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">=</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$request</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">user</span><span style="color: #BFC7D5;">();</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">16</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">17</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> ...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">18</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">19</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">return</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">redirect</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">/flights</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">);</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">20</span><span style="color: #BFC7D5;"> }</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">21</span><span style="color: #BFC7D5;">}</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> <?php namespace App\Http\Controllers; use Illuminate\Http\RedirectResponse; use Illuminate\Http\Request; class FlightController extends Controller { /** * Update the flight information for an existing flight. */ public function update(Request $request): RedirectResponse { $user = $request->user(); // ... return redirect('/flights'); } }</div></code></pre> </div> <h4 id="determining-if-the-current-user-is-authenticated"><a href="#determining-if-the-current-user-is-authenticated">Determining if the Current User is Authenticated</a></h4> <p>To determine if the user making the incoming HTTP request is authenticated, you may use the <code>check</code> method on the <code>Auth</code> facade. This method will return <code>true</code> if the user is authenticated:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Support\Facades\</span><span style="color: #FFCB8B;">Auth</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #C792EA;">if</span><span style="color: #BFC7D5;"> (</span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">check</span><span style="color: #BFC7D5;">()) {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">4</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> The user is logged in...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">5</span><span style="color: #BFC7D5;">}</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> use Illuminate\Support\Facades\Auth; if (Auth::check()) { // The user is logged in... }</div></code></pre> </div> <div class="flex flex-col p-3 mb-10 space-y-4 text-base leading-normal border rounded-md lg:flex-row lg:space-y-0 lg:space-x-4 border-sand-light-5 callout dark:border-sand-dark-5 dark:text-sand-light-3 text-sand-dark-3"> <div class="w-8 h-8 p-2 rounded-xs flex items-center justify-center shrink-0 bg-[#8D54C5]"> <svg width="16" height="21" viewBox="0 0 16 21" fill="none" xmlns="http://www.w3.org/2000/svg"> <path d="M5 20H11M5.5 14H10.5M15 8C15 4.13401 11.866 1 8 1C4.13401 1 1 4.13401 1 8C1 10.7924 2.63505 13.2029 5 14.3264V17H11V14.3264C13.3649 13.2029 15 10.7924 15 8Z" stroke="#FDFDFC" stroke-width="1.5" stroke-linecap="square"/> </svg> </div> <p class="callout"> Even though it is possible to determine if a user is authenticated using the <code>check</code> method, you will typically use a middleware to verify that the user is authenticated before allowing the user access to certain routes / controllers. To learn more about this, check out the documentation on <a href="/docs/12.x/authentication#protecting-routes">protecting routes</a>.</p> </div> <h3 id="protecting-routes"><a href="#protecting-routes">Protecting Routes</a></h3> <p><a href="/docs/12.x/middleware">Route middleware</a> can be used to only allow authenticated users to access a given route. Laravel ships with an <code>auth</code> middleware, which is a <a href="/docs/12.x/middleware#middleware-aliases">middleware alias</a> for the <code>Illuminate\Auth\Middleware\Authenticate</code> class. Since this middleware is already aliased internally by Laravel, all you need to do is attach the middleware to a route definition:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #FFCB8B;">Route</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">get</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">/flights</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">, </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">()</span><span style="color: #BFC7D5;"> {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> Only authenticated users may access this route...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #BFC7D5;">})</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">middleware</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">auth</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">);</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> Route::get('/flights', function () { // Only authenticated users may access this route... })->middleware('auth');</div></code></pre> </div> <h4 id="redirecting-unauthenticated-users"><a href="#redirecting-unauthenticated-users">Redirecting Unauthenticated Users</a></h4> <p>When the <code>auth</code> middleware detects an unauthenticated user, it will redirect the user to the <code>login</code> <a href="/docs/12.x/routing#named-routes">named route</a>. You may modify this behavior using the <code>redirectGuestsTo</code> method within your application's <code>bootstrap/app.php</code> file:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Http\</span><span style="color: #FFCB8B;">Request</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">withMiddleware</span><span style="color: #BFC7D5;">(</span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">(</span><span style="color: #FFCB8B;">Middleware</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$middleware</span><span style="color: #D9F5DD;">)</span><span style="color: #BFC7D5;"> {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">4</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$middleware</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">redirectGuestsTo</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">/login</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">);</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">5</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">6</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> Using a closure...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">7</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$middleware</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">redirectGuestsTo</span><span style="color: #BFC7D5;">(</span><span style="color: #C792EA;">fn</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">(</span><span style="color: #FFCB8B;">Request</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$request</span><span style="color: #D9F5DD;">)</span><span style="color: #BFC7D5;"> => </span><span style="color: #82AAFF;">route</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">login</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">));</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">8</span><span style="color: #BFC7D5;">})</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> use Illuminate\Http\Request; ->withMiddleware(function (Middleware $middleware) { $middleware->redirectGuestsTo('/login'); // Using a closure... $middleware->redirectGuestsTo(fn (Request $request) => route('login')); })</div></code></pre> </div> <h4 id="redirecting-authenticated-users"><a href="#redirecting-authenticated-users">Redirecting Authenticated Users</a></h4> <p>When the <code>guest</code> middleware detects an authenticated user, it will redirect the user to the <code>dashboard</code> or <code>home</code> named route. You may modify this behavior using the <code>redirectUsersTo</code> method within your application's <code>bootstrap/app.php</code> file:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Http\</span><span style="color: #FFCB8B;">Request</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">withMiddleware</span><span style="color: #BFC7D5;">(</span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">(</span><span style="color: #FFCB8B;">Middleware</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$middleware</span><span style="color: #D9F5DD;">)</span><span style="color: #BFC7D5;"> {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">4</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$middleware</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">redirectUsersTo</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">/panel</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">);</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">5</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">6</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> Using a closure...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">7</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$middleware</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">redirectUsersTo</span><span style="color: #BFC7D5;">(</span><span style="color: #C792EA;">fn</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">(</span><span style="color: #FFCB8B;">Request</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$request</span><span style="color: #D9F5DD;">)</span><span style="color: #BFC7D5;"> => </span><span style="color: #82AAFF;">route</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">panel</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">));</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">8</span><span style="color: #BFC7D5;">})</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> use Illuminate\Http\Request; ->withMiddleware(function (Middleware $middleware) { $middleware->redirectUsersTo('/panel'); // Using a closure... $middleware->redirectUsersTo(fn (Request $request) => route('panel')); })</div></code></pre> </div> <h4 id="specifying-a-guard"><a href="#specifying-a-guard">Specifying a Guard</a></h4> <p>When attaching the <code>auth</code> middleware to a route, you may also specify which "guard" should be used to authenticate the user. The guard specified should correspond to one of the keys in the <code>guards</code> array of your <code>auth.php</code> configuration file:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #FFCB8B;">Route</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">get</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">/flights</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">, </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">()</span><span style="color: #BFC7D5;"> {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> Only authenticated users may access this route...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #BFC7D5;">})</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">middleware</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">auth:admin</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">);</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> Route::get('/flights', function () { // Only authenticated users may access this route... })->middleware('auth:admin');</div></code></pre> </div> <h3 id="login-throttling"><a href="#login-throttling">Login Throttling</a></h3> <p>If you are using one of our <a href="/docs/12.x/starter-kits">application starter kits</a>, rate limiting will automatically be applied to login attempts. By default, the user will not be able to login for one minute if they fail to provide the correct credentials after several attempts. The throttling is unique to the user's username / email address and their IP address.</p> <div class="flex flex-col p-3 mb-10 space-y-4 text-base leading-normal border rounded-md lg:flex-row lg:space-y-0 lg:space-x-4 border-sand-light-5 callout dark:border-sand-dark-5 dark:text-sand-light-3 text-sand-dark-3"> <div class="w-8 h-8 p-2 rounded-xs flex items-center justify-center shrink-0 bg-[#8D54C5]"> <svg width="16" height="21" viewBox="0 0 16 21" fill="none" xmlns="http://www.w3.org/2000/svg"> <path d="M5 20H11M5.5 14H10.5M15 8C15 4.13401 11.866 1 8 1C4.13401 1 1 4.13401 1 8C1 10.7924 2.63505 13.2029 5 14.3264V17H11V14.3264C13.3649 13.2029 15 10.7924 15 8Z" stroke="#FDFDFC" stroke-width="1.5" stroke-linecap="square"/> </svg> </div> <p class="callout"> If you would like to rate limit other routes in your application, check out the <a href="/docs/12.x/routing#rate-limiting">rate limiting documentation</a>.</p> </div> <h2 id="authenticating-users"><a href="#authenticating-users">Manually Authenticating Users</a></h2> <p>You are not required to use the authentication scaffolding included with Laravel's <a href="/docs/12.x/starter-kits">application starter kits</a>. If you choose not to use this scaffolding, you will need to manage user authentication using the Laravel authentication classes directly. Don't worry, it's a cinch!</p> <p>We will access Laravel's authentication services via the <code>Auth</code> <a href="/docs/12.x/facades">facade</a>, so we'll need to make sure to import the <code>Auth</code> facade at the top of the class. Next, let's check out the <code>attempt</code> method. The <code>attempt</code> method is normally used to handle authentication attempts from your application's "login" form. If authentication is successful, you should regenerate the user's <a href="/docs/12.x/session">session</a> to prevent <a href="https://en.wikipedia.org/wiki/Session_fixation">session fixation</a>:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 1</span><span style="color: #D3423E;"><?php</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 2</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 3</span><span style="color: #C792EA;">namespace</span><span style="color: #BFC7D5;"> App\Http\Controllers;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 4</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 5</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Http\</span><span style="color: #FFCB8B;">Request</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 6</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Http\</span><span style="color: #FFCB8B;">RedirectResponse</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 7</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Support\Facades\</span><span style="color: #FFCB8B;">Auth</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 8</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 9</span><span style="color: #C792EA;">class</span><span style="color: #BFC7D5;"> </span><span style="color: #FFCB6B;">LoginController</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">extends</span><span style="color: #BFC7D5;"> </span><span style="color: #A9C77D;">Controller</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">10</span><span style="color: #BFC7D5;">{</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">11</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">/**</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">12</span><span style="color: #697098;"> * Handle an authentication attempt.