0
0
Laravelframework~5 mins

Login and logout in Laravel

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Introduction

Login and logout let users enter and leave your website safely. This keeps their information private and controls who can see certain pages.

When you want users to access their personal accounts on your website.
When you need to protect parts of your site from visitors who are not signed in.
When you want to keep track of who is using your site and what they do.
When you want to let users end their session to keep their account safe.
Syntax
Laravel
<?php
// Login example
if (Auth::attempt(['email' => $email, 'password' => $password])) {
    // Login success
    return redirect()->intended('dashboard');
} else {
    // Login failed
    return back()->withErrors(['email' => 'Invalid credentials']);
}

// Logout example
Auth::logout();
return redirect('/login');
Use Auth::attempt() to check user credentials and log them in.
Use Auth::logout() to log the user out and clear their session.
Examples
This tries to log in a user with email and password. If it works, it sends them to the home page.
Laravel
<?php
// Simple login check
if (Auth::attempt(['email' => $email, 'password' => $password])) {
    return redirect('/home');
}
This logs out the current user and sends them to the login page.
Laravel
<?php
// Logging out a user
Auth::logout();
return redirect('/login');
This sends the user to the page they wanted before login, or to the dashboard if none.
Laravel
<?php
// Redirect after login
if (Auth::attempt(['email' => $email, 'password' => $password])) {
    return redirect()->intended('dashboard');
}
Sample Program

This controller handles showing the login form, logging in users by checking their email and password, and logging them out safely by clearing their session.

Laravel
<?php
namespace AppHttpControllers;

use IlluminateHttpRequest;
use IlluminateSupportFacadesAuth;

class AuthController extends Controller
{
    public function showLoginForm()
    {
        return view('login');
    }

    public function login(Request $request)
    {
        $credentials = $request->validate([
            'email' => ['required', 'email'],
            'password' => ['required'],
        ]);

        if (Auth::attempt($credentials)) {
            $request->session()->regenerate();
            return redirect()->intended('dashboard');
        }

        return back()->withErrors([
            'email' => 'The provided credentials do not match our records.',
        ]);
    }

    public function logout(Request $request)
    {
        Auth::logout();

        $request->session()->invalidate();
        $request->session()->regenerateToken();

        return redirect('/login');
    }
}
OutputSuccess
Important Notes

Always validate user input before trying to log in.

Regenerate the session after login to prevent security issues.

Invalidate and regenerate the session token on logout to keep sessions safe.

Summary

Login checks user email and password to allow access.

Logout ends the user session and protects their account.

Laravel's Auth facade makes login and logout easy and secure.