Build a Starter Kit With Inertia and Fortify
This episode is for members only

Sign up to access "Build a Starter Kit With Inertia and Fortify" right now.

Get started
Already a member? Sign in to continue
Playing
05. Installing Fortify

Episodes

0%
Your progress
  • Total: 5h 21m
  • Played: 0m
  • Remaining: 5h 21m
Join or sign in to track your progress
01. Setting up
01. Introduction and demo
4m 30s
0%
02. Installing Inertia from scratch
11m 49s
0%
03. Installing Tailwind
3m 24s
0%
04. Layout and navigation
31m 15s
0%
05. Installing Fortify
6m 10s
0%
06. Exposing routes with Ziggy
6m 44s
0%
07. Global modals
23m 41s
0%
02. Authentication
08. Registering users
13m 56s
0%
09. Sharing the authenticated user globally
5m 48s
0%
10. Signing in
9m 27s
0%
11. Signing out
2m 39s
0%
12. Redirecting to the intended location
4m 58s
0%
03. Feature management
13. Adding feature management checks
3m 14s
0%
14. Client-side feature management
5m 53s
0%
04. Building a toast feature
15. Basic flash messages with Inertia
7m 51s
0%
16. Building a toast plugin
15m 38s
0%
17. Styling and transitioning the toast
4m 53s
0%
05. Profile management
18. Creating an account layout
13m 24s
0%
19. Detecting and highlighting current pages
5m 22s
0%
20. Updating profile details
9m 22s
0%
21. Profile photo output and swapping
9m 17s
0%
22. Storing a profile photo
13m
0%
23. Changing user passwords
9m 9s
0%
24. Account feature toggling
8m 19s
0%
06. Password confirmation
25. Using a modal for password confirmation
8m 16s
0%
26. Confirming user passwords
4m 23s
0%
07. Two factor authentication
27. Building the two factor modal
9m 7s
0%
28. Showing a QR code
7m 44s
0%
29. Enabling two factor authentication
6m 52s
0%
30. Disabling two factor authentication
1m 35s
0%
31. Showing recovery codes
4m 37s
0%
32. Fixing password confirm redirect
9m 42s
0%
33. Fixing password confirm flow when enabling
3m 26s
0%
34. Challenging the user when signing in
5m 58s
0%
08. Email verification
35. Mail setup and forcing email verification
4m 8s
0%
36. Adding a verification notice
3m 42s
0%
37. Resending the verification email
3m 27s
0%
09. Account recovery
38. Sending a recovery email
8m 45s
0%
39. Setting a new password
8m 22s
0%
10. Fixes and improvements
40. Closing the user navigation on click
2m 12s
0%