</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">13</span><span style="color: #697098;"> </span><span style="color: #697098;">*/</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">14</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">public</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">authenticate</span><span style="color: #D9F5DD;">(</span><span style="color: #FFCB8B;">Request</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$request</span><span style="color: #D9F5DD;">)</span><span style="color: #89DDFF;">:</span><span style="color: #BFC7D5;"> </span><span style="color: #FFCB8B;">RedirectResponse</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">15</span><span style="color: #BFC7D5;"> {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">16</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$credentials</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">=</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$request</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">validate</span><span style="color: #BFC7D5;">([</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">17</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">email</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> [</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">required</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">, </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">email</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">],</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">18</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">password</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> [</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">required</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">],</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">19</span><span style="color: #BFC7D5;"> ]);</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">20</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">21</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">if</span><span style="color: #BFC7D5;"> (</span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">attempt</span><span style="color: #BFC7D5;">(</span><span style="color: #BEC5D4;">$credentials</span><span style="color: #BFC7D5;">)) {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">22</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$request</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">session</span><span style="color: #BFC7D5;">()</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">regenerate</span><span style="color: #BFC7D5;">();</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">23</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">24</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">return</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">redirect</span><span style="color: #BFC7D5;">()</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">intended</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">dashboard</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">);</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">25</span><span style="color: #BFC7D5;"> }</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">26</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">27</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">return</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">back</span><span style="color: #BFC7D5;">()</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">withErrors</span><span style="color: #BFC7D5;">([</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">28</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">email</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">The provided credentials do not match our records.</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">,</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">29</span><span style="color: #BFC7D5;"> ])</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">onlyInput</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">email</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">);</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">30</span><span style="color: #BFC7D5;"> }</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">31</span><span style="color: #BFC7D5;">}</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> <?php namespace App\Http\Controllers; use Illuminate\Http\Request; use Illuminate\Http\RedirectResponse; use Illuminate\Support\Facades\Auth; class LoginController extends Controller { /** * Handle an authentication attempt. */ public function authenticate(Request $request): RedirectResponse { $credentials = $request->validate([ 'email' => ['required', 'email'], 'password' => ['required'], ]); if (Auth::attempt($credentials)) { $request->session()->regenerate(); return redirect()->intended('dashboard'); } return back()->withErrors([ 'email' => 'The provided credentials do not match our records.', ])->onlyInput('email'); } }</div></code></pre> </div> <p>The <code>attempt</code> method accepts an array of key / value pairs as its first argument. The values in the array will be used to find the user in your database table. So, in the example above, the user will be retrieved by the value of the <code>email</code> column. If the user is found, the hashed password stored in the database will be compared with the <code>password</code> value passed to the method via the array. You should not hash the incoming request's <code>password</code> value, since the framework will automatically hash the value before comparing it to the hashed password in the database. An authenticated session will be started for the user if the two hashed passwords match.</p> <p>Remember, Laravel's authentication services will retrieve users from your database based on your authentication guard's "provider" configuration. In the default <code>config/auth.php</code> configuration file, the Eloquent user provider is specified and it is instructed to use the <code>App\Models\User</code> model when retrieving users. You may change these values within your configuration file based on the needs of your application.</p> <p>The <code>attempt</code> method will return <code>true</code> if authentication was successful. Otherwise, <code>false</code> will be returned.</p> <p>The <code>intended</code> method provided by Laravel's redirector will redirect the user to the URL they were attempting to access before being intercepted by the authentication middleware. A fallback URI may be given to this method in case the intended destination is not available.</p> <h4 id="specifying-additional-conditions"><a href="#specifying-additional-conditions">Specifying Additional Conditions</a></h4> <p>If you wish, you may also add extra query conditions to the authentication query in addition to the user's email and password. To accomplish this, we may simply add the query conditions to the array passed to the <code>attempt</code> method. For example, we may verify that the user is marked as "active":</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #C792EA;">if</span><span style="color: #BFC7D5;"> (</span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">attempt</span><span style="color: #BFC7D5;">([</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">email</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$email</span><span style="color: #BFC7D5;">, </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">password</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$password</span><span style="color: #BFC7D5;">, </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">active</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> </span><span style="color: #F78C6C;">1</span><span style="color: #BFC7D5;">])) {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> Authentication was successful...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #BFC7D5;">}</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> if (Auth::attempt(['email' => $email, 'password' => $password, 'active' => 1])) { // Authentication was successful... }</div></code></pre> </div> <p>For complex query conditions, you may provide a closure in your array of credentials. This closure will be invoked with the query instance, allowing you to customize the query based on your application's needs:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Database\Eloquent\</span><span style="color: #FFCB8B;">Builder</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #C792EA;">if</span><span style="color: #BFC7D5;"> (</span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">attempt</span><span style="color: #BFC7D5;">([</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">4</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">email</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$email</span><span style="color: #BFC7D5;">,</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">5</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">password</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$password</span><span style="color: #BFC7D5;">,</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">6</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">fn</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">(</span><span style="color: #FFCB8B;">Builder</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$query</span><span style="color: #D9F5DD;">)</span><span style="color: #BFC7D5;"> => </span><span style="color: #BEC5D4;">$query</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">has</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">activeSubscription</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">),</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">7</span><span style="color: #BFC7D5;">])) {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">8</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> Authentication was successful...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">9</span><span style="color: #BFC7D5;">}</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> use Illuminate\Database\Eloquent\Builder; if (Auth::attempt([ 'email' => $email, 'password' => $password, fn (Builder $query) => $query->has('activeSubscription'), ])) { // Authentication was successful... }</div></code></pre> </div> <div class="flex flex-col p-3 mb-10 space-y-4 text-base leading-normal border rounded-md lg:flex-row lg:space-y-0 lg:space-x-4 border-sand-light-5 callout dark:border-sand-dark-5 dark:text-sand-light-3 text-sand-dark-3"> <div class="w-8 h-8 p-2 rounded-xs flex items-center justify-center shrink-0 bg-[#F53003]"> <svg width="2" height="18" viewBox="0 0 2 18" fill="none" xmlns="http://www.w3.org/2000/svg"> <path d="M1 17V16.99M1 1V13" stroke="#FDFDFC" stroke-width="2" stroke-linecap="square"/> </svg> </div> <p class="callout"> In these examples, <code>email</code> is not a required option, it is merely used as an example. You should use whatever column name corresponds to a "username" in your database table.</p> </div> <p>The <code>attemptWhen</code> method, which receives a closure as its second argument, may be used to perform more extensive inspection of the potential user before actually authenticating the user. The closure receives the potential user and should return <code>true</code> or <code>false</code> to indicate if the user may be authenticated:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #C792EA;">if</span><span style="color: #BFC7D5;"> (</span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">attemptWhen</span><span style="color: #BFC7D5;">([</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">email</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$email</span><span style="color: #BFC7D5;">,</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">password</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$password</span><span style="color: #BFC7D5;">,</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">4</span><span style="color: #BFC7D5;">], </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">(</span><span style="color: #FFCB8B;">User</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$user</span><span style="color: #D9F5DD;">)</span><span style="color: #BFC7D5;"> {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">5</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">return</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$user</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">isNotBanned</span><span style="color: #BFC7D5;">();</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">6</span><span style="color: #BFC7D5;">})) {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">7</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> Authentication was successful...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">8</span><span style="color: #BFC7D5;">}</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> if (Auth::attemptWhen([ 'email' => $email, 'password' => $password, ], function (User $user) { return $user->isNotBanned(); })) { // Authentication was successful... }</div></code></pre> </div> <h4 id="accessing-specific-guard-instances"><a href="#accessing-specific-guard-instances">Accessing Specific Guard Instances</a></h4> <p>Via the <code>Auth</code> facade's <code>guard</code> method, you may specify which guard instance you would like to utilize when authenticating the user. This allows you to manage authentication for separate parts of your application using entirely separate authenticatable models or user tables.