Authentication with Slim 3 / Setting up Slim

0 complete
29 parts
Next →

1. Setting up Slim

2. Views with Twig

3. PSR-4 Autoloading

4. Basic controllers

5. Container items in controllers

6. The base template

7. Using Eloquent

8. The User model

9. Getting ready to sign up

10. Signing the user up

11. Setting up validation

12. Showing errors on the form

13. Persisting old form data

14. Custom validation rules

15. Installing Slim CSRF package

16. View middleware

17. Getting ready to sign in

18. Authenticating

19. Updating the navigation bar

20. Signing in when signing up

21. Signing out

22. Installing the Flash package

23. Outputting flash messages

24. Updating sign up and sign in

25. Getting ready to change password

26. Validation

27. Updating the user's password

28. Authenticated middleware

29. Guest middleware

Authentication with Slim 3

  • 164 mins runtime
  • Released 2 years ago

The perfect start to an application that requires authentication. Learn Slim 3, and in the process build the foundations of your project.

Discussions (11)

3 weeks ago

hi, i have 2 errors how i can fix it?

Notice: Undefined index: user in \app\Auth\Auth.php on line 11

Notice: Undefined index: errors in \app\Middleware\ValidationErrorsMiddleware.php on line 9

3 months ago

When testing showing errors on the form it gives error:

Details Type: Error Message: Call to a member function getEnvironment() on null File: H:\xampp72\htdocs\slim3auth\app\Middleware\ValidationErrorsMiddleware.php Line: 11

I have verified with the downloaded application and I have no differences


3 months ago

Hello, Please I keep getting this error:

Parse error: syntax error, unexpected '?' in C:\xampp\htdocs\slim3auth\vendor\illuminate\database\Eloquent\Model.php on line 658

I followed the youtube tutorial and got this error.

So I thought I was at fault. Then I paid for subscription in order to get your source code.

After Installation, I still got this error.

Please help me :-)

3 months ago

Somehow I inverted 2 lines of code that is plain as day in vid 15 time code 1:04


no idea how I flipped this one!

$app->add(new \App\Middleware\CsrfViewMiddleware($container));

it should be...

$app->add(new \App\Middleware\CsrfViewMiddleware($container));
3 months ago

So, after more digging, I found that getTokenName() that is called in the CSRF Middleware is not being generated, but it is being INVOKED in Guard

But when the code gets down to AuthController, getTokenName() is being generated.

As of yet I have no idea why.

I have ran through these videos 6 times, scratched files and rebuilt them. Still no Key.

3 months ago


class CsrfViewMiddleware extends Middleware
    public function __invoke($request, $response, $next)


This displays NULL, but


diplays 'csrf_name'

oh so weird!

3 months ago

Hows this for weird!

[ (16 View MIddleware) time code 4:21]

        $this->container->view->getEnvironment()->addGlobal('csrf', [
            'field' => '
                <input type="hidden" name="' . $this->container->csrf->getTokenNameKey() . '" value="' . $this->container->csrf->getTokenName() . '">
                <input type="hidden" name="' . $this->container->csrf->getTokenValueKey() . '" value="' . $this->container->csrf->getTokenValue() . '">

Right out of the tut ands the sample code.

$this->container->csrf->getTokenName() AND $this->container->csrf->getTokenValue() return a null value.

But if I put this same object call in (AuthController::getSignUp (as directed in '(16 Install SLIM CSRF time) code 3:58), I get a value!

Yea, 2 hours of back-tracking and re-doing code... no go.

So as of now I'm dead in the water. :/

4 months ago


i'm struggling to get authentification with DI working together but I'm stuck and don't really know where to look.

i get the following error
Fatal error: Uncaught TypeError: Argument 1 passed to App\Middleware\Middleware::__construct() must be an instance of Slim\Views\Twig, null given, called in /var/www/app/app/routes.php on line 18 and defined in /var/www/app/app/Middleware/Middleware.php on line 13
( ! ) TypeError: Argument 1 passed to App\Middleware\Middleware::__construct() must be an instance of Slim\Views\Twig, null given, called in /var/www/app/app/routes.php on line 18 in /var/www/app/app/Middleware/Middleware.php on line 13

my app/routes.php contains

use App\Middleware\AuthMiddleware;
use App\Middleware\GuestMiddleware;

$app->get('/', [

$app->group('', function () {
    $this->get('/auth/signup', 'AuthController:getSignUp')
    $this->post('/auth/signup', 'AuthController:postSignUp');

    $this->get('/auth/signin', 'AuthController:getSignIn')
    $this->post('/auth/signin', 'AuthController:postSignIn');
})->add(new GuestMiddleware($containter));

$app->group('', function () {
    $this->get('/auth/signout', 'AuthController:getSignOut')
    $this->get('/auth/password/change', 'AuthController:getChangePassword')
    $this->post('/auth/password/change', 'AuthController:postChangePassword');

    $this->get('/modules/list', 'ModuleController:getModuleList')
    $this->get('/home', [
})->add(new AuthMiddleware($containter));

my app/Middleware/Middleware.php

namespace App\Middleware;

use Slim\Views\Twig;
use Slim\Csrf\Guard;

class Middleware

    protected $view;
    protected $csrf;

    public function __construct(Twig $view, Guard $csrf = null)
        $this->view = $view;
        $this->csrf = $csrf;
namespace App\Middleware;

class GuestMiddleware extends Middleware

    public function __invoke($request, $response, $next)
        if ($this->view->auth->check()) {
            return $response->withRedirect($this->view->router->pathFor('home'));

        $response = $next($request, $response);
        return $response;

not sure what I'm missing, but something is not ok :) will appreciate any help that i can get,


4 months ago

Make sure you have session.use_strict_mode = 1 in your php.ini, I had it to 0 and it caused the logout to fail, because PHP always regenerated the cookie.

This can apparently also be solved if you implement the new \SessionUpdateTimestampHandlerInterface interface (from php 7+) and use of the function validateId($session_id){} method.

This has to return true if session_id is valid and false if not, PHP will then internally generate a new session_id and disregard any cookies that might still be set.

pheeew :)

5 months ago

As soon as i implement this. I get:

Uncaught Error: Class 'App\Middleware\AuthMiddleware' not found in C:\xampp\htdocs\authentication\app\routes.php:18

I know that everything is spelt correctly. Is anyone else getting this error?

  • I've even downloaded the code... copy and pasted... I'm getting the same Fatal Error ^
5 months ago

Have you tried running:

composer dump-autoload -o

on the command line?