This episode is for members only
Sign up to access "Passwordless Authentication with Laravel" right now.
Get started
Already a member? Sign in to continue
Playing
06. Authenticating the user securely
01. Introduction and demo
1m 45s
0%
02. Crafting the login page
9m 35s
0%
03. Making use of Laravel Actions
7m 36s
0%
04. The magic login link email
7m 18s
0%
05. Generating a signed URL for authentication
4m 34s
0%
06. Authenticating the user securely
2m 44s
0%
07. Registering users
7m 3s
0%
08. Sending the magic login link again
1m 43s
0%
09. Testing the login flow
10m 15s
0%
10. Testing the registration flow
6m 5s
0%
Transcript
00:00
Before we move on to actually authenticate the user within this route just here, let's create out a home page here to replace the default welcome page. So let's open up welcome.blade.php and let's go ahead and grab the template for login.
00:14
We just want to show the currently authenticated user in here. So let's get rid of everything that we have inside of this form here. Let's switch this form over to a div and let's, of course, get rid of the action and method because that's now not a form.
00:28
Inside of here we're just going to go ahead and use the auth blade directive and that's only going to show if the user is signed in. And let's just greet the user in here with a header. We can bring back them styles that we saw before.
00:44
In fact, let's just say text gray 600 and we'll make this a paragraph instead. So we're just going to say hey and then the authenticated user's name. So auth user and name. OK, so if we head over to the home page now, of course, we don't see anything because
01:03
this directive is stopping this from being rendered out because we're not signed in. But once we are signed in, once we update our login controller, we, of course, should see that details or those details. So I'm just going to give this a name real quick.
01:17
So let's call this home just so we have somewhere to redirect to. While we're here as well, a good idea is to head over to our root service provider. By default, this is set to slash home for the home page. And Laravel uses this internally within middleware to redirect the user
01:34
if they are already signed in. So I'm going to change that back to slash because that is technically our home page. OK, so now that we've done that, we can actually authenticate the user within this login controller and we should be good to go.
01:46
This is really, really simple because we know this is a signed protected controller, signed URL protected controller. So no one can access this unless they have the correct signature and it's not expired. So in here, there's no real other checks that we need to do
02:01
apart from just logging the user in. We know we've got the user model in here, so we can just use the auth helper or the auth facade. You could do this like this if you prefer and log the user in.
02:13
That's all we need to do. Now we can go ahead and return and redirect the user to the home page. And that's going to greet them with their signed in name. So let's head over.
02:28
Of course, that doesn't work at the moment, but we're going to go over to auth and login, enter our email address and hit that get magic link button, grab the magic link, sign in. And that should redirect us over and we now signed it.
10 episodes• 58 mins•1 year ago
Overview
Say goodbye to the traditional email/password flow and implement passwordless authentication with Laravel! In this course, we'll cover sending a secure link via email to allow users to sign in seamlessly. Oh, and we'll cover the entire registration process too.
Use it on its own, or combine it with the standard email/password flow to give your users even more flexibility.
Alex Garrett-Smith
Hey, I'm the founder of Codecourse!
Comments
No comments, yet. Be the first to leave a comment.