</p> <p>The guard name passed to the <code>guard</code> method should correspond to one of the guards configured in your <code>auth.php</code> configuration file:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #C792EA;">if</span><span style="color: #BFC7D5;"> (</span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">guard</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">admin</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">)</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">attempt</span><span style="color: #BFC7D5;">(</span><span style="color: #BEC5D4;">$credentials</span><span style="color: #BFC7D5;">)) {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> ...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #BFC7D5;">}</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> if (Auth::guard('admin')->attempt($credentials)) { // ... }</div></code></pre> </div> <h3 id="remembering-users"><a href="#remembering-users">Remembering Users</a></h3> <p>Many web applications provide a "remember me" checkbox on their login form. If you would like to provide "remember me" functionality in your application, you may pass a boolean value as the second argument to the <code>attempt</code> method.</p> <p>When this value is <code>true</code>, Laravel will keep the user authenticated indefinitely or until they manually logout. Your <code>users</code> table must include the string <code>remember_token</code> column, which will be used to store the "remember me" token. The <code>users</code> table migration included with new Laravel applications already includes this column:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Support\Facades\</span><span style="color: #FFCB8B;">Auth</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #C792EA;">if</span><span style="color: #BFC7D5;"> (</span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">attempt</span><span style="color: #BFC7D5;">([</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">email</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$email</span><span style="color: #BFC7D5;">, </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">password</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$password</span><span style="color: #BFC7D5;">], </span><span style="color: #BEC5D4;">$remember</span><span style="color: #BFC7D5;">)) {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">4</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> The user is being remembered...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">5</span><span style="color: #BFC7D5;">}</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> use Illuminate\Support\Facades\Auth; if (Auth::attempt(['email' => $email, 'password' => $password], $remember)) { // The user is being remembered... }</div></code></pre> </div> <p>If your application offers "remember me" functionality, you may use the <code>viaRemember</code> method to determine if the currently authenticated user was authenticated using the "remember me" cookie:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Support\Facades\</span><span style="color: #FFCB8B;">Auth</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #C792EA;">if</span><span style="color: #BFC7D5;"> (</span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">viaRemember</span><span style="color: #BFC7D5;">()) {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">4</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> ...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">5</span><span style="color: #BFC7D5;">}</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> use Illuminate\Support\Facades\Auth; if (Auth::viaRemember()) { // ... }</div></code></pre> </div> <h3 id="other-authentication-methods"><a href="#other-authentication-methods">Other Authentication Methods</a></h3> <h4 id="authenticate-a-user-instance"><a href="#authenticate-a-user-instance">Authenticate a User Instance</a></h4> <p>If you need to set an existing user instance as the currently authenticated user, you may pass the user instance to the <code>Auth</code> facade's <code>login</code> method. The given user instance must be an implementation of the <code>Illuminate\Contracts\Auth\Authenticatable</code> <a href="/docs/12.x/contracts">contract</a>. The <code>App\Models\User</code> model included with Laravel already implements this interface. This method of authentication is useful when you already have a valid user instance, such as directly after a user registers with your application:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Support\Facades\</span><span style="color: #FFCB8B;">Auth</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">login</span><span style="color: #BFC7D5;">(</span><span style="color: #BEC5D4;">$user</span><span style="color: #BFC7D5;">);</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> use Illuminate\Support\Facades\Auth; Auth::login($user);</div></code></pre> </div> <p>You may pass a boolean value as the second argument to the <code>login</code> method. This value indicates if "remember me" functionality is desired for the authenticated session. Remember, this means that the session will be authenticated indefinitely or until the user manually logs out of the application:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">login</span><span style="color: #BFC7D5;">(</span><span style="color: #BEC5D4;">$user</span><span style="color: #BFC7D5;">, </span><span style="color: #BEC5D4;">$remember</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">=</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">true</span><span style="color: #BFC7D5;">);</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> Auth::login($user, $remember = true);</div></code></pre> </div> <p>If needed, you may specify an authentication guard before calling the <code>login</code> method:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">guard</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">admin</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">)</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">login</span><span style="color: #BFC7D5;">(</span><span style="color: #BEC5D4;">$user</span><span style="color: #BFC7D5;">);</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> Auth::guard('admin')->login($user);</div></code></pre> </div> <h4 id="authenticate-a-user-by-id"><a href="#authenticate-a-user-by-id">Authenticate a User by ID</a></h4> <p>To authenticate a user using their database record's primary key, you may use the <code>loginUsingId</code> method. This method accepts the primary key of the user you wish to authenticate:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">loginUsingId</span><span style="color: #BFC7D5;">(</span><span style="color: #F78C6C;">1</span><span style="color: #BFC7D5;">);</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> Auth::loginUsingId(1);</div></code></pre> </div> <p>You may pass a boolean value to the <code>remember</code> argument of the <code>loginUsingId</code> method. This value indicates if "remember me" functionality is desired for the authenticated session. Remember, this means that the session will be authenticated indefinitely or until the user manually logs out of the application:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">loginUsingId</span><span style="color: #BFC7D5;">(</span><span style="color: #F78C6C;">1</span><span style="color: #BFC7D5;">, remember: </span><span style="color: #82AAFF;">true</span><span style="color: #BFC7D5;">);</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> Auth::loginUsingId(1, remember: true);</div></code></pre> </div> <h4 id="authenticate-a-user-once"><a href="#authenticate-a-user-once">Authenticate a User Once</a></h4> <p>You may use the <code>once</code> method to authenticate a user with the application for a single request. No sessions or cookies will be utilized when calling this method:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #C792EA;">if</span><span style="color: #BFC7D5;"> (</span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">once</span><span style="color: #BFC7D5;">(</span><span style="color: #BEC5D4;">$credentials</span><span style="color: #BFC7D5;">)) {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> ...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #BFC7D5;">}</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> if (Auth::once($credentials)) { // ... }</div></code></pre> </div> <h2 id="http-basic-authentication"><a href="#http-basic-authentication">HTTP Basic Authentication</a></h2> <p><a href="https://en.wikipedia.org/wiki/Basic_access_authentication">HTTP Basic Authentication</a> provides a quick way to authenticate users of your application without setting up a dedicated "login" page. To get started, attach the <code>auth.basic</code> <a href="/docs/12.x/middleware">middleware</a> to a route. The <code>auth.basic</code> middleware is included with the Laravel framework, so you do not need to define it:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #FFCB8B;">Route</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">get</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">/profile</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">, </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">()</span><span style="color: #BFC7D5;"> {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> Only authenticated users may access this route...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #BFC7D5;">})</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">middleware</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">auth.basic</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">);</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> Route::get('/profile', function () { // Only authenticated users may access this route... })->middleware('auth.basic');</div></code></pre> </div> <p>Once the middleware has been attached to the route, you will automatically be prompted for credentials when accessing the route in your browser. By default, the <code>auth.basic</code> middleware will assume the <code>email</code> column on your <code>users</code> database table is the user's "username".</p> <h4 id="a-note-on-fastcgi"><a href="#a-note-on-fastcgi">A Note on FastCGI</a></h4> <p>If you are using PHP FastCGI and Apache to serve your Laravel application, HTTP Basic authentication may not work correctly. To correct these problems, the following lines may be added to your application's <code>.htaccess</code> file:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="apache" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #C792EA;">RewriteCond</span><span style="color: #BFC7D5;"> </span><span style="color: #80CBC4;">%{HTTP:Authorization}</span><span style="color: #BFC7D5;"> </span><span style="color: #C3E88D;">^(.+)$</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span><span style="color: #C792EA;">RewriteRule</span><span style="color: #BFC7D5;"> </span><span style="color: #80CBC4;">.*</span><span style="color: #BFC7D5;"> </span><span style="color: #C3E88D;">-</span><span style="color: #BFC7D5;"> [E=HTTP_AUTHORIZATION:%{</span><span style="color: #FFCB6B;">HTTP:Authorization</span><span style="color: #BFC7D5;">}]</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> RewriteCond %{HTTP:Authorization} ^(.+)$ RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]</div></code></pre> </div> <h3 id="stateless-http-basic-authentication"><a href="#stateless-http-basic-authentication">Stateless HTTP Basic Authentication</a></h3> <p>You may also use HTTP Basic Authentication without setting a user identifier cookie in the session. This is primarily helpful if you choose to use HTTP Authentication to authenticate requests to your application's API. To accomplish this, <a href="/docs/12.x/middleware">define a middleware</a> that calls the <code>onceBasic</code> method. If no response is returned by the <code>onceBasic</code> method, the request may be passed further into the application:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 1</span><span style="color: #D3423E;"><?php</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 2</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 3</span><span style="color: #C792EA;">namespace</span><span style="color: #BFC7D5;"> App\Http\Middleware;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 4</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 5</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> </span><span style="color: #FFCB8B;">Closure</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 6</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Http\</span><span style="color: #FFCB8B;">Request</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 7</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Support\Facades\</span><span style="color: #FFCB8B;">Auth</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 8</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Symfony\Component\HttpFoundation\</span><span style="color: #FFCB8B;">Response</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 9</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">10</span><span style="color: #C792EA;">class</span><span style="color: #BFC7D5;"> </span><span style="color: #FFCB6B;">AuthenticateOnceWithBasicAuth</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">11</span><span style="color: #BFC7D5;">{</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">12</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">/**</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">13</span><span style="color: #697098;"> * Handle an incoming request.