This episode is for members only
Sign up to access "Passwordless Authentication with Laravel" right now.
Get started
Already a member? Sign in to continue
Playing
03. Making use of Laravel Actions
01. Introduction and demo
1m 45s
0%
02. Crafting the login page
9m 35s
0%
03. Making use of Laravel Actions
7m 36s
0%
04. The magic login link email
7m 18s
0%
05. Generating a signed URL for authentication
4m 34s
0%
06. Authenticating the user securely
2m 44s
0%
07. Registering users
7m 3s
0%
08. Sending the magic login link again
1m 43s
0%
09. Testing the login flow
10m 15s
0%
10. Testing the registration flow
6m 5s
0%
Transcript
00:00
To submit our form, perform validation and send the email,
00:03
we're going to make use of the Laravel actions package. The reason that we're doing this is because when we register a user, we want to go through the same process of sending out this email. And having an action like this means it's in one place.
00:17
And of course, we can test it more easily as well, which we'll be covering at the end of the course. So we're going to go ahead and get this package installed. We have a full course on this if you want to learn more.
00:29
But let's go ahead and just pull this in and start to work with it. So once we've pulled this in, we just need to use as action on a class that we create. And then any code that we want to run goes in handle.
00:41
And we can use these actions as controllers as well, which means we can, without creating a traditional Laravel controller, hook into these as an action or as a controller. So we're going to close this off
00:53
because we'll run through exactly what we need to do here. The first thing that we want to do is actually create an action. This package comes with a make action command. And we're going to call this send magic link.
01:04
So that's going to go ahead and create that out in the actions directory for us. So let's head over to send magic link over here. And you can see that we've got all of the boilerplate already set up for us. Much need to reindex your workspace if you're missing this class.
01:19
OK, so inside of handle, this is where we want to send the email. Now, for now, I'm just going to die dump and just say send email just so we know that this is working. And now we can just use this as a controller
01:31
and then just start to hook in with the other methods that this provides. So to do this, we're going to go over to our routes, of course. And under here, we're going to go ahead and say post through to auth login. And we're just going to reference that send magic link class.
01:46
And that's pretty much all we need to do. We can give this a name as usual. So let's go ahead and call this auth login. And while we're here, we'll go ahead and set the middleware on this
01:55
to guess that's just the login page, because, of course, we don't want to allow people to view this if they're already logged in. We could do the same for this as well, because, of course, logging in does require that you are not already signed in.
02:09
OK, so now that we've got this working, let's head over to our login form and let's hook this up. So at the moment, we don't have anything. Let's change the method here to post
02:20
and let's change the action here to that route that we've just created. So route auth and login. OK, so if we head over now and enter an email address and hit get magic link. Yeah, sure enough, we need our cross site request forgery field in here.
02:35
So let's go ahead and just add that in at the bottom. And let's just try that again. And we should submit that through. Now we see send email, which is great.
02:44
It's working, but a really good way to handle Laravel actions if we just head back over to that is to create out a method in here called as controller. What that means is we can do specific controller things in here,
02:58
but then handle this. So think of this as the main method within your controller. But as controller is just a separate method that allows you to do things that you may need to do in before that, like validation and all that good stuff.
03:12
So really, all we're going to go ahead and do inside of here is just say this handle, because, of course, that needs to send out the email. And we do need to take in the email address to pass into this handle method. So let's say that this handle method accepts in an email address string
03:30
and then this accepts in a request. Now, we can either put in the standard Laravel request like this, or we can put in the specific action request that comes from this package. So let's just call that request.
03:43
So from handle, we can now grab the email address from the form and pass that in there. Now, the benefit of this is if we want to send a magic link for login from anywhere else in our application,
03:54
we now have one class to do this and we can just call the handle method. Or in our case, for this specific action being submitted to a form, we're using it as a controller. So if we head over now and maybe just die dump out.
04:08
The email address that we get passed into this action, or we should see now if we interact email address is this dumped out as well. So we're not actually going to send the email in this episode, but let's go ahead and add some validation to this.
04:22
You might be thinking, well, now that we're using this new action class, how are we going to validate the request? Can we just do this validate like we normally would in Laravel? Well, within Laravel actions, it works in a slightly different way
04:36
to do this is pretty simple. We just need to define out a rules method in here, which goes ahead and returns an array of rules that you want to use for each thing that you want to validate.
04:47
So in our case, the email address is required. It needs to be an email. It also needs to exist in the database. So what we can do is put in Laravel's rule class
04:57
and we can check that it exists in the user table under the email column. They might want to skip this and handle it in another way if the email address doesn't exist, just so you avoid people
05:10
submitting email addresses and checking if people are registered. But we'll leave this in here for now, just as an example. OK, so now that we've done this, we don't even have our database migrated. So let's go ahead and do that, first of all.
05:23
And we need to, of course, go over and just manually create a user in here. We do have the password field in here already, but we're kind of excluding that for now. You compare this with standard login
05:36
where you would provide the email address and password if you want to. So let's just go ahead and really quickly boot up a tinker session here. And let's say user factory and create. And that will just create our user for us.
05:48
And I'm just going to go ahead and change over some of the details here, like my name and email address. OK, so let's save these changes. We now have a user in the database that we can work with
06:00
and we should be able to check the validation. So if I hit get magic link, of course, at the moment, we have some front end validation in here. But if I just type in anything, yeah, it's still making me do this.
06:12
But let's go ahead and submit that through. And yes, so our actions use doesn't exist. So, of course, that is just because we need to put in the namespace. Let's resubmit this.
06:23
And there we go. It works. But if we choose an email address that is not in the database, sure enough, it redirects us back. So we know that our validation rules within this action are actually being applied.
06:36
So we can just really quickly update our view here just to output any of the errors that we get. So we're going to go ahead and say error. And that is for the email field.
06:45
We'll go ahead and end that error in here. And it's just quite a div in here really quickly with a class of margin top two. And we'll just output the message within that scope in here. So that should now give us the error message.
06:59
And that's just standard Laravel stuff. So let's go ahead and enter the Mabel at CodeCourse.com email. Hit this. And there we go. The selected email is invalid.
07:08
And I'm sure you can make this look a little bit prettier if you want to. So that's pretty much it for submitting that action. As you can see, we've created an action in here with rules that validate. We can use this as a controller.
07:20
But later on, when we get to the point where we want to register the user and then send off an email, we can just reuse this same action. We can perform tests on this action to make sure that this does what it needs to do. And then we just have one place that does one thing a lot simpler.
10 episodes• 58 mins•1 year ago
Overview
Say goodbye to the traditional email/password flow and implement passwordless authentication with Laravel! In this course, we'll cover sending a secure link via email to allow users to sign in seamlessly. Oh, and we'll cover the entire registration process too.
Use it on its own, or combine it with the standard email/password flow to give your users even more flexibility.
Alex Garrett-Smith
Hey, I'm the founder of Codecourse!
Comments
No comments, yet. Be the first to leave a comment.