Laravel Authentication
2 min read
Laravel provides a complete authentication system out of the box, including session-based login and API token authentication.
1 - Starter Kits
// Laravel Breeze — minimal, Blade/Tailwind (recommended for learning)
composer require laravel/breeze --dev
php artisan breeze:install
npm install && npm run dev
php artisan migrate
// Laravel Jetstream — full-featured (teams, 2FA, API)
composer require laravel/jetstream
php artisan jetstream:install livewire2 - Manual Authentication
use Illuminate\Support\Facades\Auth;
// Attempt login
if (Auth::attempt(['email' => $email, 'password' => $password], $remember)) {
$request->session()->regenerate();
return redirect()->intended('dashboard');
}
// Logout
Auth::logout();
$request->session()->invalidate();
$request->session()->regenerateToken();
// Get the authenticated user
$user = Auth::user();
$id = Auth::id();3 - Protecting Routes
// Require authentication
Route::middleware('auth')->group(function () {
Route::get('/dashboard', [DashboardController::class, 'index']);
Route::resource('posts', PostController::class);
});
// Require email verification
Route::middleware(['auth', 'verified'])->group(function () {
Route::get('/billing', [BillingController::class, 'index']);
});4 - Checking Auth in Blade and Code
// In Blade
@auth
Welcome, {{ Auth::user()->name }}!
@endauth
// In PHP
if (Auth::check()) {
// User is logged in
}