</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">14</span><span style="color: #697098;"> *</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">15</span><span style="color: #697098;"> * </span><span style="color: #C792EA;">@param</span><span style="color: #697098;"> </span><span style="color: #697098;">\</span><span style="color: #FFCB8B;">Closure</span><span style="color: #697098;">(\</span><span style="color: #697098;">Illuminate</span><span style="color: #697098;">\</span><span style="color: #697098;">Http</span><span style="color: #697098;">\</span><span style="color: #FFCB8B;">Request</span><span style="color: #697098;">): </span><span style="color: #697098;">(\</span><span style="color: #697098;">Symfony</span><span style="color: #697098;">\</span><span style="color: #697098;">Component</span><span style="color: #697098;">\</span><span style="color: #697098;">HttpFoundation</span><span style="color: #697098;">\</span><span style="color: #FFCB8B;">Response</span><span style="color: #697098;">) $</span><span style="color: #FFCB8B;">next</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">16</span><span style="color: #697098;"> </span><span style="color: #697098;">*/</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">17</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">public</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">handle</span><span style="color: #D9F5DD;">(</span><span style="color: #FFCB8B;">Request</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$request</span><span style="color: #BFC7D5;">, </span><span style="color: #FFCB8B;">Closure</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$next</span><span style="color: #D9F5DD;">)</span><span style="color: #89DDFF;">:</span><span style="color: #BFC7D5;"> </span><span style="color: #FFCB8B;">Response</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">18</span><span style="color: #BFC7D5;"> {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">19</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">return</span><span style="color: #BFC7D5;"> </span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">onceBasic</span><span style="color: #BFC7D5;">() </span><span style="color: #89DDFF;">?:</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$next</span><span style="color: #BFC7D5;">(</span><span style="color: #BEC5D4;">$request</span><span style="color: #BFC7D5;">);</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">20</span><span style="color: #BFC7D5;"> }</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">21</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">22</span><span style="color: #BFC7D5;">}</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> <?php namespace App\Http\Middleware; use Closure; use Illuminate\Http\Request; use Illuminate\Support\Facades\Auth; use Symfony\Component\HttpFoundation\Response; class AuthenticateOnceWithBasicAuth { /** * Handle an incoming request. * * @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next */ public function handle(Request $request, Closure $next): Response { return Auth::onceBasic() ?: $next($request); } }</div></code></pre> </div> <p>Next, attach the middleware to a route:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #FFCB8B;">Route</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">get</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">/api/user</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">, </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">()</span><span style="color: #BFC7D5;"> {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> Only authenticated users may access this route...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #BFC7D5;">})</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">middleware</span><span style="color: #BFC7D5;">(</span><span style="color: #FFCB8B;">AuthenticateOnceWithBasicAuth</span><span style="color: #89DDFF;">::</span><span style="color: #C792EA;">class</span><span style="color: #BFC7D5;">);</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> Route::get('/api/user', function () { // Only authenticated users may access this route... })->middleware(AuthenticateOnceWithBasicAuth::class);</div></code></pre> </div> <h2 id="logging-out"><a href="#logging-out">Logging Out</a></h2> <p>To manually log users out of your application, you may use the <code>logout</code> method provided by the <code>Auth</code> facade. This will remove the authentication information from the user's session so that subsequent requests are not authenticated.</p> <p>In addition to calling the <code>logout</code> method, it is recommended that you invalidate the user's session and regenerate their <a href="/docs/12.x/csrf">CSRF token</a>. After logging the user out, you would typically redirect the user to the root of your application:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 1</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Http\</span><span style="color: #FFCB8B;">Request</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 2</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Http\</span><span style="color: #FFCB8B;">RedirectResponse</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 3</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Support\Facades\</span><span style="color: #FFCB8B;">Auth</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 4</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 5</span><span style="color: #697098;">/**</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 6</span><span style="color: #697098;"> * Log the user out of the application.</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 7</span><span style="color: #697098;"> </span><span style="color: #697098;">*/</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 8</span><span style="color: #C792EA;">public</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">logout</span><span style="color: #D9F5DD;">(</span><span style="color: #FFCB8B;">Request</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$request</span><span style="color: #D9F5DD;">)</span><span style="color: #89DDFF;">:</span><span style="color: #BFC7D5;"> </span><span style="color: #FFCB8B;">RedirectResponse</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 9</span><span style="color: #BFC7D5;">{</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">10</span><span style="color: #BFC7D5;"> </span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">logout</span><span style="color: #BFC7D5;">();</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">11</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">12</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$request</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">session</span><span style="color: #BFC7D5;">()</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">invalidate</span><span style="color: #BFC7D5;">();</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">13</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">14</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$request</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">session</span><span style="color: #BFC7D5;">()</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">regenerateToken</span><span style="color: #BFC7D5;">();</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">15</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">16</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">return</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">redirect</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">/</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">);</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">17</span><span style="color: #BFC7D5;">}</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> use Illuminate\Http\Request; use Illuminate\Http\RedirectResponse; use Illuminate\Support\Facades\Auth; /** * Log the user out of the application. */ public function logout(Request $request): RedirectResponse { Auth::logout(); $request->session()->invalidate(); $request->session()->regenerateToken(); return redirect('/'); }</div></code></pre> </div> <h3 id="invalidating-sessions-on-other-devices"><a href="#invalidating-sessions-on-other-devices">Invalidating Sessions on Other Devices</a></h3> <p>Laravel also provides a mechanism for invalidating and "logging out" a user's sessions that are active on other devices without invalidating the session on their current device. This feature is typically utilized when a user is changing or updating their password and you would like to invalidate sessions on other devices while keeping the current device authenticated.</p> <p>Before getting started, you should make sure that the <code>Illuminate\Session\Middleware\AuthenticateSession</code> middleware is included on the routes that should receive session authentication. Typically, you should place this middleware on a route group definition so that it can be applied to the majority of your application's routes. By default, the <code>AuthenticateSession</code> middleware may be attached to a route using the <code>auth.session</code> <a href="/docs/12.x/middleware#middleware-aliases">middleware alias</a>:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #FFCB8B;">Route</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">middleware</span><span style="color: #BFC7D5;">([</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">auth</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">, </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">auth.session</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">])</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">group</span><span style="color: #BFC7D5;">(</span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">()</span><span style="color: #BFC7D5;"> {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span><span style="color: #BFC7D5;"> </span><span style="color: #FFCB8B;">Route</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">get</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">/</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">, </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">()</span><span style="color: #BFC7D5;"> {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> ...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">4</span><span style="color: #BFC7D5;"> });</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">5</span><span style="color: #BFC7D5;">});</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> Route::middleware(['auth', 'auth.session'])->group(function () { Route::get('/', function () { // ... }); });</div></code></pre> </div> <p>Then, you may use the <code>logoutOtherDevices</code> method provided by the <code>Auth</code> facade. This method requires the user to confirm their current password, which your application should accept through an input form:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Support\Facades\</span><span style="color: #FFCB8B;">Auth</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">logoutOtherDevices</span><span style="color: #BFC7D5;">(</span><span style="color: #BEC5D4;">$currentPassword</span><span style="color: #BFC7D5;">);</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> use Illuminate\Support\Facades\Auth; Auth::logoutOtherDevices($currentPassword);</div></code></pre> </div> <p>When the <code>logoutOtherDevices</code> method is invoked, the user's other sessions will be invalidated entirely, meaning they will be "logged out" of all guards they were previously authenticated by.</p> <h2 id="password-confirmation"><a href="#password-confirmation">Password Confirmation</a></h2> <p>While building your application, you may occasionally have actions that should require the user to confirm their password before the action is performed or before the user is redirected to a sensitive area of the application. Laravel includes built-in middleware to make this process a breeze. Implementing this feature will require you to define two routes: one route to display a view asking the user to confirm their password and another route to confirm that the password is valid and redirect the user to their intended destination.</p> <div class="flex flex-col p-3 mb-10 space-y-4 text-base leading-normal border rounded-md lg:flex-row lg:space-y-0 lg:space-x-4 border-sand-light-5 callout dark:border-sand-dark-5 dark:text-sand-light-3 text-sand-dark-3"> <div class="w-8 h-8 p-2 rounded-xs flex items-center justify-center shrink-0 bg-[#8D54C5]"> <svg width="16" height="21" viewBox="0 0 16 21" fill="none" xmlns="http://www.w3.org/2000/svg"> <path d="M5 20H11M5.5 14H10.5M15 8C15 4.13401 11.866 1 8 1C4.13401 1 1 4.13401 1 8C1 10.7924 2.63505 13.2029 5 14.3264V17H11V14.3264C13.3649 13.2029 15 10.7924 15 8Z" stroke="#FDFDFC" stroke-width="1.5" stroke-linecap="square"/> </svg> </div> <p class="callout"> The following documentation discusses how to integrate with Laravel's password confirmation features directly; however, if you would like to get started more quickly, the <a href="/docs/12.x/starter-kits">Laravel application starter kits</a> include support for this feature!</p> </div> <h3 id="password-confirmation-configuration"><a href="#password-confirmation-configuration">Configuration</a></h3> <p>After confirming their password, a user will not be asked to confirm their password again for three hours. However, you may configure the length of time before the user is re-prompted for their password by changing the value of the <code>password_timeout</code> configuration value within your application's <code>config/auth.php</code> configuration file.</p> <h3 id="password-confirmation-routing"><a href="#password-confirmation-routing">Routing</a></h3> <h4 id="the-password-confirmation-form"><a href="#the-password-confirmation-form">The Password Confirmation Form</a></h4> <p>First, we will define a route to display a view that requests the user to confirm their password:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #FFCB8B;">Route</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">get</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">/confirm-password</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">, </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">()</span><span style="color: #BFC7D5;"> {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">return</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">view</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">auth.confirm-password</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">);</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #BFC7D5;">})</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">middleware</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">auth</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">)</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">name</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">password.confirm</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">);</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> Route::get('/confirm-password', function () { return view('auth.confirm-password'); })->middleware('auth')->name('password.confirm');</div></code></pre> </div> <p>As you might expect, the view that is returned by this route should have a form containing a <code>password</code> field. In addition, feel free to include text within the view that explains that the user is entering a protected area of the application and must confirm their password.