Consider a Laravel route protected by the default 'auth' guard. What is the behavior when an unauthenticated user tries to access this route?
Route::middleware('auth')->get('/dashboard', function () { return 'Dashboard'; });
Think about what Laravel does when authentication fails on routes protected by 'auth' middleware.
Laravel's 'auth' middleware checks if the user is logged in. If not, it redirects to the login page by default.
Given the need to add a custom guard named 'admin' using the 'session' driver and 'admins' provider, which option is correct?
Remember the order of keys does not matter, but all required keys must be present.
A guard requires both 'driver' and 'provider' keys. Option D correctly includes both with proper values.
Examine this Laravel controller snippet:
if (Auth::guard('admin')->attempt(['email' => $email, 'password' => $password])) {
return redirect()->intended('/admin/dashboard');
}The error says: Call to undefined method attempt() on null. What is the cause?
Check if the guard name matches the configuration.
If the guard name is not defined, Auth::guard('admin') returns null, so calling attempt() causes an error.
Laravel supports multiple drivers for authentication guards. What is the key difference between the 'session' and 'token' drivers?
Think about how web apps keep users logged in versus how APIs authenticate requests.
The 'session' driver uses cookies and sessions to keep users logged in on web apps. The 'token' driver uses tokens passed with each request, suitable for APIs.
Assume you have a custom user provider configured for the 'web' guard that fetches users from a special table. After a successful login, what does Auth::guard('web')->user() return?
Consider what the user() method returns after authentication.
After login, user() returns the authenticated user model instance from the provider, even if custom.