Authentication helps keep applications safe by making sure only the right people can use certain parts. It checks who you are before letting you in.
Auth::attempt(['email' => $email, 'password' => $password]); // or using middleware in routes Route::middleware('auth')->group(function () { // protected routes here });
<?php if (Auth::attempt(['email' => $email, 'password' => $password])) { // User is authenticated return redirect()->intended('dashboard'); } else { // Authentication failed return back()->withErrors(['email' => 'Invalid credentials']); }
Route::middleware('auth')->get('/profile', function () { // Only logged-in users can see this return view('profile'); });
This simple Laravel setup shows a login form, processes login, and protects the dashboard page so only logged-in users can see it.
<?php use Illuminate\Support\Facades\Route; use Illuminate\Support\Facades\Auth; // Route to show login form Route::get('/login', function () { return view('login'); }); // Route to handle login form submission Route::post('/login', function () { $credentials = request()->only('email', 'password'); if (Auth::attempt($credentials)) { return redirect()->intended('/dashboard'); } return back()->withErrors(['email' => 'Invalid credentials']); }); // Protected dashboard route Route::middleware('auth')->get('/dashboard', function () { return 'Welcome to your dashboard, ' . Auth::user()->name; });
Always hash passwords before storing them; Laravel does this automatically.
Use middleware to protect routes instead of checking authentication manually everywhere.
Authentication is the first step to securing your app; combine it with authorization for better control.
Authentication checks who a user is before allowing access.
Laravel makes authentication simple with Auth facade and middleware.
Protect sensitive parts of your app by requiring users to log in.