</p> <h4 id="confirming-the-password"><a href="#confirming-the-password">Confirming the Password</a></h4> <p>Next, we will define a route that will handle the form request from the "confirm password" view. This route will be responsible for validating the password and redirecting the user to their intended destination:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 1</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Http\</span><span style="color: #FFCB8B;">Request</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 2</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Support\Facades\</span><span style="color: #FFCB8B;">Hash</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 3</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Support\Facades\</span><span style="color: #FFCB8B;">Redirect</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 4</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 5</span><span style="color: #FFCB8B;">Route</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">post</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">/confirm-password</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">, </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">(</span><span style="color: #FFCB8B;">Request</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$request</span><span style="color: #D9F5DD;">)</span><span style="color: #BFC7D5;"> {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 6</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">if</span><span style="color: #BFC7D5;"> (</span><span style="color: #C792EA;">!</span><span style="color: #BFC7D5;"> </span><span style="color: #FFCB8B;">Hash</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">check</span><span style="color: #BFC7D5;">(</span><span style="color: #BEC5D4;">$request</span><span style="color: #89DDFF;">->password</span><span style="color: #BFC7D5;">, </span><span style="color: #BEC5D4;">$request</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">user</span><span style="color: #BFC7D5;">()</span><span style="color: #89DDFF;">->password</span><span style="color: #BFC7D5;">)) {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 7</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">return</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">back</span><span style="color: #BFC7D5;">()</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">withErrors</span><span style="color: #BFC7D5;">([</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 8</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">password</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> [</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">The provided password does not match our records.</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">]</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 9</span><span style="color: #BFC7D5;"> ]);</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">10</span><span style="color: #BFC7D5;"> }</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">11</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">12</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$request</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">session</span><span style="color: #BFC7D5;">()</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">passwordConfirmed</span><span style="color: #BFC7D5;">();</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">13</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">14</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">return</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">redirect</span><span style="color: #BFC7D5;">()</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">intended</span><span style="color: #BFC7D5;">();</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">15</span><span style="color: #BFC7D5;">})</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">middleware</span><span style="color: #BFC7D5;">([</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">auth</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">, </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">throttle:6,1</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">]);</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> use Illuminate\Http\Request; use Illuminate\Support\Facades\Hash; use Illuminate\Support\Facades\Redirect; Route::post('/confirm-password', function (Request $request) { if (! Hash::check($request->password, $request->user()->password)) { return back()->withErrors([ 'password' => ['The provided password does not match our records.'] ]); } $request->session()->passwordConfirmed(); return redirect()->intended(); })->middleware(['auth', 'throttle:6,1']);</div></code></pre> </div> <p>Before moving on, let's examine this route in more detail. First, the request's <code>password</code> field is determined to actually match the authenticated user's password. If the password is valid, we need to inform Laravel's session that the user has confirmed their password. The <code>passwordConfirmed</code> method will set a timestamp in the user's session that Laravel can use to determine when the user last confirmed their password. Finally, we can redirect the user to their intended destination.</p> <h3 id="password-confirmation-protecting-routes"><a href="#password-confirmation-protecting-routes">Protecting Routes</a></h3> <p>You should ensure that any route that performs an action which requires recent password confirmation is assigned the <code>password.confirm</code> middleware. This middleware is included with the default installation of Laravel and will automatically store the user's intended destination in the session so that the user may be redirected to that location after confirming their password. After storing the user's intended destination in the session, the middleware will redirect the user to the <code>password.confirm</code> <a href="/docs/12.x/routing#named-routes">named route</a>:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #FFCB8B;">Route</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">get</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">/settings</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">, </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">()</span><span style="color: #BFC7D5;"> {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> ...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #BFC7D5;">})</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">middleware</span><span style="color: #BFC7D5;">([</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">password.confirm</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">]);</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">4</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">5</span><span style="color: #FFCB8B;">Route</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">post</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">/settings</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">, </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">()</span><span style="color: #BFC7D5;"> {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">6</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> ...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">7</span><span style="color: #BFC7D5;">})</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">middleware</span><span style="color: #BFC7D5;">([</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">password.confirm</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">]);</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> Route::get('/settings', function () { // ... })->middleware(['password.confirm']); Route::post('/settings', function () { // ... })->middleware(['password.confirm']);</div></code></pre> </div> <h2 id="adding-custom-guards"><a href="#adding-custom-guards">Adding Custom Guards</a></h2> <p>You may define your own authentication guards using the <code>extend</code> method on the <code>Auth</code> facade. You should place your call to the <code>extend</code> method within a <a href="/docs/12.x/providers">service provider</a>. Since Laravel already ships with an <code>AppServiceProvider</code>, we can place the code in that provider:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 1</span><span style="color: #D3423E;"><?php</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 2</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 3</span><span style="color: #C792EA;">namespace</span><span style="color: #BFC7D5;"> App\Providers;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 4</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 5</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> App\Services\Auth\</span><span style="color: #FFCB8B;">JwtGuard</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 6</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Contracts\Foundation\</span><span style="color: #FFCB8B;">Application</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 7</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Support\Facades\</span><span style="color: #FFCB8B;">Auth</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 8</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Support\</span><span style="color: #FFCB8B;">ServiceProvider</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 9</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">10</span><span style="color: #C792EA;">class</span><span style="color: #BFC7D5;"> </span><span style="color: #FFCB6B;">AppServiceProvider</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">extends</span><span style="color: #BFC7D5;"> </span><span style="color: #A9C77D;">ServiceProvider</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">11</span><span style="color: #BFC7D5;">{</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">12</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> ...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">13</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">14</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">/**</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">15</span><span style="color: #697098;"> * Bootstrap any application services.</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">16</span><span style="color: #697098;"> </span><span style="color: #697098;">*/</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">17</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">public</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">boot</span><span style="color: #D9F5DD;">()</span><span style="color: #89DDFF;">:</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">void</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">18</span><span style="color: #BFC7D5;"> {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">19</span><span style="color: #BFC7D5;"> </span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">extend</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">jwt</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">, </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">(</span><span style="color: #FFCB8B;">Application</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$app</span><span style="color: #BFC7D5;">, </span><span style="color: #C792EA;">string</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$name</span><span style="color: #BFC7D5;">, </span><span style="color: #C792EA;">array</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$config</span><span style="color: #D9F5DD;">)</span><span style="color: #BFC7D5;"> {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">20</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> Return an instance of Illuminate\Contracts\Auth\Guard...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">21</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">22</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">return</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">new</span><span style="color: #BFC7D5;"> </span><span style="color: #FFCB8B;">JwtGuard</span><span style="color: #BFC7D5;">(</span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">createUserProvider</span><span style="color: #BFC7D5;">(</span><span style="color: #BEC5D4;">$config</span><span style="color: #BFC7D5;">[</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">provider</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">]));</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">23</span><span style="color: #BFC7D5;"> });</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">24</span><span style="color: #BFC7D5;"> }</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">25</span><span style="color: #BFC7D5;">}</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> <?php namespace App\Providers; use App\Services\Auth\JwtGuard; use Illuminate\Contracts\Foundation\Application; use Illuminate\Support\Facades\Auth; use Illuminate\Support\ServiceProvider; class AppServiceProvider extends ServiceProvider { // ... /** * Bootstrap any application services. */ public function boot(): void { Auth::extend('jwt', function (Application $app, string $name, array $config) { // Return an instance of Illuminate\Contracts\Auth\Guard... return new JwtGuard(Auth::createUserProvider($config['provider'])); }); } }</div></code></pre> </div> <p>As you can see in the example above, the callback passed to the <code>extend</code> method should return an implementation of <code>Illuminate\Contracts\Auth\Guard</code>. This interface contains a few methods you will need to implement to define a custom guard. Once your custom guard has been defined, you may reference the guard in the <code>guards</code> configuration of your <code>auth.php</code> configuration file:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">guards</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> [</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">api</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> [</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">driver</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">jwt</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">,</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">4</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">provider</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">users</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">,</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">5</span><span style="color: #BFC7D5;"> ],</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">6</span><span style="color: #BFC7D5;">],</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> 'guards' => [ 'api' => [ 'driver' => 'jwt', 'provider' => 'users', ], ],</div></code></pre> </div> <h3 id="closure-request-guards"><a href="#closure-request-guards">Closure Request Guards</a></h3> <p>The simplest way to implement a custom, HTTP request based authentication system is by using the <code>Auth::viaRequest</code> method. This method allows you to quickly define your authentication process using a single closure.