Transcript

00:00
So if you've not used Laravel Fortify before, we're going to take this episode to really importantly get it installed, have a look around, figure out what we need to do so we
00:08
can start to visualize getting this implemented into our Inertia front end. Now, Laravel Fortify is a front end agnostic implementation of all the authentication features
00:20
that you'd need for an application. Basically, it just provides you all the controllers and functionality you need to register users, log them in, sign them out, set up two-factor authentication,
00:31
all the stuff that we're going to be implementing in this course. So we're going to implement every single Fortify feature. So let's just install this, have a look at our root list,
00:41
see what we've been given, and then we'll take a look around the config to see how that's going to help us as well. So let's go over to the installation section
00:48
and, of course, pull Laravel Fortify in with Composer. We'll go ahead and publish the config file, which is incredibly important, so we can start to configure this, and then we'll
00:59
go ahead and run our database migrations. Now, at the moment, let's take a look at our users table. You can see what columns we've got here, the standard stuff that we get with Laravel.
01:08
Once we go ahead and migrate here, you'll notice that these will slightly change. So we've got the two-factor stuff in here now, which is really important.
01:17
This is going to store our two-factor secret, our recovery codes, and if this was confirmed. So we don't really need to worry too much about the database schema because Fortify will handle
01:26
all of this for us, but it's good to see that that's changed. OK, the first thing that we're going to do is jump over to Fortify Config to have a look here.
01:33
So let's open this up and come down and do this line by line. So the guard, we don't really need to change unless we're building an API, which we're not doing. Passwords, you can configure for the models and stuff
01:45
that you're working with on the database table you're working with. We don't really need to worry about that. Email and username can be changed over as well.
01:53
So you can have a username or an email being configured. But what we're really interested in, if we just come down here, is go all the way down here to our views. So we do not need to register views.
02:08
The reason being is that we are working within a client-side kind of single-page application, although we're using Inertia. We are going to build up all of our own views.
02:18
Now, I said that this was sort of framework agnostic or front-end agnostic. Views are provided in some respects to get this working, but we don't need to register these.
02:28
So we're actually going to set this to false. In fact, I'm going to keep that to true for now, because we're going to look at our root list and how this changes.
02:33
But we are going to be setting that to false in just a second. So we'll talk about that in a moment. Now, the next thing is the feature list. So you can see here that this provides a list of features
02:43
that you can enable and disable. And that's also really important, because we need to control this on our back-end and our front-end as well when we
02:52
start to implement each of these features. So we are going to take an episode to talk about how we can hide things on the client side based on the features that are actually enabled or disabled.
03:02
So for example, if I disabled the registration feature, we wouldn't want to see a create an account link, and we wouldn't want to allow a user to submit a form to create an account.
03:14
You probably wouldn't toggle these too often, but we want to make sure this is implemented properly. So you can go ahead and toggle and change these. I'm going to enable all of these.
03:23
So I'm just going to uncomment out the email verification here. And that's pretty much it. So let's take a look at our root list,
03:30
because this is going to give us a good idea as to how this is working. So we're going to say phpArtisan and root list. And let's have a look.
03:38
So if you'd have run this before you installed Fortify, you'd just have your home controller root and a couple of other things. But you can see that this has provided
03:45
a huge amount of routes. So we've got login, register, reset password, the two-factor stuff, password confirmation. We've got the update profile information stuff,
03:56
more two-factor stuff here as well. So let's go and just have a look at the root count. We've got 32. We're going to go ahead and set views to false,
04:05
since we're working with inertia here. And we're going to disable these. And now let's go ahead and run this root list again. You can see that's down to 25.
04:13
So we're going to come across a couple of issues with this, because Fortify is going to expect that some of these views are enabled when we implement these features. Because we're doing this with inertia,
04:24
there's a slight challenge in that we need to just tweak a couple of things around. But we will get to that later. But these are all of our routes that we
04:31
need to basically send data down from our client side to register users. So for example, when we build out our registration form, all we're going to need to do is create a registration form
04:43
and then just pass this data down to Fortify. We don't need to specifically create anything. We don't need to actually create the insertion of the user or anything like that.
04:52
All of that stuff is handled by Fortify. Now speaking about that, let's go over to our application. When we did install Fortify, we got this Actions folder created and under this Fortify directory.
05:05
So these are kind of the single actions that happen when we do stuff in our application. They're not available for every single feature of Fortify. But for example, they are available for stuff
05:16
like creating a new user. So we're not really going to need to modify this code unless we want to make any changes to how we're registering users.
05:23
The point of these actions being published into our project is that if we needed to add, say, a username, we could go ahead and just modify this within the validator and we could modify this when we create a user.
05:35
So that's why these are published, so we can change them if we need to. But all of them are in there available for you to modify if you need to.
05:43
And we will be slightly modifying some of them as we go. So that is Fortify installed. Nothing much has changed, but hopefully now we
05:51
understand what this is. And now, really, once we've finished setting up the rest of our app, like our routes and stuff, we can just start sending requests down
05:59
to Fortify, which will create a user for us, and we're pretty much good to go. So very, very easy to just send requests to Fortify and all of our auth stuff is already done for us.

Episode summary

In this episode, we're diving into the first steps of getting Laravel Fortify up and running in your application. If you've never used Fortify before, don't worry—by the end of this video, you'll have it installed, configured, and ready to use as your backend authentication layer.

Here's what we do in this episode:

  • Install Laravel Fortify: We start by pulling Fortify in with Composer, publishing its config file, and running the migrations. You'll see how the users table changes after the migration, especially with the new columns for two-factor authentication.

  • Explore the Config: Next, we open up the Fortify config file and go through the options line by line. Most of the defaults are fine, but we pay special attention to features like email vs. username login and the features array, which lets us enable or disable various authentication features (like registration, password reset, two-factor, etc.).

  • Understand Routes: We check out all the new routes Fortify registers in our app, so you'll see what endpoints are now available for things like login, registration, password reset, and two-factor auth. We also talk about disabling default views (since we're using Inertia.js for our frontend) and watch how the route list changes accordingly.

  • Inspect Published Actions: Fortify gives you some published action classes where you can customize things like user registration. We look at where these live and briefly discuss tweaking them if you want to, such as adding extra fields like a username.

By the end, you'll see that you don't need to create a ton of boilerplate yourself—Fortify handles all the backend stuff for you. Now, you just need to wire up your frontend to these endpoints, and you'll have authentication features like registration, login, two-factor, and more ready to use.

Perfect if you're ready to see how painless backend auth can be with Fortify!

Episode discussion

No comments, yet. Be the first!