</p> <p>To get started, call the <code>Auth::viaRequest</code> method within the <code>boot</code> method of your application's <code>AppServiceProvider</code>. The <code>viaRequest</code> method accepts an authentication driver name as its first argument. This name can be any string that describes your custom guard. The second argument passed to the method should be a closure that receives the incoming HTTP request and returns a user instance or, if authentication fails, <code>null</code>:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 1</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> App\Models\</span><span style="color: #FFCB8B;">User</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 2</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Http\</span><span style="color: #FFCB8B;">Request</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 3</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Support\Facades\</span><span style="color: #FFCB8B;">Auth</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 4</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 5</span><span style="color: #697098;">/**</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 6</span><span style="color: #697098;"> * Bootstrap any application services.</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 7</span><span style="color: #697098;"> </span><span style="color: #697098;">*/</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 8</span><span style="color: #C792EA;">public</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">boot</span><span style="color: #D9F5DD;">()</span><span style="color: #89DDFF;">:</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">void</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 9</span><span style="color: #BFC7D5;">{</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">10</span><span style="color: #BFC7D5;"> </span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">viaRequest</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">custom-token</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">, </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">(</span><span style="color: #FFCB8B;">Request</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$request</span><span style="color: #D9F5DD;">)</span><span style="color: #BFC7D5;"> {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">11</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">return</span><span style="color: #BFC7D5;"> </span><span style="color: #FFCB8B;">User</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">where</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">token</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">, (</span><span style="color: #C792EA;">string</span><span style="color: #BFC7D5;">) </span><span style="color: #BEC5D4;">$request</span><span style="color: #89DDFF;">->token</span><span style="color: #BFC7D5;">)</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">first</span><span style="color: #BFC7D5;">();</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">12</span><span style="color: #BFC7D5;"> });</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">13</span><span style="color: #BFC7D5;">}</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> use App\Models\User; use Illuminate\Http\Request; use Illuminate\Support\Facades\Auth; /** * Bootstrap any application services. */ public function boot(): void { Auth::viaRequest('custom-token', function (Request $request) { return User::where('token', (string) $request->token)->first(); }); }</div></code></pre> </div> <p>Once your custom authentication driver has been defined, you may configure it as a driver within the <code>guards</code> configuration of your <code>auth.php</code> configuration file:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">guards</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> [</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">api</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> [</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">driver</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">custom-token</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">,</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">4</span><span style="color: #BFC7D5;"> ],</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">5</span><span style="color: #BFC7D5;">],</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> 'guards' => [ 'api' => [ 'driver' => 'custom-token', ], ],</div></code></pre> </div> <p>Finally, you may reference the guard when assigning the authentication middleware to a route:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #FFCB8B;">Route</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">middleware</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">auth:api</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">)</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">group</span><span style="color: #BFC7D5;">(</span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">()</span><span style="color: #BFC7D5;"> {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> ...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #BFC7D5;">});</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> Route::middleware('auth:api')->group(function () { // ... });</div></code></pre> </div> <h2 id="adding-custom-user-providers"><a href="#adding-custom-user-providers">Adding Custom User Providers</a></h2> <p>If you are not using a traditional relational database to store your users, you will need to extend Laravel with your own authentication user provider. We will use the <code>provider</code> method on the <code>Auth</code> facade to define a custom user provider. The user provider resolver should return an implementation of <code>Illuminate\Contracts\Auth\UserProvider</code>:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 1</span><span style="color: #D3423E;"><?php</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 2</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 3</span><span style="color: #C792EA;">namespace</span><span style="color: #BFC7D5;"> App\Providers;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 4</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 5</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> App\Extensions\</span><span style="color: #FFCB8B;">MongoUserProvider</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 6</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Contracts\Foundation\</span><span style="color: #FFCB8B;">Application</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 7</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Support\Facades\</span><span style="color: #FFCB8B;">Auth</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 8</span><span style="color: #C792EA;">use</span><span style="color: #BFC7D5;"> Illuminate\Support\</span><span style="color: #FFCB8B;">ServiceProvider</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 9</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">10</span><span style="color: #C792EA;">class</span><span style="color: #BFC7D5;"> </span><span style="color: #FFCB6B;">AppServiceProvider</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">extends</span><span style="color: #BFC7D5;"> </span><span style="color: #A9C77D;">ServiceProvider</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">11</span><span style="color: #BFC7D5;">{</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">12</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> ...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">13</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">14</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">/**</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">15</span><span style="color: #697098;"> * Bootstrap any application services.</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">16</span><span style="color: #697098;"> </span><span style="color: #697098;">*/</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">17</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">public</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">boot</span><span style="color: #D9F5DD;">()</span><span style="color: #89DDFF;">:</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">void</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">18</span><span style="color: #BFC7D5;"> {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">19</span><span style="color: #BFC7D5;"> </span><span style="color: #FFCB8B;">Auth</span><span style="color: #89DDFF;">::</span><span style="color: #82AAFF;">provider</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">mongo</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">, </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">(</span><span style="color: #FFCB8B;">Application</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$app</span><span style="color: #BFC7D5;">, </span><span style="color: #C792EA;">array</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$config</span><span style="color: #D9F5DD;">)</span><span style="color: #BFC7D5;"> {</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">20</span><span style="color: #BFC7D5;"> </span><span style="color: #697098;">//</span><span style="color: #697098;"> Return an instance of Illuminate\Contracts\Auth\UserProvider...</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">21</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">22</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">return</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">new</span><span style="color: #BFC7D5;"> </span><span style="color: #FFCB8B;">MongoUserProvider</span><span style="color: #BFC7D5;">(</span><span style="color: #BEC5D4;">$app</span><span style="color: #89DDFF;">-></span><span style="color: #82AAFF;">make</span><span style="color: #BFC7D5;">(</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">mongo.connection</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">));</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">23</span><span style="color: #BFC7D5;"> });</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">24</span><span style="color: #BFC7D5;"> }</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">25</span><span style="color: #BFC7D5;">}</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> <?php namespace App\Providers; use App\Extensions\MongoUserProvider; use Illuminate\Contracts\Foundation\Application; use Illuminate\Support\Facades\Auth; use Illuminate\Support\ServiceProvider; class AppServiceProvider extends ServiceProvider { // ... /** * Bootstrap any application services. */ public function boot(): void { Auth::provider('mongo', function (Application $app, array $config) { // Return an instance of Illuminate\Contracts\Auth\UserProvider... return new MongoUserProvider($app->make('mongo.connection')); }); } }</div></code></pre> </div> <p>After you have registered the provider using the <code>provider</code> method, you may switch to the new user provider in your <code>auth.php</code> configuration file. First, define a <code>provider</code> that uses your new driver:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">providers</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> [</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">users</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> [</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">driver</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">mongo</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">,</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">4</span><span style="color: #BFC7D5;"> ],</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">5</span><span style="color: #BFC7D5;">],</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> 'providers' => [ 'users' => [ 'driver' => 'mongo', ], ],</div></code></pre> </div> <p>Finally, you may reference this provider in your <code>guards</code> configuration:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">guards</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> [</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">2</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">web</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> [</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">3</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">driver</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">session</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">,</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">4</span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">provider</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> </span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">users</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;">,</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">5</span><span style="color: #BFC7D5;"> ],</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">6</span><span style="color: #BFC7D5;">],</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> 'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], ],</div></code></pre> </div> <h3 id="the-user-provider-contract"><a href="#the-user-provider-contract">The User Provider Contract</a></h3> <p><code>Illuminate\Contracts\Auth\UserProvider</code> implementations are responsible for fetching an <code>Illuminate\Contracts\Auth\Authenticatable</code> implementation out of a persistent storage system, such as MySQL, MongoDB, etc. These two interfaces allow the Laravel authentication mechanisms to continue functioning regardless of how the user data is stored or what type of class is used to represent the authenticated user:</p> <p>Let's take a look at the <code>Illuminate\Contracts\Auth\UserProvider</code> contract:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 1</span><span style="color: #D3423E;"><?php</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 2</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 3</span><span style="color: #C792EA;">namespace</span><span style="color: #BFC7D5;"> Illuminate\Contracts\Auth;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 4</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 5</span><span style="color: #C792EA;">interface</span><span style="color: #BFC7D5;"> UserProvider</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 6</span><span style="color: #BFC7D5;">{</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 7</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">public</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">retrieveById</span><span style="color: #D9F5DD;">(</span><span style="color: #BEC5D4;">$identifier</span><span style="color: #D9F5DD;">)</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 8</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">public</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">retrieveByToken</span><span style="color: #D9F5DD;">(</span><span style="color: #BEC5D4;">$identifier</span><span style="color: #BFC7D5;">, </span><span style="color: #BEC5D4;">$token</span><span style="color: #D9F5DD;">)</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 9</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">public</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">updateRememberToken</span><span style="color: #D9F5DD;">(</span><span style="color: #FFCB8B;">Authenticatable</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$user</span><span style="color: #BFC7D5;">, </span><span style="color: #BEC5D4;">$token</span><span style="color: #D9F5DD;">)</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">10</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">public</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">retrieveByCredentials</span><span style="color: #D9F5DD;">(</span><span style="color: #C792EA;">array</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$credentials</span><span style="color: #D9F5DD;">)</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">11</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">public</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">validateCredentials</span><span style="color: #D9F5DD;">(</span><span style="color: #FFCB8B;">Authenticatable</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$user</span><span style="color: #BFC7D5;">, </span><span style="color: #C792EA;">array</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$credentials</span><span style="color: #D9F5DD;">)</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">12</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">public</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">rehashPasswordIfRequired</span><span style="color: #D9F5DD;">(</span><span style="color: #FFCB8B;">Authenticatable</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$user</span><span style="color: #BFC7D5;">, </span><span style="color: #C792EA;">array</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$credentials</span><span style="color: #BFC7D5;">, </span><span style="color: #C792EA;">bool</span><span style="color: #BFC7D5;"> </span><span style="color: #BEC5D4;">$force</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">=</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">false</span><span style="color: #D9F5DD;">)</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">13</span><span style="color: #BFC7D5;">}</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> <?php namespace Illuminate\Contracts\Auth; interface UserProvider { public function retrieveById($identifier); public function retrieveByToken($identifier, $token); public function updateRememberToken(Authenticatable $user, $token); public function retrieveByCredentials(array $credentials); public function validateCredentials(Authenticatable $user, array $credentials); public function rehashPasswordIfRequired(Authenticatable $user, array $credentials, bool $force = false); }</div></code></pre> </div> <p>The <code>retrieveById</code> function typically receives a key representing the user, such as an auto-incrementing ID from a MySQL database. The <code>Authenticatable</code> implementation matching the ID should be retrieved and returned by the method.</p> <p>The <code>retrieveByToken</code> function retrieves a user by their unique <code>$identifier</code> and "remember me" <code>$token</code>, typically stored in a database column like <code>remember_token</code>. As with the previous method, the <code>Authenticatable</code> implementation with a matching token value should be returned by this method.</p> <p>The <code>updateRememberToken</code> method updates the <code>$user</code> instance's <code>remember_token</code> with the new <code>$token</code>. A fresh token is assigned to users on a successful "remember me" authentication attempt or when the user is logging out.</p> <p>The <code>retrieveByCredentials</code> method receives the array of credentials passed to the <code>Auth::attempt</code> method when attempting to authenticate with an application. The method should then "query" the underlying persistent storage for the user matching those credentials. Typically, this method will run a query with a "where" condition that searches for a user record with a "username" matching the value of <code>$credentials['username']</code>. The method should return an implementation of <code>Authenticatable</code>. <strong>This method should not attempt to do any password validation or authentication.</strong></p> <p>The <code>validateCredentials</code> method should compare the given <code>$user</code> with the <code>$credentials</code> to authenticate the user. For example, this method will typically use the <code>Hash::check</code> method to compare the value of <code>$user->getAuthPassword()</code> to the value of <code>$credentials['password']</code>. This method should return <code>true</code> or <code>false</code> indicating whether the password is valid.</p> <p>The <code>rehashPasswordIfRequired</code> method should rehash the given <code>$user</code>'s password if required and supported. For example, this method will typically use the <code>Hash::needsRehash</code> method to determine if the <code>$credentials['password']</code> value needs to be rehashed. If the password needs to be rehashed, the method should use the <code>Hash::make</code> method to rehash the password and update the user's record in the underlying persistent storage.</p> <h3 id="the-authenticatable-contract"><a href="#the-authenticatable-contract">The Authenticatable Contract</a></h3> <p>Now that we have explored each of the methods on the <code>UserProvider</code>, let's take a look at the <code>Authenticatable</code> contract. Remember, user providers should return implementations of this interface from the <code>retrieveById</code>, <code>retrieveByToken</code>, and <code>retrieveByCredentials</code> methods:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 1</span><span style="color: #D3423E;"><?php</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 2</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 3</span><span style="color: #C792EA;">namespace</span><span style="color: #BFC7D5;"> Illuminate\Contracts\Auth;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 4</span> </div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 5</span><span style="color: #C792EA;">interface</span><span style="color: #BFC7D5;"> Authenticatable</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 6</span><span style="color: #BFC7D5;">{</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 7</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">public</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">getAuthIdentifierName</span><span style="color: #D9F5DD;">()</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 8</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">public</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">getAuthIdentifier</span><span style="color: #D9F5DD;">()</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number"> 9</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">public</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">getAuthPasswordName</span><span style="color: #D9F5DD;">()</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">10</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">public</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">getAuthPassword</span><span style="color: #D9F5DD;">()</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">11</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">public</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">getRememberToken</span><span style="color: #D9F5DD;">()</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">12</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">public</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">setRememberToken</span><span style="color: #D9F5DD;">(</span><span style="color: #BEC5D4;">$value</span><span style="color: #D9F5DD;">)</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">13</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">public</span><span style="color: #BFC7D5;"> </span><span style="color: #C792EA;">function</span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">getRememberTokenName</span><span style="color: #D9F5DD;">()</span><span style="color: #BFC7D5;">;</span></div><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">14</span><span style="color: #BFC7D5;">}</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> <?php namespace Illuminate\Contracts\Auth; interface Authenticatable { public function getAuthIdentifierName(); public function getAuthIdentifier(); public function getAuthPasswordName(); public function getAuthPassword(); public function getRememberToken(); public function setRememberToken($value); public function getRememberTokenName(); }</div></code></pre> </div> <p>This interface is simple. The <code>getAuthIdentifierName</code> method should return the name of the "primary key" column for the user and the <code>getAuthIdentifier</code> method should return the "primary key" of the user. When using a MySQL back-end, this would likely be the auto-incrementing primary key assigned to the user record. The <code>getAuthPasswordName</code> method should return the name of the user's password column. The <code>getAuthPassword</code> method should return the user's hashed password.</p> <p>This interface allows the authentication system to work with any "user" class, regardless of what ORM or storage abstraction layer you are using. By default, Laravel includes an <code>App\Models\User</code> class in the <code>app/Models</code> directory which implements this interface.</p> <h2 id="automatic-password-rehashing"><a href="#automatic-password-rehashing">Automatic Password Rehashing</a></h2> <p>Laravel's default password hashing algorithm is bcrypt. The "work factor" for bcrypt hashes can be adjusted via your application's <code>config/hashing.php</code> configuration file or the <code>BCRYPT_ROUNDS</code> environment variable.</p> <p>Typically, the bcrypt work factor should be increased over time as CPU / GPU processing power increases. If you increase the bcrypt work factor for your application, Laravel will gracefully and automatically rehash user passwords as users authenticate with your application via Laravel's starter kits or when you <a href="#authenticating-users">manually authenticate users</a> via the <code>attempt</code> method.</p> <p>Typically, automatic password rehashing should not disrupt your application; however, you may disable this behavior by publishing the <code>hashing</code> configuration file:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="shell" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #BFC7D5;">php </span><span style="color: #BFC7D5;">artisan</span><span style="color: #BFC7D5;"> </span><span style="color: #BFC7D5;">config:publish</span><span style="color: #BFC7D5;"> </span><span style="color: #BFC7D5;">hashing</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> php artisan config:publish hashing</div></code></pre> </div> <p>Once the configuration file has been published, you may set the <code>rehash_on_login</code> configuration value to <code>false</code>:</p> <div class="code-container"> <pre><code data-theme="olaolu-palenight" data-lang="php" class='torchlight' style='background-color: #292D3E; --theme-selection-background: #7580B850;'><!-- Syntax highlighted by torchlight.dev --><div class='line'><span style="color:#4c5374; text-align: right; -webkit-user-select: none; user-select: none;" class="line-number">1</span><span style="color: #D9F5DD;">'</span><span style="color: #C3E88D;">rehash_on_login</span><span style="color: #D9F5DD;">'</span><span style="color: #BFC7D5;"> </span><span style="color: #89DDFF;">=></span><span style="color: #BFC7D5;"> </span><span style="color: #82AAFF;">false</span><span style="color: #BFC7D5;">,</span></div><div aria-hidden='true' hidden tabindex='-1' style='display: none;' class='torchlight-copy-target'> 'rehash_on_login' => false,</div></code></pre> </div> <h2 id="events"><a href="#events">Events</a></h2> <p>Laravel dispatches a variety of <a href="/docs/12.x/events">events</a> during the authentication process. You may <a href="/docs/12.x/events">define listeners</a> for any of the following events:</p> <div class="overflow-auto"> <table> <thead> <tr> <th>Event Name</th> </tr> </thead> <tbody> <tr> <td><code>Illuminate\Auth\Events\Registered</code></td> </tr> <tr> <td><code>Illuminate\Auth\Events\Attempting</code></td> </tr> <tr> <td><code>Illuminate\Auth\Events\Authenticated</code></td> </tr> <tr> <td><code>Illuminate\Auth\Events\Login</code></td> </tr> <tr> <td><code>Illuminate\Auth\Events\Failed</code></td> </tr> <tr> <td><code>Illuminate\Auth\Events\Validated</code></td> </tr> <tr> <td><code>Illuminate\Auth\Events\Verified</code></td> </tr> <tr> <td><code>Illuminate\Auth\Events\Logout</code></td> </tr> <tr> <td><code>Illuminate\Auth\Events\CurrentDeviceLogout</code></td> </tr> <tr> <td><code>Illuminate\Auth\Events\OtherDeviceLogout</code></td> </tr> <tr> <td><code>Illuminate\Auth\Events\Lockout</code></td> </tr> <tr> <td><code>Illuminate\Auth\Events\PasswordReset</code></td> </tr> </tbody> </table> </div> </div> </section> </section> </div> </section> </div> </div> </div> </div> <div class="text-sand-dark-10"> <div class="max-w-full w-full xl:max-w-[1400px] pt-10 md:pt-24 px-4 xl:px-16 mx-auto border-l border-sand-light-7"> <div class="grid grid-cols-12 lg:gap-12"> <div class="col-span-12 lg:col-span-3 lg:mt-14"> <p class="text-pretty">Laravel is the most productive way to<br class="block lg:hidden"> build, deploy, and monitor software.</p> <ul class="flex items-center justify-start my-8 space-x-6 lg:my-16"> <li> <a href="https://github.com/laravel" target="_blank" title="Laravel on GitHub" class="transition duration-100 hover:text-sand-dark-6"> <svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" > <path fill-rule="evenodd" clip-rule="evenodd" d="M0 12.305C0 17.74 3.438 22.352 8.207 23.979C8.807 24.092 9.027 23.712 9.027 23.386C9.027 23.094 9.016 22.32 9.01 21.293C5.671 22.037 4.967 19.643 4.967 19.643C4.422 18.223 3.635 17.845 3.635 17.845C2.545 17.081 3.718 17.096 3.718 17.096C4.921 17.183 5.555 18.364 5.555 18.364C6.626 20.244 8.364 19.702 9.048 19.386C9.157 18.591 9.468 18.049 9.81 17.741C7.145 17.431 4.344 16.376 4.344 11.661C4.344 10.318 4.811 9.219 5.579 8.359C5.456 8.048 5.044 6.797 5.696 5.103C5.696 5.103 6.704 4.773 8.996 6.364C9.954 6.091 10.98 5.955 12.001 5.95C13.02 5.955 14.047 6.091 15.005 6.364C17.295 4.772 18.302 5.103 18.302 5.103C18.956 6.797 18.544 8.048 18.421 8.359C19.191 9.219 19.655 10.318 19.655 11.661C19.655 16.387 16.849 17.428 14.175 17.732C14.606 18.112 14.99 18.862 14.99 20.011C14.99 21.656 14.975 22.982 14.975 23.386C14.975 23.715 15.191 24.098 15.8 23.977C20.565 22.347 24 17.738 24 12.305C24 5.508 18.627 0 12 0C5.373 0 0 5.508 0 12.305Z" fill="currentColor" /> </svg> </a> </li> <li> <a href="https://x.com/laravelphp" target="_blank" title="Laravel on X" class="transition duration-100 hover:text-sand-dark-6"> <svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" > <path d="M13.969 10.1571L22.7069 0H20.6363L13.0491 8.81931L6.9893 0H0L9.16366 13.3364L0 23.9877H2.07073L10.083 14.6742L16.4826 23.9877H23.4719L13.9684 10.1571H13.969ZM11.1328 13.4538L10.2043 12.1258L2.81684 1.55881H5.99736L11.9592 10.0867L12.8876 11.4147L20.6373 22.4998H17.4567L11.1328 13.4544V13.4538Z" fill="currentColor" /> </svg> </a> </li> <li> <a href="https://www.youtube.com/@LaravelPHP" target="_blank" title="Laravel on YouTube" class="transition duration-100 hover:text-sand-dark-6"> <svg width="35" height="24" viewBox="0 0 35 24" fill="none" xmlns="http://www.w3.org/2000/svg" > <path d="M33.892 3.75519C33.4994 2.27706 32.3428 1.11294 30.8742 0.717875C28.2124 0 17.5385 0 17.5385 0C17.5385 0 6.8648 0 4.20286 0.717875C2.7343 1.113 1.57768 2.27706 1.18511 3.75519C0.471863 6.43437 0.471863 12.0243 0.471863 12.0243C0.471863 12.0243 0.471863 17.6141 1.18511 20.2933C1.57768 21.7714 2.7343 22.8871 4.20286 23.2821C6.8648 24 17.5385 24 17.5385 24C17.5385 24 28.2123 24 30.8742 23.2821C32.3428 22.8871 33.4994 21.7714 33.892 20.2933C34.6052 17.6141 34.6052 12.0243 34.6052 12.0243C34.6052 12.0243 34.6052 6.43437 33.892 3.75519ZM14.0476 17.0994V6.94906L22.9688 12.0244L14.0476 17.0994Z" fill="currentColor" /> </svg> </a> </li> <li> <a href="https://discord.com/invite/laravel" target="_blank" title="Laravel on Discord" class="transition duration-100 hover:text-sand-dark-6"> <svg width="33" height="24" viewBox="0 0 33 24" fill="none" xmlns="http://www.w3.org/2000/svg" > <path d="M27.4296 2.00996C25.3491 1.05745 23.1528 0.381713 20.8966 0C20.5879 0.551901 20.3086 1.11973 20.0598 1.70112C17.6566 1.33898 15.2127 1.33898 12.8095 1.70112C12.5605 1.11979 12.2812 0.551968 11.9726 0C9.71504 0.384937 7.51722 1.06228 5.43462 2.01494C1.30013 8.132 0.179328 14.0971 0.739727 19.9776C3.16099 21.7665 5.87108 23.127 8.75218 24C9.40092 23.1275 9.97497 22.2018 10.4682 21.2329C9.53134 20.883 8.62706 20.4512 7.76588 19.9427C7.99253 19.7783 8.2142 19.609 8.42839 19.4446C10.9342 20.623 13.6692 21.234 16.4384 21.234C19.2075 21.234 21.9425 20.623 24.4483 19.4446C24.665 19.6214 24.8867 19.7908 25.1108 19.9427C24.248 20.4521 23.3421 20.8846 22.4035 21.2354C22.8962 22.2039 23.4702 23.1287 24.1196 24C27.0031 23.1305 29.7153 21.7707 32.137 19.9801C32.7945 13.1606 31.0137 7.25031 27.4296 2.00996ZM11.1781 16.3611C9.61644 16.3611 8.32628 14.944 8.32628 13.2005C8.32628 11.457 9.57161 10.0274 11.1731 10.0274C12.7746 10.0274 14.0548 11.457 14.0274 13.2005C14 14.944 12.7696 16.3611 11.1781 16.3611ZM21.6986 16.3611C20.1345 16.3611 18.8493 14.944 18.8493 13.2005C18.8493 11.457 20.0946 10.0274 21.6986 10.0274C23.3026 10.0274 24.5729 11.457 24.5455 13.2005C24.5181 14.944 23.2902 16.3611 21.6986 16.3611Z" fill="currentColor" /> </svg> </a> </li> </ul> <div> <ul class="flex justify-start space-x-8"> <li>© 2025 Laravel</li> <li><a href="https://laravel.com/trademark" class="transition duration-100 hover:text-sand-dark-6">Legal</a></li> <li><a href="https://status.laravel.com/" class="transition duration-100 hover:text-sand-dark-6">Status</a></li> </ul> </div> </div> <div class="grid grid-cols-subgrid col-span-12 lg:col-span-9"> <div class="grid grid-cols-subgrid mt-14 lg:mt-0 self-start lg:col-span-2 col-span-6 order-2"> <h4 class="mb-8 text-base text-sand-light-12 dark:text-sand-dark-12 font-medium lg:col-span-2 col-span-6"> Products </h4> <ul class="col-span-6 mb-6 space-y-6 lg:mb-0 lg:col-span-2"> <li> <a href="https://cloud.laravel.com" class="transition duration-100 hover:text-sand-dark-6">Cloud</a> </li> <li> <a href="https://forge.laravel.com" class="transition duration-100 hover:text-sand-dark-6">Forge</a> </li> <li> <a href="https://vapor.laravel.com" class="transition duration-100 hover:text-sand-dark-6">Vapor</a> </li> <li> <a href="https://nightwatch.laravel.com" class="transition duration-100 hover:text-sand-dark-6">Nightwatch</a> </li> <li> <a href="https://nova.laravel.com" class="transition duration-100 hover:text-sand-dark-6">Nova</a> </li> </ul> </div> <div class="grid grid-cols-subgrid mt-14 lg:mt-0 self-start lg:col-span-4 col-span-12 order-3"> <h4 class="mb-8 text-base text-sand-light-12 dark:text-sand-dark-12 font-medium lg:col-span-4 col-span-12"> Packages </h4> <ul class="col-span-6 mb-6 space-y-6 lg:mb-0 lg:col-span-2"> <li> <a href="/docs/cashier" class="transition duration-100 hover:text-sand-dark-6">Cashier</a> </li> <li> <a href="/docs/dusk" class="transition duration-100 hover:text-sand-dark-6">Dusk</a> </li> <li> <a href="/docs/horizon" class="transition duration-100 hover:text-sand-dark-6">Horizon</a> </li> <li> <a href="/docs/octane" class="transition duration-100 hover:text-sand-dark-6">Octane</a> </li> <li> <a href="/docs/scout" class="transition duration-100 hover:text-sand-dark-6">Scout</a> </li> <li> <a href="/docs/pennant" class="transition duration-100 hover:text-sand-dark-6">Pennant</a> </li> <li> <a href="/docs/pint" class="transition duration-100 hover:text-sand-dark-6">Pint</a> </li> </ul> <ul class="col-span-6 mb-6 space-y-6 lg:mb-0 lg:col-span-2"> <li> <a href="/docs/sail" class="transition duration-100 hover:text-sand-dark-6">Sail</a> </li> <li> <a href="/docs/sanctum" class="transition duration-100 hover:text-sand-dark-6">Sanctum</a> </li> <li> <a href="/docs/socialite" class="transition duration-100 hover:text-sand-dark-6">Socialite</a> </li> <li> <a href="/docs/telescope" class="transition duration-100 hover:text-sand-dark-6">Telescope</a> </li> <li> <a href="/docs/pulse" class="transition duration-100 hover:text-sand-dark-6">Pulse</a> </li> <li> <a href="/docs/reverb" class="transition duration-100 hover:text-sand-dark-6">Reverb</a> </li> <li> <a href="/docs/broadcasting" class="transition duration-100 hover:text-sand-dark-6">Echo</a> </li> </ul> </div> <div class="grid grid-cols-subgrid mt-14 lg:mt-0 self-start lg:col-span-2 col-span-6 order-1"> <h4 class="mb-8 text-base text-sand-light-12 dark:text-sand-dark-12 font-medium lg:col-span-2 col-span-6"> Resources </h4> <ul class="col-span-6 mb-6 space-y-6 lg:mb-0 lg:col-span-2"> <li> <a href="/docs" class="transition duration-100 hover:text-sand-dark-6">Documentation</a> </li> <li> <a href="/starter-kits" class="transition duration-100 hover:text-sand-dark-6">Starter Kits</a> </li> <li> <a href="/docs/releases" class="transition duration-100 hover:text-sand-dark-6">Release Notes</a> </li> <li> <a href="https://blog.laravel.com" class="transition duration-100 hover:text-sand-dark-6">Blog</a> </li> <li> <a href="https://partners.laravel.com" class="transition duration-100 hover:text-sand-dark-6">Partners</a> </li> <li> <a href="https://laravel-news.com" class="transition duration-100 hover:text-sand-dark-6">News</a> </li> <li> <a href="https://larabelles.com/" class="transition duration-100 hover:text-sand-dark-6">Larabelles</a> </li> <li> <a href="https://larajobs.com/?partner=5" class="transition duration-100 hover:text-sand-dark-6">Jobs</a> </li> <li> <a href="/careers" class="transition duration-100 hover:text-sand-dark-6">Careers</a> </li> </ul> </div> </div> <div class="col-span-12 text-sand-light-1"> <svg class="w-full h-full text-laravel-red" width="1280" height="308" viewBox="0 0 1280 308" fill="none" xmlns="http://www.w3.org/2000/svg" > <path d="M50.2753 0H0V308.689H144.713V263.27H50.2753V0Z" fill="currentColor" /> <path d="M322.209 130.973C315.796 120.684 306.688 112.602 294.883 106.718C283.081 100.84 271.201 97.8969 259.253 97.8969C243.798 97.8969 229.665 100.764 216.843 106.496C204.014 112.228 193.015 120.099 183.834 130.091C174.654 140.088 167.51 151.628 162.412 164.706C157.308 177.792 154.761 191.54 154.761 205.94C154.761 220.645 157.308 234.457 162.412 247.39C167.508 260.332 174.652 271.796 183.834 281.788C193.015 291.785 204.017 299.647 216.843 305.379C229.665 311.111 243.798 313.978 259.253 313.978C271.201 313.978 283.081 311.038 294.883 305.159C306.688 299.282 315.796 291.197 322.209 280.904V308.685H369.865V103.186H322.209V130.973ZM317.837 231.076C314.922 239.016 310.841 245.925 305.598 251.804C300.35 257.687 294.009 262.389 286.579 265.917C279.146 269.445 270.905 271.208 261.875 271.208C252.837 271.208 244.676 269.445 237.391 265.917C230.104 262.389 223.839 257.687 218.593 251.804C213.345 245.925 209.335 239.016 206.57 231.076C203.794 223.138 202.417 214.759 202.417 205.942C202.417 197.12 203.794 188.742 206.57 180.804C209.335 172.866 213.345 165.961 218.593 160.078C223.839 154.201 230.102 149.493 237.391 145.965C244.676 142.437 252.837 140.674 261.875 140.674C270.908 140.674 279.146 142.437 286.579 145.965C294.009 149.493 300.35 154.199 305.598 160.078C310.844 165.961 314.922 172.866 317.837 180.804C320.748 188.742 322.209 197.12 322.209 205.942C322.209 214.759 320.748 223.138 317.837 231.076Z" fill="currentColor" /> <path d="M709.568 130.973C703.155 120.684 694.047 112.602 682.242 106.718C670.44 100.84 658.56 97.8969 646.612 97.8969C631.157 97.8969 617.024 100.764 604.202 106.496C591.373 112.228 580.374 120.099 571.193 130.091C562.013 140.088 554.869 151.628 549.771 164.706C544.666 177.792 542.12 191.54 542.12 205.94C542.12 220.645 544.666 234.457 549.771 247.39C554.867 260.332 562.01 271.796 571.193 281.788C580.374 291.785 591.375 299.647 604.202 305.379C617.024 311.111 631.157 313.978 646.612 313.978C658.56 313.978 670.44 311.038 682.242 305.159C694.047 299.282 703.155 291.197 709.568 280.904V308.685H757.224V103.186H709.568V130.973ZM705.198 231.076C702.283 239.016 698.202 245.925 692.959 251.804C687.711 257.687 681.37 262.389 673.94 265.917C666.507 269.445 658.266 271.208 649.236 271.208C640.198 271.208 632.037 269.445 624.752 265.917C617.465 262.389 611.2 257.687 605.954 251.804C600.706 245.925 596.696 239.016 593.931 231.076C591.155 223.138 589.778 214.759 589.778 205.942C589.778 197.12 591.155 188.742 593.931 180.804C596.696 172.866 600.706 165.961 605.954 160.078C611.2 154.201 617.463 149.493 624.752 145.965C632.037 142.437 640.198 140.674 649.236 140.674C658.269 140.674 666.507 142.437 673.94 145.965C681.37 149.493 687.711 154.199 692.959 160.078C698.205 165.961 702.283 172.866 705.198 180.804C708.109 188.742 709.57 197.12 709.57 205.942C709.568 214.759 708.107 223.138 705.198 231.076Z" fill="currentColor" /> <path d="M1280 1.12315e-05H1232.35V308.689H1280V1.12315e-05Z" fill="currentColor" /> <path d="M407.466 308.689H455.117V150.486H536.876V103.192H407.466V308.689Z" fill="currentColor" /> <path d="M948.281 103.192L888.386 260.557L828.489 103.192H780.224L858.441 308.689H918.331L996.546 103.192H948.281Z" fill="currentColor" /> <path d="M1100.48 97.908C1042.13 97.908 995.937 146.279 995.937 205.944C995.937 271.9 1040.64 313.98 1106.59 313.98C1143.5 313.98 1167.06 299.745 1195.85 268.746L1163.66 243.621C1163.64 243.646 1139.36 275.802 1103.1 275.802C1060.96 275.802 1043.22 241.533 1043.22 223.803H1201.32C1209.62 155.913 1165.37 97.908 1100.48 97.908ZM1043.35 188.085C1043.71 184.13 1049.2 136.086 1100.1 136.086C1151.01 136.086 1157.19 184.123 1157.55 188.085H1043.35Z" fill="currentColor" /> </svg> </div> </div> </div> </div> <script> var _gaq=[['_setAccount','UA-23865777-1'],['_trackPageview']]; (function(d,t){ var g=d.createElement(t),s=d.getElementsByTagName(t)[0]; g.src=('https:'==location.protocol?'//ssl':'//www')+'.google-analytics.com/ga.js'; s.parentNode.insertBefore(g,s) }(document,'script')); </script> <!-- HubSpot --> <script type="text/javascript" id="hs-script-loader" async defer src="//js-na1.hs-scripts.com/45240648.js"></script> </body> </html>